Understanding and mitigating NTP-based DDoS attacks
The text discusses NTP-based DDoS attacks, which have become popular recently and caused trouble for some gaming web sites and service providers. These attacks work by exploiting the Network Time Protocol (NTP), a simple UDP-based protocol that can be persuaded to return a large reply to a small request. The amplification factor of NTP is 206x, making it ideal as a DDoS tool. To mitigate these attacks, web site owners should make configuration changes to firewalls and NTP servers. Additionally, implementing BCP-38 would eliminate source IP spoofed attacks of all kinds (DNS, NTP, SNMP, ...).
Company
Cloudflare
Date published
Jan. 9, 2014
Author(s)
John Graham-Cumming
Word count
1243
Language
English
Hacker News points
None found.