nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TWC (AS11351) blocking all NTP?

From: Glen Turner <gdt () gdt id au>
Date: Tue, 4 Feb 2014 11:10:35 +1030

On 4 Feb 2014, at 9:28 am, Christopher Morrow <morrowc.lists () gmail com> wrote:


wait, so the whole of the thread is about stopping participants in the
attack, and you're suggesting that removing/changing end-system
switch/routing gear and doing something more complex than:
 deny udp any 123 any
 deny udp any 123 any 123
 permit ip any any


Which just pushes NTP to some other port, making control harder. We’ve already pushed all ‘interesting' traffic to port 
80 on TCP, which has made traffic control very expensive. Let’s not repeat that history.

-- 
 Glen Turner <http://www.gdt.id.au/~gdt/>
Previous By Date Next
Previous By Thread Next

Current thread: