UDP/123 policers & status

• Previous message (by thread): UDP/123 policers & status
• Next message (by thread): UDP/123 policers & status
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On 28 Mar 2020, at 23:58, Harlan Stenn <stenn at nwtime.org> wrote:
> 
>> Steven Sommars said:
>>> The secure time transfer of NTS was designed to avoid
>>    amplification attacks.
> 
> Uh, no.

Yes, it was.

As Steven said, “The secure time transfer of NTS was designed to
avoid amplification attacks”. I would even say - to make it
impossible to use for amplification attacks.

> If you understand what's going on from the perspective of both the
> client and the server and think about the various cases, I think you'll
> see what I mean.

Hopefully, no-one exposes mode 6 or mode 7 on the internet anymore
at least not unauthenticated, and at least not the commands that are
not safe from amplification attacks. Those just can not be allowed
to be used anonymously.

> NTS is a task-specific hammer.

Yes.

Ragnar

• Previous message (by thread): UDP/123 policers & status
• Next message (by thread): UDP/123 policers & status
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]