In <[EMAIL PROTECTED]> Nelson Minar <[EMAIL PROTECTED]> writes:

> Looking at my server usage and reading list discussion, it's clear
> that many pool participants are implementing some sort of personal
> protection against abusive clients. That's a reasonable and necessary
> thing, but it carries a risk: those clients are going to go looking
> for another server in the pool. If 75% of the pool is protecting
> itself, the other 25% is going to be screwed.

I doubt that the abusive clients are smart enough to switch servers
when they are blocked.  If they were inclined to notice and react to
such things, they would almost certainly not have the type of
configuration problems that lead them to be abusive in the first
place.

Rather than shifting the load away from, say, the 75% of the servers
that block abusive clients, the abusive clients would be much more
likely to not get any time sources and therefore be more likely to fix
their configurations.


> Has there been any thought towards building a common group defense?

I suspect that individual NTP server admins taking care of their own
servers actually does help the common group.

Actually, when I first started running the scripts to detect abusive
clients, I found a lot of them.  I contacted many of the worst, and
that usually had positive results.

Now a days, I've noticed that there just aren't that many one
packet-per-second clients around any more.  I still have a lot of 15s
and 30s clients, but they aren't as bad (obviously).


> While I'm here, another question. Wayne Schmitt's ntpscripts are great
> for monitoring things. Is there anyone working on cleaning these up
> and automating them for general easy use?
>   http://www.schlitt.net/scripts/ntp/index.html

I really haven't worked on them for quite a while, but I'm not sure
what "clean up" or "automation" I could do with them.  What kind of
things were you thinking of?


-wayne
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers

Reply via email to