David Woolley wrote: > Martin Burnicki wrote: > >> Of course this would be possible, but the expected behaviour (for me, at >> least) would be not to let bad guys doing bad things by default, i.e. not >> let them change my time until explicitely given the permission to do so. >> > > My impression was that the Windows workaround didn't allow one to create > peers without authentication, but rather treated such an attempt as > actually creating a simple client relationship.
Maybe I've been to unspecific. The initial code before August 2002 just dropped peer packets if they were not authenticated, so those w32time clients did never get synchronized to the NTP server unless either they were authenticated (which AFAIK is not possible with w32time) or the w32time service had been configured correctly to send client requests instead of peer requests. The workaround was just to send a reply, without mobilizing an association for that unauthenticated peer (w32time), so that peer was happy to get a response but ntpd did not treat it like a real, authenticated peer. That's how I thought things would work, and now I'm pretty surprized that peering should be possible without well configured authentication. If that's the original design then NTP daemons before August 2002 would have mobilized an association for w32time peers instead of simply dropping the request packet. If the current versions don't require authentication for peering then, as already said in my previous post, the question is whether the behaviour of the current implementation is by design, or whether it has changed unintentionally in the past, or I'm completely on the wrong rail. Martin -- Martin Burnicki Meinberg Funkuhren Bad Pyrmont Germany _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
