>>> Miroslav Lichvar <[email protected]> schrieb am 18.06.2018 um 11:50 in Nachricht <20180618095057.GA32057@localhost>: > On Thu, May 31, 2018 at 03:26:12AM +0000, Karen O'Donoghue wrote: >> Control Messages Protocol for Use with Network Time Protocol Version 4 >> https://datatracker.ietf.org/doc/draft‑ietf‑ntp‑mode‑6‑cmds/ >> >> Please review the referenced document and send any comments to the mailing
> list including your assessment of whether this document is mature enough to > proceed to the IESG. Please note that these messages of support for > progression to the mailing list will be used to determine WG consensus to > proceed. > > I don't know much about the protocol, e.g. how accurately it describes > what current versions of ntpd/ntpq/ntpdc use, but I think the document > should make it more clear that it is not recommended for new > applications. Should it be labelled as "historic"? > > The issue with amplification is a major problem. It is possibly the > most severe security issue NTP ever had in terms of damage. It's the > reason why some ISPs now block the UDP port 123 by default. If it > cannot be fixed, it should be deprecated. Hi! I think the reason for documenting mode 6 is exactly to teach those who block port 123 unconditionally (they did it here as well, breaking all the pool servers) how to block mode 6 (and 7?) packets only. Regards, Ulrich > > ‑‑ > Miroslav Lichvar > > _______________________________________________ > ntp mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ntp _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
