[ntp:questions] Re: Can you test my server please.

Richard B. Gilbert rgilbert88 at comcast.net
Tue Nov 23 17:37:15 UTC 2004


Simon Lyall wrote:

>Richard B. Gilbert <rgilbert88 at comcast.net> wrote:
>  
>
>>Simon Lyall wrote:
>>    
>>
>>>The IP of the server is 202.49.59.7 [3] . I would be interested to know 
>>>what it does both as the sole server configured or when other servers are 
>>>configured as well.
>>>      
>>>
>
>  
>
>>I tried it.  Here's the how and the what happened.  
>>    
>>
>[..]
>  
>
>>22 Nov 19:37:51 ntpdate[17894]: no server suitable for synchronization found
>>sunblok_$
>>I hope this exercise is useful for something.
>>    
>>
>
>Thanks. It looks like the server I am using just doesn't reply when it's 
>sent ntp (as opposed to sntp) requests. A test with a simple sntp client I 
>have seems to work correctly though. I've not had any reports from clients 
>other than stock ntpd and my simple sntp script though.
>
>If I want to fool full ntp clients it looks like I'll have to hack the 
>stock program (or perhaps the OpenBSD one).
>
>  
>
Dare I suggest that this is not really a good thing to do?

If people are abusing your server, try blocking them at the firewall or 
by using restrict statements.

And you should also take note that NTP and SNTP use the same packet 
format!  They are different only in how often the client polls the 
server and what the client does with the replies.  As far as I know 
there is no way for the server to easily distinguish an SNTP client from 
an NTP client.



More information about the questions mailing list