Last updated: 
2 months 2 weeks ago
Blog Manager
We are the Computer Security and Incident Response Team (CSIRT) for the Janet network. Part of Jisc's Security Operations Centre, our mission is to safeguard the current and future network security of Janet (steering the security policies for all Janet connections) and of our customers, creating a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the Janet network, with specialists tracking a range of platforms, including Unix, Linux and Windows.

Update on filtering of large ntp packets

Wednesday, April 2, 2014 - 11:35

We continue to monitor the effect of the filtering of large ntp packets (> 128 bytes) at the Janet borders. Where people have had concerns we've been working with them to make sure that their work is impacted as little as possible by this measure.

The filtering has had a large reduction on the impact to Janet infrastructure but the current filtering limits still allow enough traffic through the Janet border to cause disruption for customers with 100Mb/s, or busy 1Gb/s, connections.

To protect these customers we will be reducing the bandwidth limits to 5Mb/s per border interface. We think that this will filter the worst of these attacks whilst still allowing a good opportunity for any users of large ntp packets during periods when Janet is not being targeted (we'd still be allowing approximately 1,000pps).

Please let us know if you have any questions or concerns. We will do our best to work with any user of these packets. We have been posting periodic updates on the situation to the UK-SECURITY mailing list, http://community.ja.net/ and @JanetCSIRT on twitter.