nanog mailing list archives
Re: Open Letter to D-Link about their NTP vandalism
From: Alain Hebert <ahebert () pubnix net>
Date: Fri, 07 Apr 2006 18:13:19 -0400
Hi, Should not be hard to fix... Its clearly a missuses of dix.dk services. Couple of thinks:Since its bgp and DIX customers surely have to provide a list of subnets to announce (filter and such), add those the the ntp server,
or use ipf/ipfw/iptables to filter in the dix customersand I would redirect the others traffic to a dummy clock with a messed up time... after a few complaints DLINK would wake up. (Dont try to pin any legal issues to this ... its DIX servers/bandwidth/ressources, DLink (and its customers) has no regard on what DIX does with its ressources)
-----Also there is a list of ntp servers in the device and I'm sure DLink never got the permission from most of them.
So try to contact the 100+ ntp services for a class action. ----DLink should use 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, and even better provide their own x.ntp.dlink.com.
Jeff Shultz wrote:
Rubens Kuhl Jr. wrote:GPS.dix.dk service is described as: DK Denmark GPS.dix.dk (192.38.7.240) Location: Lyngby, Denmark Geographic Coordinates: 55:47:03.36N, 12:03:21.48E Synchronization: NTP V4 GPS with OCXO timebase Service Area: Networks BGP-announced on the DIX Access Policy: open access to servers, please, no client use Contacts: Poul-Henning Kamp (phk () FreeBSD org) Note: timestamps better than +/-5 usec.I think he should use dns views to answer the queries to gps.dix.dk and either:( a ) answer 127.0.0.1 to all queries from outside his service area ( b ) answer a D-Link IP address to all queries from outside his service area (which could lead to getting their attention; dunno if from their engineers or from their lawyers).Neither of which would solve the problem of his bandwidth being used by these, although (b) might actually serve to get their attention.Perhaps as a thanks to him for the public service he provides the DIX, all of the users at DIX could set their external routers to reject incoming NTP packets from networks other than their own? Or even combine that with (b), although it might be more effective if it targeted, oh, www.dlink.com instead of an IP address.Then at least it would not be taking up internal DIX bandwidth capacity.By no means am I encouraging legally actionable activity, however, and as noted, (b) just might be.
--Alain Hebert ahebert () pubnix net PubNIX Inc. P.O. Box 175 Beaconsfield, Quebec H9W 5T7
tel 514-990-5911 http://www.pubnix.net fax 514-990-9443
Current thread:
- Open Letter to D-Link about their NTP vandalism Etaoin Shrdlu (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Rubens Kuhl Jr. (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Jeff Shultz (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Alain Hebert (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Rubens Kuhl Jr. (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Jeff Shultz (Apr 07)
- RE: Open Letter to D-Link about their NTP vandalism Mark Borchers (Apr 07)
- Which Cisco 7500 OS for high availability neal rauhauser (Apr 09)
- Re: Which Cisco 7500 OS for high availability Alain Hebert (Apr 10)
- Re: Open Letter to D-Link about their NTP vandalism Jeff Shultz (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Rubens Kuhl Jr. (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Steven M. Bellovin (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Richard A Steenbergen (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Mark Boolootian (Apr 07)
- Re: Open Letter to D-Link about their NTP vandalism Kevin Day (Apr 07)