Henning Follmann <hfollm...@itcfollmann.com> wrote: > On Tue, Jan 28, 2014 at 01:43:17PM +0800, lina wrote:
>> I read something online, and wonder: >> 1] shall I close the port 123 >> 2] disable ipv6 >> >> Shall I follow the advice from https://wiki.debian.org/DebianIPv6 to >> turn off the ipv6 in wheezy as in squeeze, > STOP NTP! > ntpd is currently abused as a DDOS attack vector. > If your ntpd responds to ntpdc -n -c monlst <IP of ntpd> > you have to disable the monitor function (at least). If you have not "butchered" the default ntp.conf from the debian package, there is no need to be hasty, as the Debian default is safe and cannot be used for the mentioned DDoS attack. Just check if the following lines are present and active in your ntp.conf: restrict -4 default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery Grüße, Sven. -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/8adb01eet...@mids.svenhartge.de
