[ntp:questions] Very rapid polling
unruh-spam at physics.ubc.ca
Wed Feb 11 23:52:17 UTC 2009
"Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>>> Unruh wrote:
>>>> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>>>>> jlevine wrote:
>>>>>> In the last few days I have seen an increasing number of systems that
>>>>>> are requesting the time in NTP format several times per second. This
>>>>>> poll interval is far in excess of the usual best practices. Since
>>>>>> there are a number of such systems, it is possible that this problem
>>>>>> is a result of a new version of NTP that has just been released.
>>>>>> Please let me know if you have any information about a new version of
>>>>>> NTP that can do this or if any of you are seeing the same problem.
>>>>>> Judah Levine
>>>>>> Time and Frequency Division
>>>>>> NIST Boulder
>>>>> Have you captured the IP addresses of the systems involved? If so, have
>>>>> you identified the ISP responsible for those addresses? Complained to
>>>>> the ISP? Etc, etc?
>>>>> The half witted will always be with us. . . .
>>>> There is no way you can set up ntpd so that it will poll many times a
>>>> second, unless there is a severe bug in ntp. He is asking if perhaps such a
>>>> bug exists in the latest version of ntpd ( since the latest version just
>>>> came out a month ago, and latest devel version a week ago, this would be a
>>>> sensible worry).
>>>> Alternatively one of those modem manufacturers may have screwed up again,
>>>> or some ntp like program has come out that has such a default.
>>>> I agree that asking the IP addressee what it is that they are running might
>>>> work, but probably not.
>>> It may take a while to get results but if the only alternative is to do
>>> nothing and suffer. . . . The ISPs have the power to cut these idiots
>>> off at the knees! Whether they are willing to do so is something you
>>> have to ask them. They also have the ability to reduce a network
>>> address to a street address. Again, you have to ask. If you ask on
>>> NIST letterhead, your chances of being taken seriously are much improved.
>> IF it is a bug in ntp, then the users are not idiots, unless using ntp
>> makes you an idiot. If it is a bug in some other ntp software, then the
>> users of that software are not idiots, unless use of that software per se
>> makes you an idiot. If it is some modem manufacturer who has misapplied ntp
>> on their modem/router, again the same applies. He is trying to find out if
>> it is possible that such bugs exist, or than anyone else has seen them.
>>> As I recall my contract with Comcast, they can simply cut me off in
>>> response to just about any sort of abuse. If nobody complains, I can
>>> get away with practically anything!
>> Is a bug in the software "abuse"?
>Yes! It's customary to do some sort of minimal testing before
>distributing your software to the masses.
>Given the past history; e.g. U-Wisconsin, Tardis, PHK vs. D-Link and a
>few other such incidents I'd say it's mandatory to do some pre-release
>testing of hardware, firmware, and/or software. I'd say that it's also
>mandatory to read, and comply with, the relevant RFCs.
>I doubt very much that ntpd has such a bug/misfeature! The authors are
>very much aware of the potential problems and have done an excellent job.
>It seems clear that the internet community needs a methodology for
>coping with such incidents. Each time, it seems that a posse comitatus
>must be formed, the miscreants tracked down, and asked to fix their
>hardware, firmware, or software. Sometimes, as in the U-Wisconsin
>incident it's not possible to track down all instances of the defective
Just what do you have in mind?
It seems that what you describe is exactly a methodology for coping with
such incidents. Or are you going to drive around with a gun and shoot the
president of D-Link say?
>With the ever increasing use of the internet, the problems are only
>going to get worse!
Yes. And with the increasing population of the earth "problems are only
going to get worse" as well.
More information about the questions