[SOLVED] Re: Semi-urgent: Disable NTP replies?
Kurt Buff
kurt.buff at gmail.com
Wed Feb 19 06:24:02 UTC 2014
On Tue, Feb 18, 2014 at 7:09 PM, Ronald F. Guilmette
<rfg at tristatelogic.com> wrote:
>
>
> Thanks much to everybody who responded. All of the responses were
> enlightening and much appreciated.
>
> Obviously, yes, I screwed up big time when I constructed my firewall
> rules, and I was inadvertantly and unintentionally allowing stuff to
> come in from the outside on udp/123.
>
> That is no longer the case. I now have a rule in place to block it
> all... and I'm not likely to make THAT mistake again! (Live and
> learn.)
This is the important lesson - learning. Don't worry about it, you
fixed it - many of us got caught out by it, even those who, like me,
preach "default deny".
So, in that vein, this notice:
TA14-017A: UDP-based Amplification Attacks
https://www.us-cert.gov/ncas/alerts/TA14-017A
Kurt
More information about the freebsd-questions
mailing list