“Luckily, there are few open SNMP servers on the Internet and SNMP usually requires authentication (although manly are poorly secured).”
A 2012 study revealed 13k+ open SNMP servers amongst 25 million Dutch IPs scanned .
 [Dutch] http://www.itsx.com/files/2012-11-SNMP-paper-v1.0.pdf
On the other hand, the number of open DNS resolvers used in the attacks described in the presentation (slides 7/8) were around 30K, and with a much smaller amplification factor, so these numbers can still do some damage.
It would be interesting to know if there have been "hybrid" DDOS attacks, utilizing multiple spoofed-origin+amplification methods.
Oh well, at least it only affect our installation and should not affect the customer network more than that. They have a stupid amount of capacity.
restrict default kod notrap nomodify nopeer noquery
What is the size of a TAICLOCK response? (TAICLOCK is a more precise NTP alterative.)