[ntp:questions] better rate limiting against amplification attacks?

Greg Troxel gdt at ir.bbn.com
Fri Dec 27 20:11:25 UTC 2013


Harlan Stenn <stenn at ntp.org> writes:

> Garrett Wollman writes:
>> Unfortunately, I had to completely block NTP crossing our border
>> (except for six authorized servers) as there are far too many NTP
>> servers on our network with a default configuration that I have no
>> direct administrative control over.  It would be better if ntpd
>> defaulted to a non-exploitable configuration.
>
> I'll do what I can on this.  It will require cooperation and
> collaboration with various OS folks.

To first order, the default OS and package policy is to respect the
upstream package defaults, unless they are clearly broken.  So ntpd
should, when started up with no or a minimal config file, do the right
thing.  Distributing a config file with complicated things in it that
does the right thing, but having the bare binary do the wrong thing, is
not a good approach in practice, even though it's theoretically
equivalent in some sense.  (I'm not claiming this has been done - just
sugggesting that an ntp.conf that says "peer server1\npeer server2"
cause ntpd to behave reasonably.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.ntp.org/pipermail/questions/attachments/20131227/23e73eab/attachment.sig>


More information about the questions mailing list