[Ninux-Wireless] DrDOS su ntp in corso su Internet
Saverio Proto
zioproto a gmail.com
Gio 13 Feb 2014 15:28:56 CET
C'e' in corso un attacco di tipo DrDOS, chi ha un server ntp dentro
Ninux deve controllare di avere la configurazione giusta.
Girate alle varie mailing lists delle isole.
Riferimenti:
http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using
Understanding and mitigating NTP-based DDoS attacks (by John Graham-Cumming)
http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks
DRDoS / Amplification Attack using ntpdc monlist command
http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using
Team Cymru - Secure NTP Template
https://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html
Vulnerability Summary for CVE-2013-5211
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5211
CERT/CC Vulnerability Note VU#348126 - NTP can be abused to amplify
denial-of-service attack traffic
http://www.kb.cert.org/vuls/id/348126
Juniper - Mitigation of NTP amplification attacks involving JunOS
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10613&actp=SUBSCRIPTION
US-CERT Alert (TA14-013A) - NTP Amplification Attacks Using CVE-2013-5211
https://www.us-cert.gov/ncas/alerts/TA14-013A
NTP DoS reflection attacks by Patrikas Kugrinas
https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
Hackers Spend Christmas Break Launching Large Scale NTP-Reflection Attacks
http://www.symantec.com/connect/blogs/hackers-spend-christmas-break-launching-large-scale-ntp-reflection-attacks
Maggiori informazioni sulla lista
Wireless