[63308] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: NTP, possible solutions, and best implementation

daemon@ATHENA.MIT.EDU (Michael.Dillon@radianz.com)
Fri Oct 3 05:11:33 2003

To: nanog@merit.edu
From: Michael.Dillon@radianz.com
Date: Fri, 3 Oct 2003 10:10:04 +0100
Errors-To: owner-nanog-outgoing@merit.edu

>So what you are suggesting basically is to add an application layer 
sanity
>checker and DoS preventer, am I right ?

More or less, yes. The main thing is to have something in front of the 
clocks that can be used to block or mitigate network abuse activities like 
DoS. And if this front-end is a UNIX box then it is easy to take a simple 
proxy such as udprelay and extend it to do some application layer 
checking.

--Michael Dillon


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[63308] in North American Network Operators' Group

Re: NTP, possible solutions, and best implementation

daemon@ATHENA.MIT.EDU (Michael.Dillon@radianz.com)Fri Oct 3 05:11:33 2003

daemon@ATHENA.MIT.EDU (Michael.Dillon@radianz.com)
Fri Oct 3 05:11:33 2003