ntpd attack,why?

P

postcd

Guest
Hello, i got this message (pastebin.com/T3zQa4iU) that one of VPS participated in NTP attack. Im providing an VPS to one person,

this is running on it:
"/usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 102:103"

from /etc/passwd:
ntp:x:102:103::/home/ntp:/bin/false

from /etc/ntp.conf
restrict default kod notrap nomodify nopeer

i followed advices provided by that attack report, what else you see from outputs above please? Do you think that person is doing this intentionally?
 

Staff online

Members online


Top