-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 3/15/14, 2:30 AM, Brett Glass wrote: > At 11:34 PM 3/14/2014, Xin Li wrote: > >> I can't reproduce with fresh install. How did you tested it (or >> what is missing in the default ntp.conf), can you elaborate? > > I have tested it under actual attack. > > Without the lines I mentioned in /etc/ntp.conf, the server will > respond to monitor queries with rejection packets of the same size > as the attack Either it wouldn't or my test was wrong. My test was 'ntpdc -c monlist' and tcpdump. > packets. If the source addresses of the attack packets are spoofed, > the attack is relayed. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTJItIAAoJEJW2GBstM+nsSAAP/3L0Z+c+rd5HLDjtVZ2zvjMD rziFxOUDgIqXv/Ph6vxPwgwYQhXWf6/I6Um/Upacb5AiVWffHyogkuBBGuxvGu1T k2Vz0HzCY3HBMJvO/spQ2vbkfKYLuyrZtKJQMuB7B+wO7wdeKX2hAUDoHN4pKPTt uul5B3cUwZmlAa8kyblWSJHf6bmINKjRZ+R+oKQpYwBBm0JaPWxZgKOCceHWrVTy YhK+IcEtosq5Fw5QS17+J3Qh++evyjVtGP0CeanxLsH108aAPU4WJ6yfzynUQeeX B3U8dviQXsT0XrH5U+ADoF0Y+ypUmyRNLtJShkgQhsqTME2iTOYZcotDj1Ads0Tm kgogo21vTfYW5DT9BCqrDyhba2RVdGHrl9VytyLDws6lDbbFllG0J9nrvrh8O+Ow 8VSb/ENePAMuRlYGxsZ9kob436+/sBT4E7TIVuQM0DwVs6dR16tiVxTCdGnFKe1D BYcwEYE9oGUeGXo/S6VMyO8qDtHGHIFomO8o8LXL6EB2dIUAoWlFZsre+HInDOkn TlTaMcOmemS3ylwpoOoaggSV/6JV+k9ks41WHLy2UjEBHM+Ur9DsRgVhNY513Ouj TuNEiBBwZOj3Y7bAOfKAOyKcKRVcY7CeYz1cq/VgLRbiw/pmHMu1TqRafKF0RHi7 Lhu+UUAIZMtHiDms52UZ =xChL -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"