North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open Letter to D-Link about their NTP vandalism

  • From: Nicholas Suan
  • Date: Sat Apr 08 12:19:36 2006

On Sat, Apr 08, 2006 at 10:51:27AM -0500, Church, Chuck wrote:

> Since the intended (and announced) use of this server is just for DIX
> networks, blocking NTP from any other networks should be trivial.  That
> IP address will still be hit by D-Link devices looking for a suitable
> server, but with no response, they'll move onto another device, and
> probably never try the DIX address again, at least until they're
> rebooted.  That alone should kill off 95% of the unwanted traffic
> hitting the box, and probably 80% of the traffic even being sent to DIX
> in the first place.

It would be nice if it were that simple. However there are an annoyingly
large amount of poorly-written clients whose polling ratios do not
decrease after they get no response from the server. There have even
been some clients whose polling rate *increases* after they get no