[nsp-sec] NTP server under attack
Joe Abley
jabley at hopcount.ca
Mon Nov 4 20:34:34 EST 2013
NTP as a protocol makes a pretty poor amplifier. If this is a
reflection attack, I'd be interested to understand why.
Aue Te Ariki! He toki ki roto taku mahuna!
> On Nov 4, 2013, at 17:22, "Matthew.Swaar at us-cert.gov" <Matthew.Swaar at us-cert.gov> wrote:
>
> ----------- nsp-security Confidential --------
>
> Thomas,
>
> Is it possible that the inbound traffic was intended as a reflective attack? (Was there a consistent source IP or a small number of them?)
>
>
> Very Respectfully,
>
> US-CERT Ops Center
> 888-282-0870
> POC: Matt Swaar - Analyst
>
> -----Original Message-----
> From: nsp-security [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Thomas Mangin
> Sent: Monday, November 04, 2013 8:08 PM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] NTP server under attack
>
> ----------- nsp-security Confidential --------
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list