Quoting Sean Reifschneider who wrote on Tue 2012-08-07 at 15:45: > On 08/07/2012 01:03 PM, Ask Bjørn Hansen wrote: > > I don't think that IP address has ever been > > part of the NTP Pool, it is however listed on > > http://support.ntp.org/bin/view/Servers/NtpOneTummyCom (which is > > unrelated to the NTP Pool). > > It definitely was listed back before 2005... We were in the pool for > several years, but over the period of a week or two we had two rather irate > people call our emergency support line, demanding that we fix the system > that was attacking their network. On port 123/udp. In response to packets > from their network. :-( So I removed us from the pool.
I had two of those (via e-mail) kindly sending in the 'evidence' in the
form of logfiles from their "firewall". Explaining the service and that
it only responded to requests did not help because that was not what the
"firewall" was saying, so I decided to add a firewall drop rule for the
source IPs 83.162.1.106, 86.83.253.130 and 12.34.195.206.
According to pflog, they still try from time to time so either they
fixed their "firewall" or they are slowly going through the pool, one
complaint at a time.
Koos
--
Koos van den Hout, PGP keyid DSS/1024 0xF0D7C263 via keyservers
[email protected]
Weather maps from free sources at
http://idefix.net/ http://weather.idefix.net/
signature.asc
Description: Digital signature
_______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
