[time] Anecdotal evidence that NTP blocking works
Chris Davies - NTP Manager
Fri Dec 3 10:54:06 UTC 2004
Joel Reicher wrote:
> Although it's just anecdotal, it looks like I now have abusers that my
> script had almost completely gotten rid of, so just dropping packets
> mostly works.
Those users may have simply reset their devices and consequently ended up with
different servers from the pool.
> The point at which it doesn't work is what I emailed about a couple
> of weeks ago; there seem to be some clients that fix a polling interval
> of 16s if the server is unreachable, and continue to poll until it is.
> If such clients are not blocked, their polling interval increases as soon
> as they can reach the server again.
I've noticed that sending ICMP Port Unreachable seems to shut up certain
clients. (See the recent Dave Morgan thread,"update on my auto-firewall script"
starting with <3js8q0tfrmat45ns3vrpjc0je3vtd70vmu at 4ax.com>.) Different people
may get different results.
More information about the pool