[ntp:questions] Re: Can you test my server please.

Richard B. Gilbert rgilbert88 at comcast.net
Tue Nov 23 18:39:32 UTC 2004


Adrian 'Dagurashibanipal' von Bidder wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Clinging to sanity, Richard B. Gilbert mumbled in his beard:
>
>  
>
>>If people are abusing your server, try blocking them at the firewall
>>    
>>
>or 
>  
>
>>by using restrict statements.
>>    
>>
>
>The problem is that 
> - the servers often will continue to send 1 packet per second
> - the "admin" of the problematic system will never notice, because the
>clock will be adequate enough without external sync
>
>By returning a completely bogus time, we hope that the admins of the
>problematic systems will notice that something is wrong with their time
>server set up.
>
>greetings
>- -- vbi
>
>- -- 
>featured product: Debian GNU/Linux - http://debian.org
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>Comment: get my key from http://fortytwo.ch/gpg/92082481
>
>iKcEARECAGcFAkGjeNFgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
>aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjUmbWQ1c3VtPTVkZmY4NjhkMTE4NDMyNzYw
>NzFiMjVlYjcwMDZkYTNlAAoJEIukMYvlp/fWSo8An2tjzd3luCzOi+vBHscUxgxi
>YDmlAJ95dbTA5Jnt0Zxr3AMKZiYrCKUhEQ==
>=Qkik
>-----END PGP SIGNATURE-----
>  
>
And how is returning a completely bogus time better?  The admins will 
probably still not notice!  I don't think there is a standards compliant 
NTP or SNTP implementation that will accept a time six years in the 
past.  The clients will continue to poll the server and just ignore the 
replies. . . .




More information about the questions mailing list