"Richard B. Gilbert" <rgilber...@comcast.net> writes: >Unruh wrote: >> "Richard B. Gilbert" <rgilber...@comcast.net> writes: >> >>> Unruh wrote: >>>> "Richard B. Gilbert" <rgilber...@comcast.net> writes: >>>> >>>>> jlevine wrote: >>>>>> In the last few days I have seen an increasing number of systems that >>>>>> are requesting the time in NTP format several times per second. This >>>>>> poll interval is far in excess of the usual best practices. Since >>>>>> there are a number of such systems, it is possible that this problem >>>>>> is a result of a new version of NTP that has just been released. >>>>>> Please let me know if you have any information about a new version of >>>>>> NTP that can do this or if any of you are seeing the same problem. >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Judah Levine >>>>>> Time and Frequency Division >>>>>> NIST Boulder >>>>> Have you captured the IP addresses of the systems involved? If so, have >>>>> you identified the ISP responsible for those addresses? Complained to >>>>> the ISP? Etc, etc? >>>>> The half witted will always be with us. . . . >>>> There is no way you can set up ntpd so that it will poll many times a >>>> second, unless there is a severe bug in ntp. He is asking if perhaps such a >>>> bug exists in the latest version of ntpd ( since the latest version just >>>> came out a month ago, and latest devel version a week ago, this would be a >>>> sensible worry). >>>> Alternatively one of those modem manufacturers may have screwed up again, >>>> or some ntp like program has come out that has such a default. >>>> I agree that asking the IP addressee what it is that they are running might >>>> work, but probably not. >>>> >> >>> It may take a while to get results but if the only alternative is to do >>> nothing and suffer. . . . The ISPs have the power to cut these idiots >>> off at the knees! Whether they are willing to do so is something you >>> have to ask them. They also have the ability to reduce a network >>> address to a street address. Again, you have to ask. If you ask on >>> NIST letterhead, your chances of being taken seriously are much improved. >> >> IF it is a bug in ntp, then the users are not idiots, unless using ntp >> makes you an idiot. If it is a bug in some other ntp software, then the >> users of that software are not idiots, unless use of that software per se >> makes you an idiot. If it is some modem manufacturer who has misapplied ntp >> on their modem/router, again the same applies. He is trying to find out if >> it is possible that such bugs exist, or than anyone else has seen them. >> >> >>> As I recall my contract with Comcast, they can simply cut me off in >>> response to just about any sort of abuse. If nobody complains, I can >>> get away with practically anything! >> >> >> Is a bug in the software "abuse"? >>
>Yes! It's customary to do some sort of minimal testing before >distributing your software to the masses. >Given the past history; e.g. U-Wisconsin, Tardis, PHK vs. D-Link and a >few other such incidents I'd say it's mandatory to do some pre-release >testing of hardware, firmware, and/or software. I'd say that it's also >mandatory to read, and comply with, the relevant RFCs. >I doubt very much that ntpd has such a bug/misfeature! The authors are >very much aware of the potential problems and have done an excellent job. >It seems clear that the internet community needs a methodology for >coping with such incidents. Each time, it seems that a posse comitatus >must be formed, the miscreants tracked down, and asked to fix their >hardware, firmware, or software. Sometimes, as in the U-Wisconsin >incident it's not possible to track down all instances of the defective >hardware/firmware/software.. Just what do you have in mind? It seems that what you describe is exactly a methodology for coping with such incidents. Or are you going to drive around with a gun and shoot the president of D-Link say? >With the ever increasing use of the internet, the problems are only >going to get worse! Yes. And with the increasing population of the earth "problems are only going to get worse" as well. _______________________________________________ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions