Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
734 Views 3 Replies Latest reply: Jan 31, 2014 1:02 PM by seebvey RSS
seebvey Apprentice 49 posts since
Nov 19, 2009
Currently Being Moderated

Jan 31, 2014 5:49 AM

NTP DoS refelction attack

Hi Guys,

 

in Germany actually there are a lot of NTP DoS attacks running.

 

If you NTP Server on the Sidewinder is reachable from external, please add these line to you ntp.conf.<burbnumber or zonename of external zone>: (/secureos/etc/ntp/ntp.conf.external)

 

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

restrict 127.0.0.0 mask 255.0.0.0

restrict -6 ::1

 

 

Save and restart the ntp daemon. cf daemond restart agent=ntp

 

Attention: After a Firewall reboot or a GUI change of the NTP Settings, these line are gone!

 

 

@McAfee

Maybe you can publish a NTP-Patch for the Sidewinder Firewall.

 

More Information:

https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks

 

regards

Sebastian

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points