Unruh wrote: > "Richard B. Gilbert" <rgilber...@comcast.net> writes: > >> Unruh wrote: >>> "Richard B. Gilbert" <rgilber...@comcast.net> writes: >>> >>>> jlevine wrote: >>>>> In the last few days I have seen an increasing number of systems that >>>>> are requesting the time in NTP format several times per second. This >>>>> poll interval is far in excess of the usual best practices. Since >>>>> there are a number of such systems, it is possible that this problem >>>>> is a result of a new version of NTP that has just been released. >>>>> Please let me know if you have any information about a new version of >>>>> NTP that can do this or if any of you are seeing the same problem. >>>>> >>>>> Thanks. >>>>> >>>>> Judah Levine >>>>> Time and Frequency Division >>>>> NIST Boulder >>>> Have you captured the IP addresses of the systems involved? If so, have >>>> you identified the ISP responsible for those addresses? Complained to >>>> the ISP? Etc, etc? >>>> The half witted will always be with us. . . . >>> There is no way you can set up ntpd so that it will poll many times a >>> second, unless there is a severe bug in ntp. He is asking if perhaps such a >>> bug exists in the latest version of ntpd ( since the latest version just >>> came out a month ago, and latest devel version a week ago, this would be a >>> sensible worry). >>> Alternatively one of those modem manufacturers may have screwed up again, >>> or some ntp like program has come out that has such a default. >>> I agree that asking the IP addressee what it is that they are running might >>> work, but probably not. >>> > >> It may take a while to get results but if the only alternative is to do >> nothing and suffer. . . . The ISPs have the power to cut these idiots >> off at the knees! Whether they are willing to do so is something you >> have to ask them. They also have the ability to reduce a network >> address to a street address. Again, you have to ask. If you ask on >> NIST letterhead, your chances of being taken seriously are much improved. > > IF it is a bug in ntp, then the users are not idiots, unless using ntp > makes you an idiot. If it is a bug in some other ntp software, then the > users of that software are not idiots, unless use of that software per se > makes you an idiot. If it is some modem manufacturer who has misapplied ntp > on their modem/router, again the same applies. He is trying to find out if > it is possible that such bugs exist, or than anyone else has seen them. > > >> As I recall my contract with Comcast, they can simply cut me off in >> response to just about any sort of abuse. If nobody complains, I can >> get away with practically anything! > > > Is a bug in the software "abuse"? >
Yes! It's customary to do some sort of minimal testing before distributing your software to the masses. Given the past history; e.g. U-Wisconsin, Tardis, PHK vs. D-Link and a few other such incidents I'd say it's mandatory to do some pre-release testing of hardware, firmware, and/or software. I'd say that it's also mandatory to read, and comply with, the relevant RFCs. I doubt very much that ntpd has such a bug/misfeature! The authors are very much aware of the potential problems and have done an excellent job. It seems clear that the internet community needs a methodology for coping with such incidents. Each time, it seems that a posse comitatus must be formed, the miscreants tracked down, and asked to fix their hardware, firmware, or software. Sometimes, as in the U-Wisconsin incident it's not possible to track down all instances of the defective hardware/firmware/software.. With the ever increasing use of the internet, the problems are only going to get worse! _______________________________________________ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
