John Hasler <[email protected]> wrote: > sh3120 writes: >> Have sites complaining that 72.8.140.222 is showing up on command and >> control server. After research determined that IP is listed in the >> NTP.POOL.ORG listing of time servers. Unsure who to report this too >> to get it off the list. > > It's not clear what your problem is.
Today many ISPs and companies run intrusion detection systems that monitor the traffic and send alerts when there is communication with systems listed as botnet C&C servers. So when such a server appears on ntp.pool.org, and a user picks it to sync with, they get stamped as potentially infected by malware and could face disconnection or other forms of quarantine. Clear now? _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
