[ Try #2, cut-n-paste/thinko on try #1 ] [EMAIL PROTECTED] (Hal Murray) writes: > The 50000 packet case is probably buggy software. That's the > "terrorist". It may be an innocent bug, but it's hard to tell > the result from what a terrorist would do.
The 5000 packets could also be a NAT box with 1000 hosts behind it (where each host sends the same 5 packets per volley as the other standalone machines.) It is a shame that ISP's don't usually even bother adding their NTP servers to the list of servers that dhcp knows about. (That is, when they even have public ntp servers at all.) (In case any ISP'S are listening, all they need to do is add this line to their dhcpd.conf file. (Assuming their domain name is example.com and their ntp server is called "ntp.example.com".) If they have multiple servers then a comma separated list will add all of them to the dhcp reply. option ntp-servers ntp.example.com; option time-servers ntp.example.com; (The second entry covers all bases by sucking all port 37 time requests to the machine too. It does assume one has configured inetd/xinetd to allow the kernels internal time daemon to answer the request.) -wolfgang -- Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
