[ntp:questions] better rate limiting against amplification attacks?

Rob nomail at example.com
Wed Jan 15 21:43:26 UTC 2014

Steve Kostecke <kostecke at ntp.org> wrote:
> On 2014-01-15, Rob <nomail at example.com> wrote:
>> William Unruh <unruh at invalid.ca> wrote:
>>> I do not mean the default in the config file, I mean the default if
>>> there is no config file or if nothing is set in the config file.
>> That only becomes meaningful when ntpd starts to actually work without
>> config file.  Of course that would be possible, but I don't think it
>> is reality today.  Or is it, in the latest versions?
> Both the current Production (i.e. stable) and the Development versions
> of ntpd require a configuration file. Some may view this as a bug.
> Others may view this as a feature.

I think it would be a win when a config file is not required for a
standard leaf node that only syncs to NTP and does not provide NTP
service to others.  This means that many user who don't care at all
do not become attackers of innocent DDOS victims.

>>> I agree that distros could well put in something to undo that and that
>>> they often do really stupid things (mainly because they do not
>>> understand things).
>> This problem would probably not exist when a good default config file
>> was shipped by the maintainers.  Distro people don't have time on their
>> hands ...
> The same could be said about the NTP Reference Implementation
> Developers; they're busy, too.

The difference is that while there is only one developers team, there
are many distributors that each have to do the same job.  So overall
it is more efficient to distribute an example config.  And it improves
quality as well.

More information about the questions mailing list