[ntp:questions] Very rapid polling

Danny Mayer mayer at ntp.isc.org
Wed Feb 11 03:32:53 UTC 2009


Richard B. Gilbert wrote:
> Unruh wrote:
>> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>>
>>> jlevine wrote:
>>>> In the last few days I have seen an increasing number of systems that
>>>> are requesting the time in NTP format several times per second. This
>>>> poll interval is far in excess of the usual best practices. Since
>>>> there are a number of such systems, it is possible that this problem
>>>> is a result of a new version of NTP that has just been released.
>>>> Please let me know if you have any information about a new version of
>>>> NTP that can do this or if any of you are seeing the same problem.
>>>>
>>>> Thanks.
>>>>
>>>> Judah Levine
>>>> Time and Frequency Division
>>>> NIST Boulder
>>> Have you captured the IP addresses of the systems involved?  If so, have 
>>> you identified the ISP responsible for those addresses?  Complained to 
>>> the ISP?  Etc, etc?
>>> The half witted will always be with us. . . .
>> There is no way you can set up ntpd so that it will poll many times a
>> second, unless there is a severe bug in ntp. He is asking if perhaps such a
>> bug exists in the latest version of ntpd ( since the latest version just
>> came out a month ago, and latest devel version a week ago, this would be a
>> sensible worry).
>> Alternatively one of those modem manufacturers may have screwed up again,
>> or some ntp  like program has come out that has such a default.
>> I agree that asking the IP addressee what it is that they are running might
>> work, but probably not.
>>
> 
> It may take a while to get results but if the only alternative is to do 
> nothing and suffer. . . .  The ISPs have the power to cut these idiots 
> off at the knees!  Whether they are willing to do so is something you 
> have to ask them.  They also have the ability to reduce a network 
> address to a street address.  Again, you have to ask.  If you ask on 
> NIST letterhead, your chances of being taken seriously are much improved.
> 
> As I recall my contract with Comcast, they can simply cut me off in 
> response to just about any sort of abuse.  If nobody complains, I can 
> get away with practically anything!

If you have the most recent versions of ntp-dev installed, ntpd will
issue KOD packets and then stop responding for a while.

Danny



More information about the questions mailing list