NTP security hole CVE-2013-5211?
Info / RIT.lt
info at rit.lt
Fri Mar 21 10:41:52 UTC 2014
Dear FreeBSD users, my first experience with FreeBSD was 14 years ago, but due to hardware problems I chose Linux. After working with Linux for 14 years, I decided to give a shot to FreeBSD again. After setting up FreeBSD server with jails, I became a victim of DDoS which was launched from my dedicated server, investigation led to NTP server, this misconfiguration left with default settings shocked me, please fix this configuration bug.
Firewall is for filtering traffic, but not for hiding buggy configs.
Regards,
Mindaugas Bubelis
________________________________________
From: owner-freebsd-security at freebsd.org <owner-freebsd-security at freebsd.org> on behalf of Brett Glass <brett at lariat.org>
Sent: Friday, March 21, 2014 6:44 AM
To: Micheas Herman; freebsd-security at freebsd.org
Subject: Re: NTP security hole CVE-2013-5211?
At 10:38 PM 3/20/2014, Micheas Herman wrote:
>While true, that does mean that amplification attacks are limited to being
>able to attack those ten machines.
The amplifier/relay is also a victim, and can be completely disabled by the attack
if its link to the Net becomes saturated.
--Brett Glass
_______________________________________________
freebsd-security at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list