On 2014-03-01 15:43, [email protected] wrote:
My NTP server is part of the pool project and appears to be running fine. Comcast contacted me about a month ago to let me know that my NTP server was infected with a bot. I checked and everything seems to be ok. I re-enabled my server about a week ago and I received another phone call last week concerning security on my network. I contacted Ask and he said that it was not a bot but an issue with my server allowing management requests. I asked Ask how to properly configure my Meinberg client to not allow management requests because I understand that they can be problematic. I know the config for ntpd but I am not sure of the proper syntax for Meinberg. Can someone provide me with that info?
Banner on http://support.ntp.org links to http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using and recommends restrict default noquery [and possibly other no... options] or you could use restrict default ignore; also add disable monitor. -- Take care. Thanks, Brian Inglis _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
