[Nix-dev] ntp monlist ddos vulnerability

Marc Weber marco-oweber at gmx.de
Mon Feb 24 17:41:54 CET 2014


Excerpts from Mathijs Kwik's message of Mon Feb 24 16:27:58 +0000 2014:
> Our ntpd version (stable, 2011) contains a feature called 'monlist',
> which is enabled by default. This feature has recently been abused by
> huge ntp-amplification ddos attacks.
I'd say its a strong reason - so at least make it "opt-in" and document
it (or do what you proposed)

Marc Weber


More information about the nix-dev mailing list