[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Thanks for sharing that Dave. It does look like the NTP Pool is now aware of this and at least "some" of the bad volunteers has been removed: http://seclists.org/oss-sec/2016/q1/239 However, it does go to show how the scanners think - NTP - DNS - some other protocol... My recommendation is to at least narrow use to a "local" pool (refer to: http://www.pool.ntp.org/zone/uk), rather than something OS specific such as debian.ntp.org - and if the scanning only occurs "once" per IP address, then maybe setup a local (secured) NTP peer (say, on a firewall) and use that for any internal machines to sync against. Cheers, Steve -----Original Message----- From: list [mailto:list-bounces@xxxxxxxxxxxxx] On Behalf Of Dave Morgan Sent: 27 January 2016 18:12 To: list@xxxxxxxxxxxxx Subject: [LUG] shodan.io scanning ipv6 npt clients If you use ipv6, make sure it is firewalled (link reposted from ntp pool mail list) http://netpatterns.blogspot.de/2016/01/the-rising-sophistication-of-network.html best regards DAve -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq