North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open Letter to D-Link about their NTP vandalism

  • From: Simon Lyall
  • Date: Tue Apr 11 01:56:24 2006

On Tue, 11 Apr 2006, Paul Vixie wrote:
> [email protected] (Simon Lyall) writes:
> > I've said in other forums the only solution for this sort of software is
> > to return the wrong time (by several months). The owner might actually
> > notice then and fix the problem.
> that creates new liability, and isn't realistic in today's litigious world.

Everyone here runs spam filters. Many times a day you tell a remote MTA
you've accepted their email but you delete it instead. Explain the

I run a NTP server, The only place it is advertised is a list which says
"To be used by people in DK exchange only" . Explain the difference
between my blocking someones packets (which causes them to just resend),
send a KOD ( ntp for "go away") packet (which is ignored) and telling them
the time is "2001-11-11 11:11:11" every time they ask?

People running RBLs change the access policy or return for every
query sometimes. People running public Mail relays or public DNS servers
regularly block access or return bad results.

NTP provides a method to tell people to go away (The KOD packet) , if a
remote client ignores that and keeps flooding your (or your upstream
filters) with many udp packets per-second what exactly is someone
supposed to do? There is no contract between the Server operator and the
abusing client, The client is abusing the access policy and they have
ignored the automatic request to go away.

Simon J. Lyall  |  Very Busy  |  Web:
"To stay awake all night adds a day to your life" - Stilgar | eMT.