[SOLVED] Re: Semi-urgent: Disable NTP replies?

Kurt Buff kurt.buff at gmail.com
Wed Feb 19 06:24:02 UTC 2014

On Tue, Feb 18, 2014 at 7:09 PM, Ronald F. Guilmette
<rfg at tristatelogic.com> wrote:
> Thanks much to everybody who responded.  All of the responses were
> enlightening and much appreciated.
> Obviously, yes, I screwed up big time when I constructed my firewall
> rules, and I was inadvertantly and unintentionally allowing stuff to
> come in from the outside on udp/123.
> That is no longer the case.  I now have a rule in place to block it
> all... and I'm not likely to make THAT mistake again!  (Live and
> learn.)

This is the important lesson - learning. Don't worry about it, you
fixed it - many of us got caught out by it, even those who, like me,
preach "default deny".

So, in that vein, this notice:

TA14-017A: UDP-based Amplification Attacks


More information about the freebsd-questions mailing list