[ntp:questions] Very rapid polling

Augustine evandro at mailinator.com
Tue Feb 24 15:41:25 UTC 2009


On Feb 23, 9:07 am, jlevine <jlev... at boulder.nist.gov> wrote:
>
>    2. Sending any reply at all doubles the network traffic and makes
> an
> attack more effective. Therefore, all of the NIST servers log the
> event and
> the source ip but do not respond. I think it is not appropriate for a
> national
> timing laboratory to knowingly send the wrong time.

Fair enough, but you could return stratum 16 and ref. ID "STEP" or
"INIT".  This would not prevent a malicious DOS attack, but perhaps
would put off a silly NTP client.

HTH




More information about the questions mailing list