[ntp:hackers] Dlink is abusing almost *ALL* stratum 1 servers :-(

Poul-Henning Kamp phk at phk.freebsd.dk
Sat Apr 8 16:53:10 UTC 2006


In case you havn't seen act 1 of this yet:
	http://people.freebsd.org/~phk/dlink

For some reason it did not occur to me until now that D-Link would
be stupid enough to harvest the stratum-1 server list for their
devices, but it seems that is exactly what they did :-(

As far as I can tell, they violate at least all the servers in 
the attached lists acceptable use policy.

In my view, this calls for serious legal response from the NTP
community or the Stratum 1 operators.

Does anybody have access to some kick-ass lawyers ?

If you want to verify that D-Link is abusing you server, look
for packets with udp source port 60002

Poul-Henning

PS: You can read about how we identified D-Link as the culprit
here: http://www.lightbluetouchpaper.org/2006/04/07/when-firmware-attacks-ddos-by-d-link/




ntps1-0.cs.tu-berlin.de
ntps1-1.cs.tu-berlin.de
	Service Area: Germany/Europe

ptbtime1.ptb.de
ptbtime2.ptb.de
	Service Area: Germany/Europe, others by arrangement
	Access Policy: open access, please send a message to notify.

clock1.canterbury.ac.nz
	Service Area: New Zealand
	Access Policy: restricted to stratum-2 servers providing
	synchronization to local networks of ten or more hosts, by
	prior arrangement

goodtime.ijs.si
	Service Area: Slovenia, European academic community, others
	by arrangement
	Access Policy: restricted to servers providing synchronization
	to ten or more hosts, please send notification before regular
	use

ntp-cup.external.hp.com
	Service Area: West Coast USA

time.keneli.org
   
ntp1.rnp.br
	Service Area: Brazil
	Access Policy: Open access to stratum 1, stratum 2 within
	Brazilian Research Network (RNP). Others by prior arrangement
	only.

ntp0.fau.de
ntp1.fau.de
ntp2.fau.de
ntp3.fau.de
	Service Area: Germany/Europe

ntp1.ien.it
ntp2.ien.it
	Service Area: Italy/Europe

time.service.uit.no
	Service Area: NORDUnet
	Access Policy: semi-open access, prior arrangment required

nets.org.sg
	Service Area: Singapore and Asia
	Access Policy: Open to stratum-2 servers and others by arrangement

ntp2.ja.net
	Service Area: JANET
	Access Policy: closed access, see notes below.

montpelier.ilan.caltech.edu
	Service area: USA Pacific timezone, others by arrangement
	Access Policy: open access for stratum 2 servers

time-b.timefreq.bldrdoc.gov
	Service Area: NSFnet, WESTnet
	Access Policy: Open to stratum-2 servers, others by
	arrangement; please use only one of the servers as primary
	with the other as a back

ntp-s1.cise.ufl.edu
	Service area: Eastern time zone US
	Access Policy: open access for stratum 2 servers and UFL
	clients,others by arrangement

ntp.dgf.uchile.cl
	Service area: REUNA and interconnected networks, Chile.
	Access Policy: open access, please send a message to notify.

ntp.cesnet.cz
	Service Area:  Czech Republic and Slovakia, European academic community
	Access Policy: open to servers providing synchronization
	to ten or more hosts, others by arrangement

tock.gpsclock.com
	Service Area: US Pacific, Los Angeles area
	Access Policy: Open to stratum 2 servers for 10 or more
	hosts, others upon request

tick.ucla.edu
	Service area: Pacific time zone, others on request
	Access policy: open access to stratum-2 servers and to UCLA clients

time.nist.gov
	Access Policy: open to stratum-2 servers and others by arrangement

navobs1.wustl.edu
	Service area: USA Central timezone, others by arrangement.

ntp0.coreng.com.au
	Service area: Australia.
	Access policy: open access to Australian organisations,
	please limit to two peer hosts per site.

ntps1.pads.ufrj.br
	Service Area: Brazil, Latin America and Caribbean.
	Access Policy: Open access, please limit to two peer hosts
	(preferentially stratum 2 servers) per domain. Clients
	(end-users) should use only stratum 2 servers for synchronization.

clock.uregina.ca
	Service Area: SASK#net, CA*net, Canada
	Access Policy: open to stratum2 time servers, others by arrangement.

ntp.metas.ch
	Service Area: Switzerland, others by arrangement
	Access Policy: open access, please send a message to notify

rustime01.rus.uni-stuttgart.de
	Service Area: Germany/Europe
	Access Policy: open, preferred for stratum-2 servers providing
	synchronization to local networks; appreciate email
	notification

chronos.cru.fr
	Service Area: France/Europe
	Access Policy: open access to stratum-2 servers, send a
	message to notify

ntp-sop.inria.fr
	Service Area: RENATER, R3T2, France/Europe
	Access Policy: open to servers providing synchronization
	to reasonnable size networks (>10 hosts).

ntp-galway.hea.net
	Service Area: Ireland, UK
	Access Policy: open access, please send a message to notify

ntp.alaska.edu
	Service area: Pacific Northwest, others by arrangement
	Access Policy: open access for stratum 2 servers

ntp.nasa.gov
	Service Area: NSFNET, BARR region, NASA NSN, DOE ESNET, DDN
	Access Policy: prior permission required

nist1-sj.glassey.com
	Service Area: Western US
	Access Policy: Open to stratum-2 servers and others by arrangement

utcnist.colorado.edu
	Service Area: Western US
	Access Policy: Open to All Colorado users, other stratum-2
	servers; others by arrangement

ntp2.usno.navy.mil
	Service area: USA Eastern timezone, others by arrangement
	Access Policy: open access for stratum 2 servers

navobs1.gatech.edu
	Service area: USA Eastern timezone, others by arrangement
	Access Policy: open access for stratum 2 servers

time.twc.weather.com
	Servcice Area: Primarily Southeastern US
	Access policy: Open access for stratum 2 servers

tick.mit.edu
	Service Area: eastern time zone, others on request
	Access Policy: open access to stratum-2 servers and to MIT clients
-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.


More information about the hackers mailing list