[ntp:questions] Re: abuse or bug ?
David L. Mills
mills at udel.edu
Thu Jan 27 13:57:13 UTC 2005
No version of the xntpd/ntpd software that leaves here can do anything
like you describe. It is not possible to configure a client to send
packets faster than one packet in sixteen seconds and in the ordinary
case a client sends no faster than one packe in 1,024 seconds. Be very
convinced of this.
There are apparently other implementations of SNTP/NTP in circulation
that behave as you describe. These have popped up at USNO, NIST and U
Wisconsin time servers, as described at a recent PTTI conference (see
www.eecis.udel.edu/~mills/papers.html). These have caused great harm and
disruption of Government provided services. I emphasize strongly, these
rascals do NOT represent the public NTP software distribution.
Henk P. Penning wrote:
> it has been noted that some clients poll time servers at
> a rate of 1 packet per second, for an unlimited period.
> Is this a bug in the standard ntpd software or
> abuse by bad software or badly configured clients ?
> The example below make me think it is a bug.
> client : 184.108.40.206 (in cs.northwestern.edu)
> hardware : Sun, SunBlade 150
> operating system :
> Linux gandalf 2.4.26-sparc-r2 #14 Wed Sep 22 15:27:12 CDT 2004 sparc64
> sun4u TI UltraSparc IIe (Hummingbird) GNU/Linux
> ntp : ntp 4.2.0-r2
> config :
> server pool.ntp.org
> driftfile /var/lib/ntp/ntp.drift
> restrict default notrust nomodify
> restrict 127.0.0.1
> It has sent 438851 packets in the last 129.3 hours to 'ntp.cs.uu.nl'.
> The client says the server is unreachable.
> There may well be a problem with the client's ntpd config
> or the clients network setup ; the interesting thing is that
> standard ntpd software with a 'normal config', running on
> of-the-shelf hardware, can show the undesired behaviour.
> The contact for the client is Stefan Birrer (thanks for all
> the info) [s-birrer (at) northwestern edu].
> Henk Penning
> ---------------------------------------------------------------- _
> Henk P. Penning, Computer Systems Group R Uithof CGN-A232 _/ \_
> Dept of Computer Science, Utrecht University T +31 30 253 4106 / \_/ \
> Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 251 3791 \_/ \_/
> http://www.cs.uu.nl/staff/henkp.html M penning at cs.uu.nl \_/
More information about the questions