[time-nuts] D-Links NTP server vandalism
rlutwak at comcast.net
rlutwak at comcast.net
Tue Apr 11 15:03:29 UTC 2006
NIST is trying to distribute their NTP service around the country. If you give them space, power, and internet access, they'll provide the hardware and monitoring. I don't know how they do the time validation in that scenario, it probably varies from site to site (maybe ACTs?).
-RL
----------------
Robert Lutwak, Senior Scientist
Symmetricom - Technology Realization Center
34 Tozer Rd.
Beverly, MA 01915
RLutwak at Symmetricom.com (Business)
Lutwak at Alum.MIT.edu (Personal)
(978) 232-1461 (Desk)
(339) 927-7896 (Mobile)
(978) 927-4099 (FAX)
-------------- Original message --------------
From: "Dr. David Kirkby" <david.kirkby at onetel.net>
> Poul-Henning Kamp wrote:
> > In message <443B988C.6000407 at onetel.net>, "Dr. David Kirkby" writes:
> >
> >>Poul-Henning Kamp wrote:
> >
> >
> >
> >>I can't obviously see gps.dix.dk in there:
> >>
> >>sparrow /downloads % grep -i "gps\.dix\.dk" dwl700AP_firmware_202.dlf
> >
> >
> > That is because in this case the firmware file is a compressed file
> > with a small uncompression program in front.
> >
> > Try this:
> >
> > dd if=dwl700AP_firmware_202.dlf bs=489 iseek=40 | gunzip | strings
> >
>
> Yes, that finds them as you say.
>
> Looks like it uses a UNIX-like operating system (embedded linux?) too, with
> names like /dev/uart0 and /dev/flash0
>
> /dev/uart0
> uart0
> adm2
> adm2
> /dev/flash0
> Error: Create node /dev/flash0 failed!
> 131.107.1.10
> 129.6.15.29
> 209.0.72.7
> 207.126.103.202
> 128.138.140.44
> 192.43.244.18
>
> > It seems to contain these hardcoded IP numbers:
> >
> > 131.107.1.10 (time-nw.nist.gov.)
>
> That is interesting:
> http://ntp.isc.org/bin/view/Servers/TimeNwNistGov
>
> ServerLocation: Microsoft Corporation, Redmond, Washington
> ServerContact: Judah Levine (jlevine at boulder.nist.gov) (303) 492-7785
>
> It seems a bit odd, with a time-server located at M$, with the admin contact at
> NIST.
>
> > 129.6.15.29 (time-b.nist.gov.)
> > 209.0.72.7 (Somewhere in Level3)
> > 207.126.103.202 (Somewhere (unused ?) in AboveNet)
> > 128.138.140.44 (india.colorado.edu.)
> > 192.43.244.18 (time.nist.gov.)
>
> All those have:
>
> AccessPolicy: OpenAccess
> AccessDetails: Open access for up to 20 queries per hour (one-day average) from
> any one address, others by arrangement
>
> so no problems with them, unless the server admins change their policy.
>
> > Poul-Henning
> >
>
> You might consider sending a few people letters asking them to cease using your
> time server. They could then take them to a retailer and ask them to be fixed
> and if no joy to a credit card company if they were purchased on a credit card.
>
> Dlink would surly act if retailers were forced to give refunds or swap them for
> units that are not affected.
>
> dave
>
>
> _______________________________________________
> time-nuts mailing list
> time-nuts at febo.com
> https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
More information about the Time-nuts_lists.febo.com
mailing list