Paging anyone from ntpd.org

• Previous message (by thread): Paging anyone from ntpd.org
• Next message (by thread): Paging anyone from ntpd.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/31/19 1:32 AM, Harlan Stenn wrote:
> On 12/30/2019 8:32 PM, Seth Mattinen wrote:
>> On 12/30/19 8:22 PM, Seth Mattinen wrote:
>>> Is anyone from ntpd.org on here? You're pointing DNS at me for some
>>> reason. That zone (ntpd.org) isn't in our system. Your NS looks odd
>>> too, *.darkness-reigns.net and .nl? Is that legit? I don't know what
>>> it was before because I've never looked, but that seems off.
>>>
>>>
>>
>> nevermind, I'm tired and confused ntpd.org with ntp.org. Just going to
>> wildcard *.ntpd.org to 127.0.0.1 and go back to sleep.
> 
> I did think about replying, saying "Just to be clear, this isn't about
> ntp.org."
> 


What I did learn though there are a lot of people configuring their NTP 
with servers that are identical to the legitimate *.ntp.org names, 
except they're mistyping ntpd instead of ntp. Enough to generate >2Gbps 
worth of query traffic (pointed at a DNS server with a 1gbps interface).

I have to admit I'm kind of curious how many unique clients that would 
be if I answered back with a working IP address instead of localhost.

• Previous message (by thread): Paging anyone from ntpd.org
• Next message (by thread): Paging anyone from ntpd.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]