[time] What to do about abuse

Rob Janssen rob
Tue Feb 27 21:11:12 UTC 2007


Jeffrey Goldberg wrote:
> On Feb 27, 2007, at 4:16 AM, Rob Janssen wrote:
>
>   
>> The big problem is that there is no way to get in contact with the  
>> responsible person, so you will just have to live with the situation.
>>     
>
> I actually got a very prompt response from tera-byte.com telling me.
>
>
>   
> So at least in one case contacted the abuse email from the whois  
> records for a net has shown that some good can come of sending off a  
> note.
>   

The above is only meant as a general statement.  There is nothing in the 
NTP protocol
that communicates a contact address in case something is wrong.  In the 
past I was
hit by a university lab full of computers querying me at a rate of 
several requests per
second and I send several mails to different addresses found in whois, 
found on a
website of the same domain as the reverse of the address, etc and they 
were all
ignored.  I had to send a complaint to their upstream provider to get it 
resolved.
I guess you were lucky.

When I got bombarded by a Dutch cable connection I already knew enough about
the responsiveness of the typical Dutch cable provider to not even 
attempt contacting
them.  Fortunately that particular attack stopped when I just blocked 
the address.

In general, there is not much we can do.
It is my opinion that the pool system itself is making things worse because
of the primitive DNS system used, but even in that area there is little 
we can do,
other than hoping that it will be improved.

Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://fortytwo.ch/mailman/pipermail/timekeepers/attachments/20070227/20da8eca/attachment.html 



More information about the pool mailing list