[ntp:questions] Rude rackety customers

David L. Mills mills at udel.edu
Mon Nov 26 22:14:50 UTC 2007


FYI: In reworking the NTP server flood defenses to more accurately spot 
the cloggers, I found one perp sending contiuously at 3 s, another at 5 
s and a third at 8 s. This results in sending one KoD every two seconds. 
The KoD has been modified to avoid revealing any server timestamps, so 
are useless for time purposes.

The changes allow increasing the minimum server average headway to one 
packet in 16 s for every client, which is the rate enforced by the 
current NTP client. If the client gets a valid KoD, it stops working.

Whether this really does work depends on the deployment of the current 
design in the wider user population. A tarball with this stuff should 
roll soon.


More information about the questions mailing list