>> It's probably worth adding some words to the sign-up page requiring >> volunteers to promise not to do things like that and [...] > I'm not sure that you can impose a promise on someone.
No, but the pool admins can require such a promise before accepting someone into the pool (and I don't think it'd be unreasonable of them). > Having said that, I certainly want to be able to perform many actions > with regard to the data that is sent to me. [...block traffic, rDNS > lookup...] Yes (though note that doing an rDNS lookup _for each packet_ may well get you blocked as a DNS abuser by some people). > If I decide to issue a 'readvar' command to each NTP server that > contacts me, then that seems reasonable. Maybe - a few seconds of searching doesn't find me any indication of what readvar may be - but it's, at the very least, getting a bit dodgy. > Note that the observation of the traffic may be done by a firewall, > IPS, IDS, etc and need not be the NTP server itself. Which piece of your network it is that reacts in a particular way is not relevant outside your network's borders. > I think that exposing multiple IP addresses onto the same NTP server > is probably 'cheating', In what sense? > though I'll bet that there are other multi-homed NTP servers out > there. Mine are, for example; at a minimum, each one has both a current (v6) address and a legacy (v4) address. At various times I've had other "multiple world-visible addresses on the same box" setups for various services, including NTP; how is this "cheating"? > I think that the NTP pool is a classic case of "When something online > is free, you're not the customer, you're the product." I disagree. That's much more true when the "free" thing is being provided by a company, especially a for-profit company. It is much less true of things provided by volunteer projects and individuals - for example, it is completely untrue of the nearly-a-megabyte of stuff I have available for anonymous FTP; people fetching things are in no sense "the product". (They're not customers either, really, but that's a separate issue.) That so much of the net has gone in that direction is one of the things I see very wrong with today's net. And, to bring it back to the list topic, I would certainly hope that the NTP pool is not selling anything that would make this in any way true of it - and that pool members that try to do anything of the sort are tossed out on their ears. Not that that's where we started. The abuse that led to this thread is even further beyond the pale. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
