My NTP server in the pool sends out the time to whoever asks for it. Problem is, some folks firewall off my replies, and even worse when they see my replies of what time it is coming back, they report these as network attacks on their machines/networks from my network to their network providers, who tells my network provider, who then makes me fill out a form saying that I am not going to abuse the network anymore.
So far I've been blowing these off, but for some reason this really has picked up over the holidays and now I apparently have to explain multiple times a day why I'm sending traffic to port 123 at different machines when they ask me what time it is. Has anyone here come up with a form-letter that explains that no, these are not network attacks (for some reason many of the complaints I get specifically mention "ntp overflow exploits")? Strangely enough, the form-letter that I often get from ISP's has a link to the "ntp overflow exploit" info page which explains that this is really a false positive because ntpd has no known overflow exploits... Tim. _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
