jlevine <jlev...@boulder.nist.gov> writes: >Thanks to all of you who responded to my initial post regarding very >rapid >polling. I have fixed this particular instance with some cooperation >from the >ISP. However, the generic problem remains and is likely to re-appear.
Could you tell us what the problem was? Was it an attack or a misconfiguration or a bug in some program? >I don't know of a good general solution to this problem because: > 1. the KOD packets are generally not effective. Either the remote >software >does not recognize them or it chooses to ignore them. The KOD method >obviously would not work against an attack. > 2. Sending any reply at all doubles the network traffic and makes >an >attack more effective. Therefore, all of the NIST servers log the >event and >the source ip but do not respond. I think it is not appropriate for a >national >timing laboratory to knowingly send the wrong time. > 3. This sort of stuff is really more general than NTP -- denial of >service >attacks can use many different protocols and a more general network >solution is going to be needed. > 4. A serious denial-of-service attack probably requires a botnet to >cause >real trouble, and fixing that problem might reduce the impact of all >denial >of service attacks. >Judah Levine >Time and Frequency Division >NIST Boulder _______________________________________________ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
