Ulisses wrote:
Hello all
I have take a look at ntp_request.h and I found that ntp doesn't put the the ip
address of the remote server being used in the request. That is, in the
ntp payload you can obtain the addresses of the peers and reference clocks of
the
server but not the address of the server itself, and therefore the only way
to get the address of the server is looking at the IP header.
Am I wrong?
You are correct, that is a flaw in the protocol design. It has always
been the case that it is easy to get the address from whence a UDP
was sent, but there is no portable way to determine to where it was
bound. This has led to the super-kludge of binding to all IP addresses
on the system as being the best of a bad lot.
As one security guru recently said, "authentication based on IP address
is sooo 1980's"
--
blu
Remember when SOX compliant meant they were both the same color?
----------------------------------------------------------------------
Brian Utterback - OP/N1 RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
