[ntp:hackers] D-Links NTP server vandalism

John Pettitt jpp at cloudview.com
Tue Apr 11 16:47:01 UTC 2006


Todd,
    You are confusing the ability to monitor who is using a server with
publishing the data.  The question Harlan asks is how to know who is
using your server.  That is a reasonable question for any admin to ask,
since administrative monitoring tools server a compelling purpose in
many cases it's hard to see the government objecting, particularly when
the same governments are asking ISP's to track everything and keep the
records.  You may have a point if the data is  public (but see below).

Further your argument that anon access has been around forever is false
- access has not been anon because the monlist command has also been
around a long time - any user reading the documentation would know that
there is a way for admins to monitor their use and that many servers do
not restrict external access to monlist so it could be argued that anon
access is in fact not and the norm.

Yes government can be a pain in the ass over these kind of things but I
think we are far from the sky actually falling on this issue.

John


todd glassey wrote:
> Harlan -IMHO you are running headlong into a litigation matter over privacy
> and anonymous access.  I believe that you are facing serious privacy issues
> in the EU, such that anyone that wants to anonymously use those time
> services does and has, and since they have been operated that way forever,
> its already cast in stone...
>
> Let alone the US Government's issues with this effort on your part. How are
> you going to inform the users that you are now tracking them? Send them an
> email? And since you must take time from the Government's, what this will do
> is take the non-governmental supplied servers off the master S-1 List IMHO,
> when NIST and people like NORAMET formally disqualify your machine because
> of operations practices.
>
> Otherwise the option is to litigate against both you Harlan and this NTP
> organization, as well as the ISC, and if you think I am kidding about this,
> figure out what happens when CNET publishes that the privately operated time
> servers are tracking use.
>
> You guys really dont get it - this is the big kids table and its about the
> global deployment of time data - the most important commodity in the Digital
> World.
>
>
> Todd Glassey
>
> ----- Original Message ----- 
> From: "Harlan Stenn" <stenn at ntp.isc.org>
> To: "Mark Martinec" <Mark.Martinec at ijs.si>
> Cc: <hackers at ntp.isc.org>
> Sent: Tuesday, April 11, 2006 12:04 AM
> Subject: Re: [ntp:hackers] D-Links NTP server vandalism
>
>
>   
>> I'd invite people to add information on how to answer the question "Who
>> is using my NTP server?" at:
>>
>>  http://ntp.isc.org/bin/view/Support/MonitoringAndControllingNTP
>>
>> H
>> _______________________________________________
>> hackers mailing list
>> hackers at support.ntp.org
>> https://support.ntp.org/mailman/listinfo/hackers
>>     
>
> _______________________________________________
> hackers mailing list
> hackers at support.ntp.org
> https://support.ntp.org/mailman/listinfo/hackers
>
>   



More information about the hackers mailing list