[ntp:hackers] D-Links NTP server vandalism
mayer at ntp.isc.org
Fri Apr 7 12:35:04 UTC 2006
Poul-Henning Kamp wrote:
> Some of you guys may want to check if your servers are affected.
You really should sue them and also file an injunction to stop them
using your server. An injunction stopping them selling equipment with
your NTP server address in it does wonders for getting the attention of
management and the stock market. I understand the financial issue. You
should also ignore their desire to deal with this in California since
you are in Denmark and do not have any connection with the US, nor have
you signed any agreement with D-Link. This issue has come up, time and
time again and needs to be dealt with once and for all.
In the US you could usually find a lawyer willing to take on such a
case, but I don't know how things are in Denmark or how the courts deal
with such issues. You might want to talk to DIX management about how to
deal with this since it will affect them and they may be willing to at
least get their own lawyers involved. You also want to send them
certified physical mail, return receipt requested, a cease and desist
letter putting them on formal notice that you will take action one way
or another even if it means just pulling the plug on the NTP server.
Just remember, as we learned from the folks in Australia and Wisconsin,
that pulling the plug can actually be worse and NTP traffic can actually
increase when some of these misimplemented clients don't receive a response.
You will get plenty of support here of course.
More information about the hackers