[ntp:questions] Re: abuse or bug ?

David L. Mills mills at udel.edu
Sat Jan 29 01:06:08 UTC 2005


Henk,

The ntpd appears to be running properly, although ntpdc lies through its 
teeth and ntpq is a much better diagnostic. The version is the current 
release, although it is well over a year old.

So far as I know, yours is the only report of this behavior. My initial 
concern was that a bug like this occured in a test version and was 
quickly fixed before the test escaped our wires. In any case, that 
occasion was after 4.2.0 was released. Notwithstanding disclaimers, the 
quickest way for us to resume normal programming may be to move to a 
more modern release and stay tuned for further reports, if any.

Dave

Henk Penning wrote:
> In <cte0qc$kpp$1 at dewey.udel.edu> "David L. Mills" <mills at udel.edu> writes:
> 
> 
>>Henk,
>>
>>Can you confirm the version number of the apparently abusive client? In 
>>testing here we occasionally have broken test versions, but these are 
>>never intended to escape the local test environment and should never 
>>have been put up for public grab.
>>
>>The client you highlight is not reachable from here for ping or ntpq. If 
>>it was reachable by ping but not for ntpq and not returning a ICMP 
>>destination port unreachable, I would suspect a Netgear client.
> 
> 
> Dave,
> 
>   Via network staff at northwestern.edu and cs.northwestern.edu I contacted
>   the guy who maintains the box [s-birrer (at) northwestern edu] ;
>   He gave me these specs:
> >     .... I'm using plain out of the box ntp software on a Linux Gentoo
>     running on a SunBlade. ...
> 
>     client   : 129.105.100.183 (in cs.northwestern.edu)
>     hardware : Sun, SunBlade 150
>     operating system :
>       Linux gandalf 2.4.26-sparc-r2 #14 Wed Sep 22 15:27:12 CDT 2004 sparc64
>       sun4u TI UltraSparc IIe (Hummingbird) GNU/Linux
>     ntp      : ntp  4.2.0-r2
>     config :
>       server pool.ntp.org
>       driftfile       /var/lib/ntp/ntp.drift
>       restrict default notrust nomodify
>       restrict 127.0.0.1
> 
>   He sent me some diagnostics:
> 
> sempi at gandalf sempi $ ntpdc -c pee -c loo -c sysi
>      remote           local      st poll reach  delay   offset    disp
> =======================================================================
> =doei.cs.uu.nl   129.105.100.183 16   64    0 0.00000  0.000000 0.00000
> offset:               0.000000 s
> frequency:            0.000 ppm
> poll adjust:          0
> watchdog timer:       69165 s
> system peer:          0.0.0.0
> system peer mode:     unspec
> leap indicator:       11
> stratum:              16
> precision:            -19
> root distance:        0.00000 s
> root dispersion:      1.03746 s
> reference ID:         [73.78.73.84]
> reference time:       00000000.00000000  Thu, Feb  7 2036  0:28:16.000
> system flags:         auth monitor ntp kernel stats 
> jitter:               0.000000 s
> stability:            0.000 ppm
> broadcastdelay:       0.003998 s
> authdelay:            0.000000 s
> 
> sempi at gandalf sempi $ ntpq -p
> remote          refid      st t when poll reach   delay   offset jitter
> ==============================================================================
> doei.cs.uu.nl   .RSTR.     16 u    -   64    0    0.000    0.000 4000.00
> 
>   This is all the info I have.
> 
> 
>>Dave
> 
> 
>   regards.
> 
>   Henk Penning
> --
> ----------------------------------------------------------------   _
> Henk P. Penning, Computer Systems Group       R Uithof CGN-A232  _/ \_
> Dept of Computer Science, Utrecht University  T +31 30 253 4106 / \_/ \
> Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 251 3791 \_/ \_/



More information about the questions mailing list