Tim Shoppa <[EMAIL PROTECTED]> writes: > [people reporting NTP responses as attacks to Tim's ISP] > So far I've been blowing these off, but for some reason this really > has picked up over the holidays and now I apparently have to explain > multiple times a day why I'm sending traffic to port 123 at different > machines when they ask me what time it is.
How do you know they really asked? Since NTP is UDP-based, the request can easily be spoofed. The best you can do is explain that your machine is a legitimate NTP server (perhaps pointing them to your server's page on www.pool.ntp.org will help with that) and that unless they are seeing a large number of NTP responses in a brief time, or a wave of NTP responses hitting multiple IPs in their network, there is nothing to worry about. DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
