Hello
I'm running tcpdump on a separate server watching traffic on an installed-to-hd puppy (Precise Puppy version 5.6).
When this puppy starts up there is a flood of ntp requests to strange and dubious sounding sites.
Does anyone have any what is going on?
thanks
What is all this ntp traffic at startup? (Solved)
What is all this ntp traffic at startup? (Solved)
Last edited by ccaaee on Wed 02 Sep 2015, 17:26, edited 1 time in total.
- Moose On The Loose
- Posts: 965
- Joined: Thu 24 Feb 2011, 14:54
Re: ntp at startup
Perhaps psync is messed up.ccaaee wrote:Hello
I'm running tcpdump on a separate server watching traffic on an installed-to-hd puppy (Precise Puppy version 5.6).
When this puppy starts up there is a flood of ntp requests to strange and dubious sounding sites.
Does anyone have any what is going on?
thanks
The version that came with 528 could be messed up by one of its configuration files being wrong. Try setting up psync again and see if it stops happening
- Moose On The Loose
- Posts: 965
- Joined: Thu 24 Feb 2011, 14:54
I have a vague memory of something in the past. It was more a matter of a denial of service attack than anything. There was a way to get NTP servers to send huge amounts of data to a victim.ccaaee wrote:To make a long story short psync ends up by calling :
ntpdate europe.pool.ntp.org
Now, I don't know how europe.pool.ntp.org is controlled but by running ntpdate europe.pool.ntp.org I see some of the funniest names (eg. mafia.org). Is anyone aware of security risks associated with ntp?