[time-nuts] NTP as vector for DDOS attacks?
Jim Lux
jimlux at earthlink.net
Fri Jan 10 16:10:41 EST 2014
On 1/10/14 1:06 PM, Paul wrote:
> On Fri, Jan 10, 2014 at 2:52 PM, Chris Albertson
> <albertson.chris at gmail.com>wrote:
>
>> It's not a big deal. Even if one pool NTP server is down
>>
>> On Fri, Jan 10, 2014 at 4:32 AM, Jim Lux <jimlux at earthlink.net> wrote:
>>
>>
>>> The article talks about how the victim site can easily filter out the
>>> messages from the NTP server, but does not seem to discuss the "societal"
>>> impact of potentially screwing up a public service (the NTP server)
>>
>
> It's an amplification attack. It's about taking down citi.com or
> whitehouse.gov -- not taking down pool.ntp.org (or any part of it).
>
Yes..
but how long before someone thinks of putting the amplifier after a
botnet, rather than driving it directly.
More information about the time-nuts
mailing list