North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Open Letter to D-Link about their NTP vandalism
Rubens Kuhl Jr. wrote: <big snip>
Oh, I see two things here - the first is that he's in charge of his DNS, which he probably isn't. DIX likely is, but that's minor. They'll probably support him in this.It still would require him to answer the DNS requests. Only way to addres that is everybody outside DIX declare gps.dix.de as www.dlink.com in their resolvers.
The second is that I was concatenating this letter and the also referenced Netgear letter, where they were doing refs by IP address instead of DNS like the D-Link is.
Combine both of them - reject outside the DIX DNS requests outside the service area (or send them to a DLink CNAME as mentioned) and as a backup reject/redirect all NTP from outside to the gps.dix.de IP address at the edge.
Belt and Suspenders as such.
As for the bogus NTP data idea... how many people buying a consumer grade router like this even have a clue what NTP is, much less notice what it's doing to that box over in the corner? It won't affect their computer, therefore they won't care. It's just buzzwords on the box.