On 12/25/2013 11:35 AM, John Levine wrote:
I have two FreeBSD servers where the NTP daemons are using double digit CPU percentages today rather than the usual 0.01%. Restarting them didn't help.
The clock on my Android phone is five hours slow. (It's not the time zone, I checked that.)
Is this just my special Christmas present, or are there screwed up NTP servers?
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
you probably need to configure them correctly with: restrict default ignore and add additional restrict lines if you have need for other legitimate servers to make contact with them. i suspect right now you're providing an ntp amplification attack to the spoofed source address. -david