[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ddos attack blog

Subject: ddos attack blog
From: hmurray at megapathdsl.net (Hal Murray)
Date: Fri, 14 Feb 2014 15:00:34 -0800

> I was being a bit extreme, I don't expect UDP to be blocked and there  are
> valid uses for NTP and it needs to pass. Can you imagine the trading
> servers not having access to NTP? 

Sure.

They could setup internal NTP servers listening to GPS.  Would it be as good 
overall as using external servers?   Probably not, but it might be good 
enough.  I doubt if it would be very high on any trading floors list of nasty 
problems.

They could arrange to poke holes through the generic UDP block - whitelist 
the few known cases where UDP traffic is expected.  Would it be a pain to 
administer?  Probably, but I'll bet it could be made to work.


-- 
These are my opinions.  I hate spam.

Follow-Ups:
- ddos attack blog
  - From: joelja at bogus.com (joel jaeggli)

Prev by Date: Permitting spoofed traffic [Was: Re: ddos attack blog]
Next by Date: ddos attack blog
Previous by thread: ddos attack blog
Next by thread: ddos attack blog
Index(es):
- Date
- Thread