[ntp:hackers] Dlink is abusing almost *ALL* stratum 1 servers :-(
Poul-Henning Kamp
phk at phk.freebsd.dk
Sat Apr 8 16:53:10 UTC 2006
In case you havn't seen act 1 of this yet:
http://people.freebsd.org/~phk/dlink
For some reason it did not occur to me until now that D-Link would
be stupid enough to harvest the stratum-1 server list for their
devices, but it seems that is exactly what they did :-(
As far as I can tell, they violate at least all the servers in
the attached lists acceptable use policy.
In my view, this calls for serious legal response from the NTP
community or the Stratum 1 operators.
Does anybody have access to some kick-ass lawyers ?
If you want to verify that D-Link is abusing you server, look
for packets with udp source port 60002
Poul-Henning
PS: You can read about how we identified D-Link as the culprit
here: http://www.lightbluetouchpaper.org/2006/04/07/when-firmware-attacks-ddos-by-d-link/
ntps1-0.cs.tu-berlin.de
ntps1-1.cs.tu-berlin.de
Service Area: Germany/Europe
ptbtime1.ptb.de
ptbtime2.ptb.de
Service Area: Germany/Europe, others by arrangement
Access Policy: open access, please send a message to notify.
clock1.canterbury.ac.nz
Service Area: New Zealand
Access Policy: restricted to stratum-2 servers providing
synchronization to local networks of ten or more hosts, by
prior arrangement
goodtime.ijs.si
Service Area: Slovenia, European academic community, others
by arrangement
Access Policy: restricted to servers providing synchronization
to ten or more hosts, please send notification before regular
use
ntp-cup.external.hp.com
Service Area: West Coast USA
time.keneli.org
ntp1.rnp.br
Service Area: Brazil
Access Policy: Open access to stratum 1, stratum 2 within
Brazilian Research Network (RNP). Others by prior arrangement
only.
ntp0.fau.de
ntp1.fau.de
ntp2.fau.de
ntp3.fau.de
Service Area: Germany/Europe
ntp1.ien.it
ntp2.ien.it
Service Area: Italy/Europe
time.service.uit.no
Service Area: NORDUnet
Access Policy: semi-open access, prior arrangment required
nets.org.sg
Service Area: Singapore and Asia
Access Policy: Open to stratum-2 servers and others by arrangement
ntp2.ja.net
Service Area: JANET
Access Policy: closed access, see notes below.
montpelier.ilan.caltech.edu
Service area: USA Pacific timezone, others by arrangement
Access Policy: open access for stratum 2 servers
time-b.timefreq.bldrdoc.gov
Service Area: NSFnet, WESTnet
Access Policy: Open to stratum-2 servers, others by
arrangement; please use only one of the servers as primary
with the other as a back
ntp-s1.cise.ufl.edu
Service area: Eastern time zone US
Access Policy: open access for stratum 2 servers and UFL
clients,others by arrangement
ntp.dgf.uchile.cl
Service area: REUNA and interconnected networks, Chile.
Access Policy: open access, please send a message to notify.
ntp.cesnet.cz
Service Area: Czech Republic and Slovakia, European academic community
Access Policy: open to servers providing synchronization
to ten or more hosts, others by arrangement
tock.gpsclock.com
Service Area: US Pacific, Los Angeles area
Access Policy: Open to stratum 2 servers for 10 or more
hosts, others upon request
tick.ucla.edu
Service area: Pacific time zone, others on request
Access policy: open access to stratum-2 servers and to UCLA clients
time.nist.gov
Access Policy: open to stratum-2 servers and others by arrangement
navobs1.wustl.edu
Service area: USA Central timezone, others by arrangement.
ntp0.coreng.com.au
Service area: Australia.
Access policy: open access to Australian organisations,
please limit to two peer hosts per site.
ntps1.pads.ufrj.br
Service Area: Brazil, Latin America and Caribbean.
Access Policy: Open access, please limit to two peer hosts
(preferentially stratum 2 servers) per domain. Clients
(end-users) should use only stratum 2 servers for synchronization.
clock.uregina.ca
Service Area: SASK#net, CA*net, Canada
Access Policy: open to stratum2 time servers, others by arrangement.
ntp.metas.ch
Service Area: Switzerland, others by arrangement
Access Policy: open access, please send a message to notify
rustime01.rus.uni-stuttgart.de
Service Area: Germany/Europe
Access Policy: open, preferred for stratum-2 servers providing
synchronization to local networks; appreciate email
notification
chronos.cru.fr
Service Area: France/Europe
Access Policy: open access to stratum-2 servers, send a
message to notify
ntp-sop.inria.fr
Service Area: RENATER, R3T2, France/Europe
Access Policy: open to servers providing synchronization
to reasonnable size networks (>10 hosts).
ntp-galway.hea.net
Service Area: Ireland, UK
Access Policy: open access, please send a message to notify
ntp.alaska.edu
Service area: Pacific Northwest, others by arrangement
Access Policy: open access for stratum 2 servers
ntp.nasa.gov
Service Area: NSFNET, BARR region, NASA NSN, DOE ESNET, DDN
Access Policy: prior permission required
nist1-sj.glassey.com
Service Area: Western US
Access Policy: Open to stratum-2 servers and others by arrangement
utcnist.colorado.edu
Service Area: Western US
Access Policy: Open to All Colorado users, other stratum-2
servers; others by arrangement
ntp2.usno.navy.mil
Service area: USA Eastern timezone, others by arrangement
Access Policy: open access for stratum 2 servers
navobs1.gatech.edu
Service area: USA Eastern timezone, others by arrangement
Access Policy: open access for stratum 2 servers
time.twc.weather.com
Servcice Area: Primarily Southeastern US
Access policy: Open access for stratum 2 servers
tick.mit.edu
Service Area: eastern time zone, others on request
Access Policy: open access to stratum-2 servers and to MIT clients
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the hackers
mailing list