On 11/5/2013 5:41 AM, Marco Marongiu wrote:
Hi all
A colleague contacted me yesterday and asked:
You being somewhat tied to the NTP world, hear anything about public
NTP servers being used for amplification in ddos attack?
I haven't heard anything about that. Have you? In case, anything you can
share about that?
There was a CVE many years ago that sounds similar. It was possible to
send a malformed NTP packet with a spoofed IP address that resulted in
continuous ping ponging between two servers. If you did that with enough
servers so that they were all ping ponging packets with one server, you
could swamp it. But as I said that was fixed quickly and years ago.
Brian Utterback.
_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions
