On Feb 21, 2014, at 9:55 AM, Dobbins, Roland <rdobb...@arbor.net> wrote:
> Filtering out packets this size from UDP/anything to UDP/123 allows time-sync > requests and responses to work, but squelches both the level-6/-7 commands > used to trigger amplification as well as amplified attack traffic. Also, the reverse - UDP/123 - UDP/anything, for the amplified attack traffic. ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton
