If you are a member of the general public:
How can I check my server? - run the command ntpdc -n -c monlist 192.0.2.1 or ntpq -c rv 192.0.2.1 - If you see a response, your server may be used in attacks.
How can I fix my server, router or other device? You should upgrade tp NTP-4.2.7p26 or later. You can add disable monitor to your ntp.conf and restart your NTP process if on an earlier version. Also check out the Team Cymru Secure NTP Template - Also see NTP Bug #1532
The server should also not respond to loopinfo or iostats requests as well
We test the internet for NTP MODE 6 and MONLIST MODE 7 responses.
Cisco customers should ask about or open a case against CSCum44673.
2014-02-13 - Technical Details behind 400Gb/s NTP attack
2014-01-13 - 100Gb/s attacks using NTP
2013-12-26 - Christmas 2013 NTP Attacks
If you are a member of the security community:
You can contact the ntp-scan /at/ puck.nether.net to obtain the raw data. It is available for re-use in your reporting.