NTP, possible solutions, and best implementation

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Fri Oct 3 09:10:04 UTC 2003


>So what you are suggesting basically is to add an application layer 
sanity
>checker and DoS preventer, am I right ?

More or less, yes. The main thing is to have something in front of the 
clocks that can be used to block or mitigate network abuse activities like 
DoS. And if this front-end is a UNIX box then it is easy to take a simple 
proxy such as udprelay and extend it to do some application layer 
checking.

--Michael Dillon






More information about the NANOG mailing list