[ntp:questions] Re: Question on abusive clients.
mayer at ntp.isc.org
Sun Jan 1 04:13:55 UTC 2006
Brian T. Brunner wrote:
> The counter you speak of is necessary to determine to issue the KoD
> anyhow, yes? After then you need only the IP, the time of the KoD,
> and cycles spent searching this list. Probably need a hash table too.
> What I'm reading between the various posts is that the abusive clients
> can't be expected to behave to any known rules, so feeding them good
> time, bad time, or fixed time is equally unproductive... they continue to
> hammer the server.
> Solution: put the time servers behind a packet-dropping firewall,
> as has been suggested by others, so I'm out of helpful ideas for this thread.
> Brian Brunner
> brian.t.brunner at gai-tronics.com
No, you want to have a counter to see how badly it's hammering away at
your server, not just to decide when to send a KOD packet. You want to
use this data to decide which ones are the most abusive so you can
concentrate on them first.
More information about the questions