[ntp:questions] WARNING: someone's faking a leap second tonight

steven Sommars stevesommarsntp at gmail.com
Wed Aug 1 14:33:25 UTC 2012

I've seen no evidence of a denial of service attack, bugs are more likely.
  Several stratum one servers have been advertising LI=1 continuously for
the past month.   Others alternate between LI=0 and LI=1.
Most servers claim to run ntpd.

There are over 10 stratum one's that advertise LI=1 as of Wed Aug  1
14:18:51 UTC 2012.   Unless this changes another false leap second could
occur on August 31, 2012

On Wed, Aug 1, 2012 at 7:58 AM, Marco Marongiu <brontolinux at gmail.com>wrote:

> On 01/08/12 10:28, Marco Marongiu wrote:
> > I tried to collect some information around the globe, but with scarce/no
> > feedback. I am *suspecting* that this could be a rather imaginative
> > attempt to DOS worldwide.
> >
> > Anyway, a colleague of mine is now hunting down some upstreams that
> > faked the leap second. If we get something out of his research, I'll let
> > you know.
> While my colleague is working with a stratum 1 timekeeper to investigate
> this better, I called the people at INRiM in Italy -- INRiM is the
> institution responsible for the official Italian time
> (http://www.inrim.it/index.shtml). Mr.Pettiti confirmed there was *no*
> leap second scheduled yesterday (as we all suspected, right?), so that
> is definitely a fake.
> It may well be a DOS attempt, but as another colleague of mine suggests,
> it could also be a bug in some upstream servers, which didn't disarm the
> leap second after June 30th, and propagated it again yesterday.
> Question now is: assuming those servers were running ntpd, was such a
> bug reported at some point?
> Ciao
> -- bronto
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions

More information about the questions mailing list