Following on from DNS Amplification DDOS attacks, more recently NTP services are being utilised for Amplification DDOS attacks to reflect traffic against other networks.
There are two major issues, which is "Monlist", and "Readvar".
Below are some basic steps, to reduce the effectiveness of these kind of attacks, by locking down the default restrictions within the configuration.
You can read up further on this at the below URL's.
Within ntpd on *nix
To Resolve most issues, you would need to add the below to /etc/ntp.conf. (This should resolve both monlist, and readvar issues).
restrict default ignore
Then restart the ntpd service (or ntp on some OS')
To test that this has worked, you can use the following queries from a remote Linux Machine
ntpq -c rv [ip]
ntpdc -n -c monlist [ip]
And expect a "connect timeout" error, if your work has been successful to secure the NTP service.