To second Jared on this one, we’ve seen a HUGE increase in NTP-based attacks over the past several weeks with our colo customers. It’s very efficient too – even a pretty low end machine can saturate a 100M link. It reminds me of SQL slammer…
If you haven’t yet checked that you’re safe from this you should. See: https://www.us-cert.gov/ncas/alerts/TA14-013A and https://www.us-cert.gov/ncas/alerts/TA14-017A for more info… -Bill From: Outages [mailto:[email protected]] On Behalf Of Jared Mauch Sent: Wednesday, February 12, 2014 1:21 PM To: Bryan Inks Cc: [email protected] Subject: Re: [outages] Internap Being DDoS'd Close your NTP amplifiers and prevent the spoofing.. Will solve this one. Openntpproject.org<http://Openntpproject.org> can help you. Jared Mauch On Feb 12, 2014, at 12:45 PM, "Bryan Inks" <[email protected]<mailto:[email protected]>> wrote: Just got confirmation from Internap NOC that they are being attacked again. Causing quite a bit of chaos for my network in SoCal. I’m having to route over to Level3 to minimize the issue. _______________________________________________ Outages mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/outages
_______________________________________________ Outages mailing list [email protected] https://puck.nether.net/mailman/listinfo/outages
