Seems from my analysis that for a while the default debian/ubuntu ntp.conf has been:
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

So even older ntp servers should be immune by default.

It might also be a useful occasion to plug nz.pool.ntp.org. If you have a public ntp server please add it to the pool.
http://www.pool.ntp.org/zone/nz
Makes for sad reading. Currently only 11 NZ public servers, down from a high of 21 in 2011.
Only 4 IPv6 servers :( (yes, i'm one of them).

Joel van Velden
Cloud Scale
www.cloudscale.co.nz


On 11/02/2014 5:31 p.m., Tim Price wrote:
Was just wondering how this effects .nz’s public NTP servers, i know that i’ve had to firewall off a number of NTP servers that were in the oceanic pool up until a day ago.  How long before we lose ntp[1-3].ntp.net.nz?

On 11/02/2014, at 4:43 pm, Juha Saarinen <juha@saarinen.org> wrote:

http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes-us-europe.aspx

Amplification factor: 58.5.

-- 
Juha Saarinen
twitter: juhasaarinen

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog



_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog