Quick Fix for NTP DDoS Attack (Reflection Attack)

All you need to do is add few lines in linux ntp configuration file i.e ntp.conf

Here’s how your ntp.conf will look like- this is just one way of blocking the NTP reflection attacks.

restrict default ignore // Config to Restrict all by default

restrict NTP Server IP Address mask 255.255.255.255 nomodify notrap noquery
 // Deny any queries or modification requests from the NTP Server

restrict Client Subnet mask 255.255.255.0 //Needed only if the Linux Machine 
is acting as server to other clients.

server NTP Server IP Address

server 127.127.1.0

fudge 127.127.1.0 stratum 10 

Again this is just one way of doing it quick.

For more information read the security bulletin from the ntp.org.

Linux |