Ray Hunter (test) wrote:
I'm also convinced the NTP pool is not the first, nor will it be the last, service to be abused for facilitating nefarious scanning. Perhaps quoting an official IETF Best Current Practice RFC in the terms of use could cover you/ justify removing these servers from the pool/ taking other actions? https://tools.ietf.org/pdf/rfc7258.pdf Pervasive Monitoring is Considered an Attack.
I see no reason to define justification to remove servers. Just make clear that registering a server in the pool does not mean that the pool is obliged to advertise it in its DNS service. Then you can just omit any server from the DNS for whatever reason is applicable at that time. Now it is this reverse scanning, tomorrow there may be another reason. The pool server can simply apply a number of algorithms to include/exclude a specific server in the pool, or adjust its "priority". Now that is only based on linespeed and probed accuracy of the time, tomorrow it may include other metrics. Rob _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
