Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
exp1312014-01-20 13:34:15
FreeBSD
exp131, 2014-01-20 13:34:15

NTP reflection attack - amplification, how to check the server for vulnerabilities?

Greetings.
I rent a server from Hetzner. Today I received messages from them that 3 of my servers received identical abuses on the NTP reflection - amplification attack.
One is FreeBSD 9.0-RELEASE, the other two are 9.1-RELEASE-p2.
The odd thing is that the NTPd service is disabled on all three. I specifically turned it off at the beginning of the year, because. by default they open 123 UDP port outside.
Checks
ntpdc -c monlist XX.XX.XX.XX(XX.XX.XX.XX - IP address of tested servers)
Issue: Connection refused.
Tell me where to look for the cause?
There are no web servers on all servers, only FTP is on a non-standard port, SSH is also on a non-standard port and password authorization is disabled, only by key.
Login logs only show my connections from known IPs.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2014-01-20
@bondbig

Write the same text to Hetzner?

Similar questions
C
Cyrus2014-11-30 19:31:04
Deploy django to freebsd+nginx+uwsgi? 3Reply
A
Azizka2016-12-05 01:24:58
Why can't I install sudo on FreeBSD? 1Reply
A
Anton Grebnevsky2017-01-03 11:47:21
Cavium Nitrox III CNN3570-C20 who faced? 2Reply
I
Ivan Semenov2019-05-30 09:03:44
How to output the result of a job in cron to a file with a runtime stamp? 2Reply
V
Vasily Alibabaevich2021-02-06 12:49:18
How to open 443 and 80 port through a specific interface? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question