On 29/01/2016 06:27, Hal Murray wrote:
It's probably worth adding some words to the sign-up page requiring
volunteers to promise not to do things like that and some more words on the
how-to-use page mentioning this problem.
I'm not sure that you can impose a promise on someone. You probably
could say what constitutes unacceptable behavior and note that doing
these activities will result in expulsion from the pool. Definitely add
some comments to the how-to-use page that says that if you are trying to
conceal your IP address, then don't use the pool, or any other external
service.
Having said that, I certainly want to be able to perform many actions
with regard to the data that is sent to me. If I choose to block abusive
people, that should be allowed. If I decide to do a reverse DNS lookup
on every IP address, that should be allowed (note that if the traffic
goes through a firewall, then some network management software will do
this anyway). If I decide to issue a 'readvar' command to each NTP
server that contacts me, then that seems reasonable. If I want to record
all the IP addresses that contact me, and publish them on a web page,
then that seems reasonable (though somewhat crazy). Note that the
observation of the traffic may be done by a firewall, IPS, IDS, etc and
need not be the NTP server itself.
I think that exposing multiple IP addresses onto the same NTP server is
probably 'cheating', though I'll bet that there are other multi-homed
NTP servers out there.
I think that the NTP pool is a classic case of "When something online is
free, you're not the customer, you're the product."
http://blogs.harvard.edu/futureoftheinternet/2012/03/21/meme-patrol-when-something-online-is-free-youre-not-the-customer-youre-the-product/
Philip
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
