nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: UDP/123 policers & status

From: Ragnar Sundblad <ragge () kth se>
Date: Sun, 29 Mar 2020 00:09:37 +0100


On 28 Mar 2020, at 23:58, Harlan Stenn <stenn () nwtime org> wrote:


Steven Sommars said:

The secure time transfer of NTS was designed to avoid

   amplification attacks.


Uh, no.


Yes, it was.

As Steven said, “The secure time transfer of NTS was designed to
avoid amplification attacks”. I would even say - to make it
impossible to use for amplification attacks.


If you understand what's going on from the perspective of both the
client and the server and think about the various cases, I think you'll
see what I mean.


Hopefully, no-one exposes mode 6 or mode 7 on the internet anymore
at least not unauthenticated, and at least not the commands that are
not safe from amplification attacks. Those just can not be allowed
to be used anonymously.


NTS is a task-specific hammer.


Yes.

Ragnar
Previous By Date Next
Previous By Thread Next

Current thread: