nanog mailing list archives

Re: OpenNTPProject.org

From: Pete Ashdown <pashdown () xmission com>
Date: Mon, 17 Feb 2014 00:23:43 -0700

On 2/16/14, 7:38 PM, Brian Rak wrote:

Seriously, just fix your configuration.  The part of NTP being abused
is completely unrelated to actually synchronizing time.  It's a
management query, that has no real reason to be enabled remotely. You
don't even need to resort to iptables for this, because NTPD has built
in rate limiting (which isn't enabled for management queries, but
those are trivial to disable).

Thanks for the tip, monitoring is off.  I was under the impression that
rate-limiting hadn't made it into a stable version of ntpd yet.  Is that
incorrect?

Current thread:

Re: OpenNTPProject.org, (continued)
- - - Re: OpenNTPProject.org Christopher Morrow (Feb 16)
    - Re: OpenNTPProject.org Lyndon Nerenberg (Feb 16)
    - Re: OpenNTPProject.org Mark Tinka (Feb 16)
    - Re: OpenNTPProject.org Christopher Morrow (Feb 16)
    - Re: OpenNTPProject.org Yucong Sun (Feb 17)
    - JunOS NTP - Re: OpenNTPProject.org Jared Mauch (Feb 18)
    - Re: JunOS NTP - Re: OpenNTPProject.org John Kristoff (Feb 18)
    - Re: JunOS NTP - Re: OpenNTPProject.org Mark Tinka (Feb 18)
    - Re: OpenNTPProject.org Mark Tinka (Feb 16)
    - Re: OpenNTPProject.org Harlan Stenn (Feb 17)
  - Re: OpenNTPProject.org Pete Ashdown (Feb 16)
    - Re: OpenNTPProject.org Brian Rak (Feb 17)