rssLink RSS for all categories
 
icon_red
icon_green
icon_red
icon_red
icon_blue
icon_green
icon_green
icon_red
icon_red
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_red
icon_orange
icon_red
icon_red
icon_red
icon_red
icon_green
icon_red
icon_red
icon_red
icon_red
icon_orange
icon_green
 

FS#6321 — FS#10222 — NTP AMP

Attached to Project— Anti-DDoS
Maintenance
Backend / Core
CLOSED
100%
There are currently many DDoS on NTP AMP. Some of our customers have server equipped with badly protected NTP servers, which can be exploited by a spoofed DDoS attack. The server can then become as one of the IP that took part in a DDoS attack. We detect this kind of attack in a few seconds but there could be huge consequences for the victim of this attack.

As a result, we've just enabled VAC on all NTP flows (port 123) regardless of DDoS detection or not. This will allow us to analyse the NTP packet and filter all requests that are often used during the attacks. Meanwhile the standard requests will work. We have developed this active filter on Tilera: http://status.ovh.net/?do=details&id=6209
Date:  Wednesday, 12 February 2014, 18:34PM
Reason for closing:  Done