[ntp:hackers] Dlink is abusing almost *ALL* stratum 1 servers :-(

David Malone dwmalone at maths.tcd.ie
Mon Apr 10 08:57:01 UTC 2006


> I guess we also need to add a recommendation not to run an HTTP server
> on any publicly announced NTP server.

The pool.ntp.org pages currently recommend running a web server,
but I guess they have a relatively good reason for it. We also see
quite a number of people trying to use services like time and
daytime. I guess all these are occupational hazzards when you provide
a public NTP service.

(Actually, I once tried to get a server added to ie.pool.ntp.org,
but at the time I couldn't join that without also joining the global
pool.ntp.org. Does anyone know if this has changed?)

> I'm not even sure why you would
> use HTTP for this anyway. Corporate networks should be running an NTP
> server inside the firewall that clients can use. If they don't then the
> clients should probably not be running unauthorized software. For
> personal use they can open up the firewall to NTP packets just like HTTP.

Indeed - the reasoning was that lots of people were stuck behind
HTTP-only proxies and these users were actually requesting such
a feature. I've put a link to an unpassword protected version of
the ;login: article at:

	http://www.maths.tcd.ie/~dwmalone/time/

if anyone couldn't get it from the Usenix site.

	David.


More information about the hackers mailing list