[ntp:questions] better rate limiting against amplification attacks?
kostecke at ntp.org
Wed Jan 15 21:02:14 UTC 2014
On 2014-01-15, Rob <nomail at example.com> wrote:
> William Unruh <unruh at invalid.ca> wrote:
>> I do not mean the default in the config file, I mean the default if
>> there is no config file or if nothing is set in the config file.
> That only becomes meaningful when ntpd starts to actually work without
> config file. Of course that would be possible, but I don't think it
> is reality today. Or is it, in the latest versions?
Both the current Production (i.e. stable) and the Development versions
of ntpd require a configuration file. Some may view this as a bug.
Others may view this as a feature.
>> I agree that distros could well put in something to undo that and that
>> they often do really stupid things (mainly because they do not
>> understand things).
> This problem would probably not exist when a good default config file
> was shipped by the maintainers. Distro people don't have time on their
> hands ...
The same could be said about the NTP Reference Implementation
Developers; they're busy, too.
Anyone interested in reviewing the ./conf directory in the
distribution and contributing appropriate sample configuration files for
various ntpd use cases (e.g. server, leaf-node pool client, etc.) is
encouraged to do so.
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/
More information about the questions