Fabian Wenk wrote:
Please keep in mind that with the nature of UDP also spoofed NTP requests are used to hurt a third party (the source IP address you see) through your (or any other Pool) NTP server.
Maybe that is true today, but when I did my investigations and left the IPv4 pool it wasn't an issue. The abusers were all users of inferior software, probably a large share of them did not even realize they were doing anything wrong.
I am using kod and limited options equally for any source IP address requesting NTP from my server.
Please forget about KOD! it is utterly useless. It was not part of the original NTP standard and was added later. I know of no single NTP client except newer versions of ntpd that actually handle it. All those crappy implementations, and of course also the reflection attackers, will simply ignore it or even trigger bugs that cause MORE problems, like an immediate retry of the request because the response is considered invalid. Don't send KOD. It is not useful, it only causes trouble. Rob _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
