В Fri, 07 Mar 2014 10:09:32 -0300 Cristian Rodríguez пишет:

El 07/03/14 10:01, Paul Neuwirth escribió:

...

Hallo, analyzing my network traffic i saw lot's of high volume connections from my ntpd to game servers.. googling arround (https://www.google.com/search?q=ntp+xbox+gameserver) i read about DDoS attacks using ntp. How to avoid my ntpd being used for that? installed ntp-4.2.6p5-9.3.1.x86_64 Thanks for help

You need to apply the relevant security updates.

There are no patches. You need to manually harden ntp.conf. It is impossible to implement via patch.

See http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplificat... and the linked articles.

-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org

Andrey Borzenkov wrote:

В Fri, 07 Mar 2014 10:09:32 -0300 Cristian Rodríguez пишет:

...

El 07/03/14 10:01, Paul Neuwirth escribió:

...

Hallo, analyzing my network traffic i saw lot's of high volume connections from my ntpd to game servers.. googling arround (https://www.google.com/search?q=ntp+xbox+gameserver) i read about DDoS attacks using ntp. How to avoid my ntpd being used for that? installed ntp-4.2.6p5-9.3.1.x86_64 Thanks for help

You need to apply the relevant security updates.

There are no patches. You need to manually harden ntp.conf. It is impossible to implement via patch.

And if you're not running a public NTP service, blocking port 123 in the firewall ought to be sufficient. -- Per Jessen, Zürich (10.8°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org