I have been suffering badly from DDOS over the last week and found that my NTP servers were the cause of the problem:- they did not have the restriction line - restrict kdo nomodify nopeer noquery notrap in the configuration file ntp.conf. This was to stop the monlist amplification request which overloaded out adsl pipeline. I fixed our main servers, but as we were running both the FILR and IPRINT appliances, I checked the ntp.conf file of these machines as a matter of course. Both appliances have this restriction missing, so as the ntp server is running in both cases, I made the appropriate changes.

This may not be too important to users of Novell Appliances, but I think it is worth bringing it to the forums attention.