Dear FreeBSD users, my first experience with FreeBSD was 14 years ago, but due to hardware problems I chose Linux. After working with Linux for 14 years, I decided to give a shot to FreeBSD again. After setting up FreeBSD server with jails, I became a victim of DDoS which was launched from my dedicated server, investigation led to NTP server, this misconfiguration left with default settings shocked me, please fix this configuration bug. Firewall is for filtering traffic, but not for hiding buggy configs. Regards, Mindaugas Bubelis ________________________________________ From: owner-freebsd-security@freebsd.org <owner-freebsd-security@freebsd.org> on behalf of Brett Glass <brett@lariat.org> Sent: Friday, March 21, 2014 6:44 AM To: Micheas Herman; freebsd-security@freebsd.org Subject: Re: NTP security hole CVE-2013-5211? At 10:38 PM 3/20/2014, Micheas Herman wrote: >While true, that does mean that amplification attacks are limited to being >able to attack those ten machines. The amplifier/relay is also a victim, and can be completely disabled by the attack if its link to the Net becomes saturated. --Brett Glass _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"