North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open Letter to D-Link about their NTP vandalism

  • From: Richard A Steenbergen
  • Date: Fri Apr 07 18:50:30 2006

On Fri, Apr 07, 2006 at 12:52:29PM -0700, Etaoin Shrdlu wrote:
> Well, this is at least marginally on topic, and I think it deserves a 
> wider audience. It is written by Poul-Henning Kamp (the affected party). 
> Please read it.

*sigh* Yes yes everyone loves a good "large stupid company screws the 
little guy by sticking their small/free service into a commercial product" 
story, but unfortunately none of these solutions are very pragmatic. If I 
hosted an NTP server and dlink put it in a default query list of a default 
firmware, and then I asked them to pay my Equinix bill for the next 5 
years, I would fully expect them to provide a nice little ascii diagram of 
exactly where I could stick it.

Its just NTP, I can't imagine that it is *really* enough traffic to care 
all that much. There are probably a hundred people on this list who could 
donate free transit for this and not give it a second thought (hell if I 
had a pop anywhere close to .dk I would donate a gigabit solely to end 
this nanog thread before it turns into a bunch of self-righteous whining). 
There are probably an equal number of people who could donate hardware for 
this, either for filtering or for the IX (if they REALLY don't have the 
resources to handle it without charging, which I highly doubt). I'm sure 
you could probably pick out the dlink queries with sufficient packet 
inspection too, which I'm also sure you can achieve with a FreeBSD box and 
a couple hours of spare time. :)

Seriously now, there are a million viable solutions here, ranging from 
mild inconvenience to attempting to screw dlink for being dumbasses, all 
of which are free. Point the A record else where and have people who care 
change to a new record, it's not worth $62k.

Oh and one more thing, if the goal was restricting the traffic to only 
people who participated at this IX (as per the description), please add 
this to the list of reasons why announcing your IX subnet over the global 
internet is a BAD IDEA!

Richard A Steenbergen <[email protected]>
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)