I've noticed this ntpd error messages in my log (Fedora Core 3): Nov 17 01:28:14 hostname ntpd[3762]: sendto(213.84.172.33): Invalid argument
>From this post I learned the errors came from a limitation of the current implementation of ntpd: http://groups.google.com/group/comp.protocols.time.ntp/browse_frm/thread/2f9e1f9195346fe9?page=end&q=ntpd+sendto+invalid&hl=en&; and indeed around Nov 17 that time I restarted my network interface (ppp0). But my question is: in these error messages I always saw these 3 IPs being reported: 61.206.115.3 213.84.172.33 213.238.47.29 and a lookup scared me: 3.115.206.61.in-addr.arpa domain name pointer 61.206.115.3.user.ad.il24.net. 33.172.84.213.in-addr.arpa domain name pointer vdben.xs4all.nl. 29.47.238.213.in-addr.arpa is an alias for 29.tallence.47.238.213.in-addr.arpa. 29.tallence.47.238.213.in-addr.arpa domain name pointer lokschuppen.zs64.net. None of these look like time servers, and some of them even host weird websites. I looked at my /etc directory and couldn't find these IP mentioned anywhere. Am I hacked? And how is it related to ntpd? Thanks a LOT in advance! _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
