Category Archives: Network

NTP Spoof Attacks

Apparently 2 out of 3 of our GPS clocks were being used in a spoof/DDOS attack.

The basic premise is that time requests are sent to the service with a spoofed IP for the response. Add in 100/1000/10000 clocks send results to a server/service that did not request them results in a denial of service attack.

Both clocks have been removed from the pool, scheduled for February 6th. Hickory.kulish.com has port 123 UDP closed at this time. The maintainer of Dickory.kulish.com has been notified.

Debian Jumbo Frames

2 NAS servers both with 802.3ad bonded gigE nics based on the Realtek 8169 chip.
The highest MTU I could set was 7000 even though the D-Link DGS-1210-24 Rev. A switch can support up to 10k.

Below is just a single sample, but all tests stayed within 57x Mbits for MTU=1500 and 77xMbits for MTU=7000.

The important bits.
iperf was used for this testing.

MTU 1500:
[ 3] 0.0-10.0 sec 687 MBytes 576 Mbits/sec


MTU 7000:
[ 3] 0.0-10.0 sec 926 MBytes 777 Mbits/sec