[RndTbl] Fwd: OpenNTPD and NTP reflection attacks

Adam Thompson athompso at athompso.net
Thu Jan 16 21:54:54 CST 2014


Along the lines of a question Alan raised at the meeting this week... 
apparently NTP DDoS attack are a thing now.  :-(
-Adam



-------- Original Message --------
Subject: 	OpenNTPD and NTP reflection attacks
Date: 	Wed, 15 Jan 2014 13:36:12 -0600
From: 	Nicolai <nicolai-omisc at chocolatine.org>
To: 	misc at openbsd.org



Hi everyone,

I have a question about OpenNTPD now that NTP reflection attacks are in
the news.  OpenBSD produces and uses its own OpenNTPD, primarily written
by Henning and made portable by Darren Tucker.

The following website:

  http://openntpproject.org/

is an important effort to minimize reflection-related holes in NTP
software.  The given test command is not supported by OpenNTPD,
suggesting no major amplification.  And after reading the manual pages I
don't think there's an alternative for getting OpenNTPD to generate a
large amplification, though I could be wrong.

So, is it correct to say that OpenNTPD is immune from generating large
amplifications?  (Recent articles on the subject mention 100x
amplification factors!)

Nicolai


-- 
-Adam Thompson
  athompso at athompso.net
  Cell: +1 204 291-7950
  Fax: +1 204 489-6515



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20140116/cb78d5fb/attachment.html>


More information about the Roundtable mailing list