[OpenIndiana-discuss] Avoiding the NTP amplification exploit
Bob Friesenhahn
bfriesen at simple.dallas.tx.us
Wed Feb 12 18:17:25 UTC 2014
On Wed, 12 Feb 2014, Saso Kiselkov wrote:
>
> What services was the system providing? Was NTP one of them? If not,
> then why were you not running ipf? Always use layered defenses, minimize
> attack surfaces and don't assume services are configured properly out of
> the box, or that they are without bugs.
NTP is enabled for the purpose of local clock synchronization. SSH
is the only other protocol enabled. The network firewall is very
restrictive but does allow NTP and SSH to any host.
I agree with your ideas on defense, but when you are intentionally
running a very heterogenous network (as I do), there is not time
available to learn the configuration details peculiar to each and
every system. I do not enable any more services than are absolutely
required.
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
More information about the OpenIndiana-discuss
mailing list