Hi everyone. First of all: calm down. A scan is not an attack and if you go through the roof every time someone scans your public facing IP you'll soon have a problem. Trusting on the huge pool of ipv6 addresses for some kind of "security" is naive at best. It's hoping for "security by obscurity" while giving out your address to every system you connect to.
I'm not saying, that what shodan is doing is OK. But that's just one player. Don't expect everyone on the internet to play fair! But now to the real answer: Am 29.01.2016 16:10 schrieb "Mouse" <[email protected]>: > > > > I think that exposing multiple IP addresses onto the same NTP server > > is probably 'cheating', > > In what sense? In the sense, that it gives your server more weight. If one client connects to 3 addresses and two of them is your server it will follow you even if you're a false-ticker. It undermines the whole "distributed/redundant" approach of NTP. > > > though I'll bet that there are other multi-homed NTP servers out > > there. > > Mine are, for example; at a minimum, each one has both a current (v6) > address and a legacy (v4) address. > > At various times I've had other "multiple world-visible addresses on > the same box" setups for various services, including NTP; how is this > "cheating"? > As mentioned above. It might lead to unintended effects outside the control of the people that trust our system. Best regards Marco _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
