D-Link Firmware Abuses Open NTP Servers

DES writes "FreeBSD developer and NTP buff Poul-Henning Kamp runs a stratum-1 NTP server specifically for the benefit of networks directly connected to the Danish Internet Exchange (DIX). Some time last fall, however, D-Link started including his server in a hardcoded list in their router firmware. Poul-Henning now estimates that between 75% and 90% of NTP traffic at his server originates from D-Link gear. After five months of fruitless negotiation with a D-Link lawyer (who alternately tried to threaten and bribe him), he has written an open letter to D-Link, hoping the resulting publicity will force D-Link to acknowledge the issue. There are obvious parallels to a previous story, though Netgear behaved far more responsibly at the time than D-Link seem to be."

Easy fix

[mcgroarty]

If he can detect that the majority of connections are from D-Link products, then he can detect which connections are from D-Link products. The easy solution? Whenever a D-Link product connects, report a very very wrong time. :)

Re:Easy fix

[Ilex]

Thus making all D-link hardware wonky.

From my experience with DLink I doubt many people would notice any difference.

Re:Easy fix

hard to implement on Cisco

Then pehaps he should find a better router vendor. I hear this company called dlink sells routers, perhaps the'd be better.

What's the issue?

We're American. He's Danish. Problem sorted.

If he squeals again we hit him with a B 52. That's the American Way. Always sorts out any problems in the films.

Re:Fishy

[Mr.+Vandemar]

And just when I thought reading comprehension on Slashdot couldn't get any worse...

Osama Bin Laden

[Skapare]

D-Link must be run by Osama Bin Laden. That's why no one can be reached (hiding in the mountains of the Afghanistan and Pakistan border). Obviously, this attack has something to do with that cartoon thing.

Re:Blacklist time

[IDontAgreeWithYou]

I've done the calculations. In five years the geek community will have to manufacture everything they use themselves from raw materials that they dug up themselves, because every manufacturer will blacklisted for some petty reason or another.

Re:Time to link

Because MS has better lawyers?

Re:D-Link Business Development

[tengwar]

Dammit, I refuse to visit any town where there's a reseller of D-Link products.

Nuke them from orbit. It's the only way to be sure!

Re:D-Link Business Development

Could you also mention that they still owe me $15 for a rebate. Thanks.

Re:D-Link Business Development

[Todd+Knarr]

I sent the following:

Date: Fri, 7 Apr 2006 10:09:27 -0700 (PDT)
From: Todd Knarr <xxxx@xxxxxx.xxx>
To: sale@dlink.com, customerservice@dlink.com
Subject: DLink router use of Danish NTP server

This is in reference to the open letter to DLink from Danish sysadmin Poul-Henning Kamp (http://people.freebsd.org/~phk/dlink/). Abuse of an NTP server in express violation of the service agreement in the Stratum-1 server list is, in my opinion, inexcusable. Willful refusal to correct the abuse when requested is, if anything worse. Hard-coding the server name into the firmware, so that changes are difficult or infeasible, as opposed to DLink maintaining their own DNS records so that changes are simple, is also inexcusable in any technically-competent organization.

I have been comtemplating purchase of a DLink DI-784 router/AP, a DWL-7100AP access point and a DWL-AG660 CardBus adapter. If DLink doesn't correct their error as Mr. Kamp asks, I will be taking my purchases to NetGear instead. They, at least, have demonstrated a willingness to fix their mistakes when asked. I will also be recommending to my friends that they avoid DLink products in the future.

One customer, voting with his dollars.

We'll see what kind of response I get.