Free Articles, Free Web Content, Reprint Articles
Monday, May 28, 2012
 
Free Articles, Free Web Content, Reprint ArticlesRegisterAll CategoriesTop AuthorsSubmit Article (Article Submission)ContactSubscribe Free Articles, Free Web Content, Reprint Articles
ADVERTISEMENTS
RELATED ARTICLES
How To Configure a Windows Based Network Time Server
GPS Time Servers For Network Time Synchronisation
Working of virtualized network
NTP Server Installation
Configuring a Windows Based NTP Network Time Server
Windows Server: Configuring as a NTP Network Time Server
How to Build Your Very Own NTP Server
Windows Time Server: Synchronising Your Network with NTP
HPC Systems, Inc. Announces First 8-Way Processor AMD Opteron™ Server
Network Time Synchronisation: The Importance of an Accurate Time Server
Configuring NTP on your Linux Server
Configuring Windows XP as a NTP Network Time Server
Server Disaster Recovery: Minimizing Your Recovery Time
The Value of Creating Server Backup
How to Run a Network Time Server in Windows XP
  RSS   Digg: The Misuse of Network Time Server Systems   Email: The Misuse of Network Time Server Systems  
 
Premium Author Dave Evans

The Misuse of Network Time Server Systems

Computers Articles | June 5, 2007

This article discusses some of the reported NTP time server abuse incidents and describes NTP configuration methods that can reduce such problems. Most incidents seem to have occurred due to manufacturer configuration issues rather than malicious intent.

Network Time Protocol (NTP) is a standard Internet protocol for the dissemination of time around a computer network. The protocol operates in a hierarchical manner, each level or stratum serving the next level in the hierarchy. At the top of the hierarchical structure is a stratum 1 NTP server that synchronises to an external time and frequency reference. Many stratum 1 NTP servers reside on the Internet and are used for synchronising network time clients.

Over the last few years, there have been a number of NTP server abuse and misuse reports. This article discusses some of the reported NTP time server abuse incidents and describes NTP configuration methods that can reduce such problems. Many reported incidents seem to be because of equipment manufacturer configuration errors rather than malice.

Many NTP server misuse issues have arisen from client configuration errors, particularly in consumer electronic equipment. Due to the volume of consumer electronic equipment manufactured and in-use, any configuration issues with equipment that access NTP time servers can greatly magnify problems. Typically, clients with configuration errors or firmware bugs that cause repeated access to a network time server can cause server loading problems when a large number of clients are involved.

A recent high-profile incident of consumer electronic equipment causing NTP server problems was with consumer router equipment. Home router devices were accessing stratum 1 Internet time servers and flooding them with requests for time. Many NTP time server administrators noticed a large increase in traffic and server loading. Many stratum 1 NTP servers have an access policy that forbids anything other than a stratum 2 server from requesting time. Home router equipment should not therefore directly access a stratum 1 time server.

In a separately reported network time server misuse case, an Internet based NTP server was being bombarded by ever-increasing volumes of traffic. It was initially thought that this was due to an attack on the server. However, the amount of traffic continued to rise over time rather than decrease. It was eventually found that home router equipment manufactured by a large manufacturer had hard coded the NTP servers IP address in the products firmware. Each router in operation was contacting the server at regular intervals in an attempt to synchronise time. The volume of devices in operation eventually overloaded the server.

The NTP protocol implements a rather general-purpose address mask restricted use policy. This allows only IP addresses within a specified range or that fit a specified address mask access to a NTP time server. Alternatively, clients can be excluded from access by explicitly including them in a restriction list. Rogue clients can therefore be excluded access to the NTP server by explicitly restricting access.

Usually, the server drops NTP requests that are denied access. However, occasionally a harsher response is required. The server can respond with a message explicitly requesting the client to cease sending. A 'kiss-o-death' packet has been created especially for this purpose. Kiss of death (kod) codes can provide an intelligent time client with useful synchronisation information. The packet contains character strings, that can be easily read in log files, that explain the denial of service. When a client receives a ‘kiss-o-death' packet, it should stop sending to a particular server and locate an alternative server, if available. If an altenative is unavailableFree Reprint Articles, the time client should only re-contact the time server after an exponentially increasing time.

Article Tags: Network Time Server, Consumer Electronic Equipment, Network Time, Time Server, Consumer Electronic, Electronic Equipment, Router Equipment, Home Router

Source: Free Articles from ArticlesFactory.com

ABOUT THE AUTHOR


D. Evans is a highly experienced technical author to the computer systems timing and telecommunications industry. Click here for more detailed information about NTP server solutions.
Health
Business
Finance
Travel
Home Repair
Technology
Computers
Family
Communication
Entertainment
Autos
Marketing
Self Help
Sports
Home Business
Education
ECommerce
Law
Other
Internet
Partners
California Bail Bonds Bounty Hunters
Immigration Attorney
Moving Relocation Services
Crystal Awards and Trophies
Handbags
Alpine Car Audio
Carpet Cleaning Los Angeles


Free Articles Home | Register | Submit an Article | Links | Contact | Archive | XML/RSS Feed
Terms of Service | Privacy Policy
Page loaded in 0.260 seconds