[ntp:questions] Netgear SNTP bad client (University of Wisconsin)

Nelson Minar nelson at monkey.org
Fri Aug 22 23:34:31 UTC 2003

This must be old news to most of the folks in this group, but in case
it's not, this article is definitely worth a read.

Flawed Routers Flood University of Wisconsin Internet Time Server
  Netgear Cooperating with University on a Resolution
Dave Plonka, August 21, 2003 - University of Wisconsin-Madison



In May 2003, the University of Wisconsin - Madison found that it was
the recipient of a continuous large scale flood of inbound Internet
traffic destined for one of the campus' public Network Time Protocol
(NTP) servers. The flood traffic rate was hundreds-of-thousands of
packets-per-second, and hundreds of megabits-per-second. 

Subsequently, we have determined the sources of this flooding to be
literally hundreds of thousands of real Internet hosts throughout the
world. However, rather than having originated as a malicious
distributed denial-of-service (DDoS) attack, the root cause is
actually a serious flaw in the design of hundreds of thousands of one
vendor's low-cost Internet products targeted for residential use. The
unexpected behavior of these products presents a significant
operational problem for UW-Madison for years to come. 

This document includes the initial public disclosure of details of
these products' serious design flaw. Furthermore, it discusses our
ongoing, multifaceted approach toward the solution which involves the
University, the products' manufacturer, the relevant Internet
standards (RFCs), and the public Internet service and user

More information about the questions mailing list