>> We just received an an explanation as to why some of the >> Roulette testbed nodes on the 128.32.130.0/25 were making >> requests to NTP servers outside Berkeley: >> >> "For some reason the ntpd on the embedded linux was working with a >> predefined host list and was ignoring /etc/ntp.conf unless it >> was explicitly included on the ntpd command line. They're now all >> configured to query only the ntpd on the local router."
>I suggested the following several times but nobody seems to pay attention. I am not on the timekeepers mailing list, so I will assume the suggestions were sent to that list and not all the email addresses specific to the thread concerning ntp abuse by the Roulette testbed nodes on the 128.32.130.0/25 >I suggest that your outgoing router catches all outgoing requests to >ntp and redirects them to itself. This way, you do not have to configure all >your >devices manually like you seem to have done. That's a reasonable suggestion. In mid-April 2007, the contacts for the 128.32.130.0/25 network updated their firewall rules to place restrictions on their outgoing traffic. mark kraitchman (for security @ EECS.Berkeley.EDU) _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
