CMTS used for NTP Reflection Attack | docsis.org

You are here

CMTS used for NTP Reflection Attack

2 posts / 0 new
Last post
gent
CMTS used for NTP Reflection Attack

We have a CASA C2200 CMTS and recently being used for NTP Reflection Attack. I am trying to figure out how can I block requests coming in from Internet for NTP but could not figure out a good way of doing this. Did anybody figure this out?
Thanks,
Gent

lboyd
Firewall

Add a rule to drop inbound UDP port 123 on your WAN interface. If the attack is originating on the DOCSIS interface you need to accept UDP port 123 from HFC IP address's and drop them from all others.

Leo

Log in or register to post comments