It's legal to have broken NTP server in ANY country, and it's legal in most (by number) countries to send counter-attack (except USA as usual, where lawyers want to get their money and so do not allow people to self-defence). So, it can be a GOOD prtactice in reality. But, of course, not in USA. ----- Original Message ----- From: "John Dupuy" <jdupuy-list@socket.net> To: <nanog@nanog.org> Sent: Tuesday, April 11, 2006 9:00 AM Subject: Re: Open Letter to D-Link about their NTP vandalism
To keep this operational: Operationally the network operator should contact a lawyer before doing something like this.
Purposely and knowingly sending bad data in order to do harm is a counter-attack. As such it might be vigilantism, which is illegal in most countries. Or it might be self-defense, which is not illegal. Might. Contact a lawyer.
John
At 07:36 PM 4/10/2006, Simon Lyall wrote:
On Mon, 10 Apr 2006 Valdis.Kletnieks@vt.edu wrote:
One particular piece of crapware of the tucows archive variety would
retry
once per second if it hadn't heard a response - but a ICMP Port Unreachable would trigger an *immediate* query, so it would basically re-query at whatever the RTT for the path was.
I've said in other forums the only solution for this sort of software is to return the wrong time (by several months). The owner might actually notice then and fix the problem.
Just not returning anything means the time still works on the querying device (especially if it uses multiple servers) and the problem will not be noticed and it will continue.
-- Simon J. Lyall | Very Busy | Web: http://www.darkmere.gen.nz/ "To stay awake all night adds a day to your life" - Stilgar | eMT.