Re: [chrony-dev] Traffic amplification with chrony commands

[ Thread Index | Date Index ]


On Mon, Jan 20, 2014 at 09:54:36AM -0800, Bill Unruh wrote:
> Chronyd would then have to test the incoming packet to make sure tha tthere
> was enough padding. After all, the attacker can send whatever packets he
> wants, so if the padding is in any sense optional they will neglect it.

Right. Currently, chronyd checks if the packet has complete header and
ignore it if it doesn't. That would be extended to include the
padding.

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/