Date: Tue, 18 Feb 2014 22:24:00 -0800 From: Kurt Buff <kurt.buff@gmail.com> To: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: [SOLVED] Re: Semi-urgent: Disable NTP replies? Message-ID: <CADy1Ce7RFnSvv=1LC%2BAAXeJGS7C7atqVhwHqvo0Mr_6%2B%2BwJGYQ@mail.gmail.com> In-Reply-To: <3975.1392779391@server1.tristatelogic.com> References: <3975.1392779391@server1.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 18, 2014 at 7:09 PM, Ronald F. Guilmette <rfg@tristatelogic.com> wrote: > > > Thanks much to everybody who responded. All of the responses were > enlightening and much appreciated. > > Obviously, yes, I screwed up big time when I constructed my firewall > rules, and I was inadvertantly and unintentionally allowing stuff to > come in from the outside on udp/123. > > That is no longer the case. I now have a rule in place to block it > all... and I'm not likely to make THAT mistake again! (Live and > learn.) This is the important lesson - learning. Don't worry about it, you fixed it - many of us got caught out by it, even those who, like me, preach "default deny". So, in that vein, this notice: TA14-017A: UDP-based Amplification Attacks https://www.us-cert.gov/ncas/alerts/TA14-017A Kurt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADy1Ce7RFnSvv=1LC%2BAAXeJGS7C7atqVhwHqvo0Mr_6%2B%2BwJGYQ>