Miroslav Lichvar writes: > Yes, that is a security issue in the implementation of rate limiting > in ntpd, which was published last year. You may have seen posts from > authors of the paper on this list :). The fix is to respond randomly > when the clients appear to be sending too many requests, so they can't > be starved from responses completely. At least one NTP implementation > already does that.
We're now doing a number of different things along those lines. There are probably more things we could do, too. H _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
