Re: [chrony-users] ntpq-like queries using chronyc

[andrei tudor corduneanu <x7uplime@xxxxxxxxx>]

the server I'm trying to communicate to is on a local net.

> No, they have different protocols for monitoring.

> Google doesn't seem to be running ntpd or chronyd. From some bugs that

> can be observed, it looks more like openntpd, which doesn't support

> remote monitoring.

> If it's a public ntpd server, it's unlikely to have monitoring access

> open to Internet. The protocol allows traffic amplification, which

> would be exploited in DDoS attacks.

hmm.. very interesting, thank you!

I've been asked questions about ntpq/chronyc compatibility and I found no discussions about this.

The explanation about different monitoring protocols implemented by chronyd/ntpd is really concise and self explanatory, do you think that adding a reference to the faq could give any value?

On Thu, Jun 9, 2022 at 3:51 PM Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:

On Thu, Jun 09, 2022 at 03:46:32PM +0100, andrei tudor corduneanu wrote:
> So it depends much on the implementation.. chronyd cannot communicate with
> ntpd-like servers.
> can ntpd communicate with chronyd servers?

No, they have different protocols for monitoring.

> The original result I found was referring to google, I'm trying to access
> an ntpd-like server, that does support monitoring.

If it's a public ntpd server, it's unlikely to have monitoring access
open to Internet. The protocol allows traffic amplification, which
would be exploited in DDoS attacks.

--
Miroslav Lichvar


--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.