I'm just wondering what mitigation network administrators have implemented to prevent the
Is upgrading to NTP 4.2.7p26 or later the best solution? Disabling remote queries entirely, or simply disabling monitor queries [1]?
[0]
http://web.nvd.nist.gov/view/vuln/detai ... -2013-5211
http://support.ntp.org/bin/view/Main/Se ... tack_using
[1] /etc/ntp.conf mitigation:
ntpdc monlist
query DRDoS attack [0]?Is upgrading to NTP 4.2.7p26 or later the best solution? Disabling remote queries entirely, or simply disabling monitor queries [1]?
[0]
http://web.nvd.nist.gov/view/vuln/detai ... -2013-5211
http://support.ntp.org/bin/view/Main/Se ... tack_using
[1] /etc/ntp.conf mitigation:
Code:
# disable remote queries entirely
restrict default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
# disable monitor queries
disable monitor