[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Recent NTP pool traffic increase

Yo All!

On Sat, 17 Dec 2016 17:54:55 -0800
"Gary E. Miller" <gem at rellim.com> wrote:

> # tcpdump -nvvi eth0 port 123 |grep "Originator - Transmit Timestamp:"
> And I do indeed get odd results.  Some on my local network...

To follow up on my own post, so this can be promply laid to rest.

After some discussion at NTPsec.  It seems that chronyd takes a lot
of 'creative license' with RFC 5905 (NTPv4).  But it is not malicious,
just 'odd', and not new.

So, nothing see here, back to the hunt for the real cause of the new
NTP traffic.

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20161217/958ea73b/attachment.pgp>