[ntp:questions] Thoughts on KOD

Magnus Danielson magnus at rubidium.dyndns.org
Sun Jul 6 01:06:16 UTC 2014


Harlan,

On 07/06/2014 02:18 AM, Harlan Stenn wrote:
> Magnus,
>
> Yes, we know that if we decide to track finely-grained behavior we'll
> need to watch how {IP,port} responds when getting {no,KOD} responses.

Just want to gently remind you.

> We might just want a syslog entry for KOD, because it's clear that there
> can come a time when we don't want to rely on the remote side doing
> anything.
>
> Unless there is a better solution.  I like the syslog idea because we
> can tag it and let other mechanisms decide what to do with that raw
> information.

For that purpose it may be good to allow for a separate log for sent KOD 
messages, besides properly log to syslog. A script or program can then 
monitor it for updates and insert rules, without having to filter the 
syslog.

Cheers,
Magnus


More information about the questions mailing list