To second Jared on this one, we’ve seen a HUGE increase in NTP-based attacks over the past several weeks with our colo customers. It’s very efficient too – even a pretty low end machine can saturate a 100M link. It reminds me of SQL slammer… If you haven’t yet checked that you’re safe from this you should. See: https://www.us-cert.gov/ncas/alerts/TA14-013A and https://www.us-cert.gov/ncas/alerts/TA14-017A for more info… -Bill From: Outages [mailto:outages-bounces@outages.org] On Behalf Of Jared Mauch Sent: Wednesday, February 12, 2014 1:21 PM To: Bryan Inks Cc: outages@outages.org Subject: Re: [outages] Internap Being DDoS'd Close your NTP amplifiers and prevent the spoofing.. Will solve this one. Openntpproject.org<http://Openntpproject.org> can help you. Jared Mauch On Feb 12, 2014, at 12:45 PM, "Bryan Inks" <Binks@keyinfo.com<mailto:Binks@keyinfo.com>> wrote: Just got confirmation from Internap NOC that they are being attacked again. Causing quite a bit of chaos for my network in SoCal. I’m having to route over to Level3 to minimize the issue. _______________________________________________ Outages mailing list Outages@outages.org<mailto:Outages@outages.org> https://puck.nether.net/mailman/listinfo/outages