[Cialug] ntp exploit
Nicolai
nicolai-cialug at chocolatine.org
Fri Feb 14 22:33:53 CST 2014
On Thu, Feb 13, 2014 at 11:56:19AM -0600, David Champion wrote:
> If your'e running ntpd, there is a common attack going on.
openntpproject.org is useful for finding open ntp servers, e.g.:
http://www.openntpproject.org/search2.cgi?botnet=yessir&search_for=67.224.64.0%2F22
http://www.openntpproject.org/search2.cgi?botnet=yessir&search_for=69.170.144.0%2F22
It's really important that people close these servers down.
So again, just go here:
http://openntpproject.org/
A list of ASNs that participated in the 400gbps attack against
Cloudflare was posted here:
https://docs.google.com/spreadsheet/ccc?key=0AhuvvqAkGlindHFtS0pJa0lYZGNlLXNONWtlY01qanc&usp=sharing
netINS is on the list (bad). I don't see Internet Solver (good) or
others from the mailing list, just at a quick glance.
Nicolai
More information about the Cialug
mailing list