Re: [chrony-users] NTS dropped packets

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-users] NTS dropped packets
From: Hal Murray <hmurray@xxxxxxxxxxxxxxx>
Date: Tue, 01 Dec 2020 00:44:10 -0800
Cc: hmurray@xxxxxxxxxxxxxxx

> Some major network operators are blocking or rate limiting NTP packets as a
> mitigation against the ntpd mode-6 amplification attacks. In some networks it
> specifically applies to longer NTP packets.

What makes this case interesting is that the length test seems backwards.  
Long packets work.  After the first 3 requests get dropped, the 4th request 
has 3 extra dummy cookies in the packet.  That seems to make it big enough to 
get through.
 

-- 
These are my opinions.  I hate spam.




-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Follow-Ups:
- Re: [chrony-users] NTS dropped packets
  - From: Miroslav Lichvar

References:
- Re: [chrony-users] NTS dropped packets
  - From: Miroslav Lichvar

Messages sorted by: [ date | thread ]
Prev by Date: Re: [chrony-users] NTS dropped packets
Next by Date: Re: [chrony-users] NTS dropped packets
Previous by thread: Re: [chrony-users] NTS dropped packets
Next by thread: Re: [chrony-users] NTS dropped packets

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/