Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 21 Mar 2014 10:41:41 +0000
From:      Info / RIT.lt <info@rit.lt>
To:        Brett Glass <brett@lariat.org>, Micheas Herman <m@micheas.net>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject:   RE: NTP security hole CVE-2013-5211?
Message-ID:  <bf87380c6cba4318aefb740a2f2ae69e@DBXPR06MB318.eurprd06.prod.outlook.com>
In-Reply-To: <201403210444.WAA05541@mail.lariat.net>
References:  <201403210421.WAA05406@mail.lariat.net> <CAJw6ijkqBTzcD-WyOQtiU3=R2W8fZjKR=qo5AW9836fOkyNudQ@mail.gmail.com>, <201403210444.WAA05541@mail.lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

Dear FreeBSD users, my first experience with FreeBSD was 14 years ago, but due to hardware problems I chose Linux. After working with Linux for 14 years, I decided to give a shot to FreeBSD again. After setting up FreeBSD server with jails, I became a victim of DDoS which was launched from my dedicated server, investigation led to NTP server, this misconfiguration left with default settings shocked me, please fix this configuration bug.

Firewall is for filtering traffic, but not for hiding buggy configs.

Regards,
Mindaugas Bubelis
________________________________________
From: owner-freebsd-security@freebsd.org <owner-freebsd-security@freebsd.org> on behalf of Brett Glass <brett@lariat.org>
Sent: Friday, March 21, 2014 6:44 AM
To: Micheas Herman; freebsd-security@freebsd.org
Subject: Re: NTP security hole CVE-2013-5211?

At 10:38 PM 3/20/2014, Micheas Herman wrote:

>While true, that does mean that amplification attacks are limited to being
>able to attack those ten machines.

The amplifier/relay is also a victim, and can be completely disabled by the attack
if its link to the Net becomes saturated.

--Brett Glass

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bf87380c6cba4318aefb740a2f2ae69e>