nanog mailing list archives
Re: The somewhat illegal fix for NTP attacks
From: Jimmy Hess <mysidia () gmail com>
Date: Sat, 22 Feb 2014 15:09:06 -0600
On Sat, Feb 22, 2014 at 6:41 AM, Rich Kulawiec <rsk () gsp org> wrote: Perhaps you would rather publish a blacklist of "/24s containing NTP servers open to MONLIST" over UDP port 123 similar to the bogon feeds. And encourage all networks to blackhole the list. That way potential NTP reflection abuse traffic gets stuffed as close to the source as possible.
It's never appropriate to respond to abuse with abuse. Not only is it questionable/unprofessional behavior, but -- as we've seen -- there is a high risk that it'll exacerbate the problem, often by targeting innocent third parties. I understand the frustration but this is not the way. ---rsk
-- -JH
Current thread:
- The somewhat illegal fix for NTP attacks Baldur Norddahl (Feb 21)
- Re: The somewhat illegal fix for NTP attacks Landon (Feb 21)
- Re: The somewhat illegal fix for NTP attacks Rich Kulawiec (Feb 22)
- Re: The somewhat illegal fix for NTP attacks Jimmy Hess (Feb 22)
- Re: The somewhat illegal fix for NTP attacks Alain Hebert (Feb 24)
- Re: The somewhat illegal fix for NTP attacks Jimmy Hess (Feb 22)
- Re: The somewhat illegal fix for NTP attacks Jared Mauch (Feb 22)