[Info-vax] Warning: Your VMS system may be attacking other systems
David Froble
davef at tsoft-inc.com
Sun Feb 2 09:10:43 EST 2014
JF Mezei wrote:
> On 14-02-01 14:10, David Froble wrote:
>
>> However, on both a VAX and an Alpha, I'm seeing about 1 I/O per second
>> on the NTP_1 process. Anybody know what NTP is doing to generate I/Os
>> so often?
>
>
> They are bored, so it is the equivalent of twiddling their thumbs :-)
>
> Many ntp servers have parameters to set polling intervals. Can't
> remember if VMS has that.
>
> CISCO routers do not have such parameters, but they adjust the interval
> based on variations in latency/line conditions. Minimum is 64 seconds
> if I recall properly.
>
>
> BTW, unless you want to be a public NTS server, there is no reason to
> keep inboud 123 open. Your servers make outboud requests to
> authoritative servers but don't need to accept requests from outside
> your lan.
>
> This prevents your server from being told to generate the "monlist". But
> does not prevent your IP address from receiviung the result of a monlist
> issued to some foreign server with your forged IP address.
>
> Your system may dismiss those packets because they are addressed to a
> post that is not being listened to, but it still gnerates traffic.
>
That's not it. There is no way from outside to get into my network.
I'm not saying that I've set up good protection, I'm saying that Verizon
has things set up, probably to save on having assigned IP addresses,
that the IP address they assign to me is not accessable from the
outside. This actually is not good, for me.
It's as if NTP is doing constant (1 per second) polling of something ...
More information about the Info-vax
mailing list