-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 13/01/2020 11.59, Per Jessen wrote: | Carlos E. R. wrote: | |>> |>>> Can someone outside query me? Perhaps |>>> 0.opensuse.pool.ntp.org? No, they would bang on my firewall. |>>> Both on the router firewall and my machine firewall, IIRC. |>> |>> Not unless you have port forwarding enabled for 123/udp in |>> your NAT setup. |> |> Right. |> |> I don't even know if they try, though. | | Oh yes, they do. Look up "ntp amplification attack". I heard of it, did not look up the details. <https://www.imperva.com/learn/application-security/ntp-amplification/> In the most basic type of NTP amplification attack, an attacker repeatedly sends the “get monlist” request to an NTP server, while spoofing the requesting server’s IP address to that of the victim server. The NTP server responds by sending the list to the spoofed IP address. This response is considerably larger than the request, amplifying the amount of traffic directed at the target server and ultimately leading to a degradation of service for legitimate requests. - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXhxnBAAKCRC1MxgcbY1H 1eJFAJ0eWzUcrGkW9wdaGM6sl3GCRs6Q5gCgksUuslnSIvcxEMEqZyq9J3tzDiM= =prP+ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org