Re: well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism)

North American Network Operators Group

Re: well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism)

From: Peter Dambier
Date: Thu Apr 13 02:15:19 2006

Sorry for the noise again.

Yes, you can edit /etc/hosts

No, the box does not care.

Neither voipd nor multid care for it

Apr 13 05:25:17 voipd[402]: >>> Request: SUBSCRIBE sip:[email protected]
Apr 13 05:25:17 voipd[402]: dns: _sip._udp.sipgate.de: query
Apr 13 05:25:17 voipd[402]: dns: _sip._udp.sipgate.de: "0 0 5060 sipgate.de" ttl=584 from 192.168.180.1.
Apr 13 05:25:17 voipd[402]: dns: sipgate.de: query
Apr 13 05:25:17 voipd[402]: dns: sipgate.de: 217.10.79.9 ttl=4786 from 192.168.180.1.
Apr 13 05:25:18 voipd[402]: <<< Status: 200 OK

Apr 13 02:27:25 multid[360]: dns: 0.europe.pool.ntp.org: query
Apr 13 02:27:25 multid[360]: dns: 0.europe.pool.ntp.org: 85.214.32.50 ttl=1619 from 192.168.180.1.
Apr 13 02:27:25 multid[360]: sending SNTP request to server 0.europe.pool.ntp.org (85.214.32.50)
Apr 13 02:27:25 multid[360]: The NTP time is 13.4.2006  00:27:24.133000 UTC
Apr 13 02:27:25 multid[360]: system time is 1.020000 seconds ahead
Apr 13 02:27:25 multid[360]: adjusting time backward 1.020000 seconds


Regards,
Peter and Karin



Peter Dambier wrote:

Just for curiousity, you can change it. /etc/hosts is a link

/etc/hosts -> ../var/tmp/hosts

you can edit but you cannot permanently save it.

cat /etc/hosts

127.0.0.1       localhost
192.168.178.1   fritz.box
217.10.79.8     0.europe.pool.ntp.org   ntp.sipgate.de

Now I dont bother pool.ntp.org but ask my sip provider.
That trick might work for the D-Link too.

Of course 0.europe.pool.ntp.org is alright but that
ntp server D-Link has is not.

You have to insert the hostname plus ip into /var/tmp/hosts
or the box will ask DNS.


Cheers
Peter and Karin



Peter Dambier wrote:
From my Fritzbox log:

Apr 12 06:27:29 multid[360]: dns: 0.europe.pool.ntp.org: query
Apr 12 06:27:30 multid[360]: dns: 0.europe.pool.ntp.org: 82.71.9.63 ttl=79 from 192.168.180.1.
Apr 12 06:27:30 multid[360]: sending SNTP request to server 0.europe.pool.ntp.org (82.71.9.63)
Apr 12 06:27:30 multid[360]: The NTP time is 12.4.2006 04:27:29.150000 UTC
Apr 12 06:27:30 multid[360]: system time is 1.007000 seconds ahead
Apr 12 06:27:30 multid[360]: adjusting time backward 1.007000 seconds

Seems to do that every 8 hours.

I could not find a config file. Compiled into "/sbin/multid" ?

I guess similar devices like the maudit D-Link are much the same. Only that
multid deamon seems to be AVM specific. If that NTP thing is from the non
disclosed und unGPLed TI source then best forget about it. Replace it by some
wellknown software that is known not to be nasty.

Another router that is not compatible and not especially a good router -
has an html interface where you can put it your favourite NTP server.

I still wonder why I cannot configure the NTP server but at least it is not
as nasty as the D-Link.

Peter

Stephane Bortzmeyer wrote:
On Tue, Apr 11, 2006 at 10:01:10PM +0000,
Edward B. DREGER <[email protected]> wrote a message of 27 lines which said:
AS112-style NTP service, anyone?  That would be cooperative and
possibly even useful.
It already exists (Security warning: do not use it on strategic
machine, there is no warranty that these servers are trustful):

http://www.pool.ntp.org/

Active server count on 2006-04-12
Africa 1
Asia 24
Europe 368
North America 223
Oceania 26
South America 7
Global 582
All Pool Servers 653

The pool.ntp.org project is a big virtual cluster of timeservers striving to provide reliable easy to use NTP service for millions of clients without putting a strain on the big popular timeservers.

Adrian von Bidder created this project after a discussion about resource consumption on the big timeservers, with the idea that for everyday use a DNS round robin would be good enough, and would allow spreading the load over many servers. The disadvantage is, of course, that you may occasionally get a bad server and that you usually won't get the server closest to you. The workarounds for this is respectively to make sure you configure at least three servers in your ntp.conf and to use the country zones (for example 0.us.pool.ntp.org) rather than the global zone (for example 0.pool.ntp.org). Read more on using the pool.

The pool is now enormously popular, being used by at least hundreds of thousands and maybe even millions of systems around the world.

The pool project is now being maintained by Ask Bj�rn Hansen and a great group of contributors on the mailing lists.

--
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: [email protected]
mail: [email protected]
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/

References:
- Re: Open Letter to D-Link about their NTP vandalism Robert Bonomi
- Re: Open Letter to D-Link about their NTP vandalism Valdis.Kletnieks
- well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism) Edward B. DREGER
- Re: well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism) Stephane Bortzmeyer
- Re: well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism) Peter Dambier
- Re: well-known NTP? (Re: Open Letter to D-Link about their NTP vandalism) Peter Dambier

Prev by Date: Re: Open Letter to D-Link about their NTP vandalism
Next by Date: Re: Open Letter to D-Link about their NTP vandalism
Date Index
Thread Index
Author Index
Historical