D-Link Firmware Abuses Open NTP Servers

Posted by ryuzaki0 on Friday April 7, 2006 @02:36AM from the frustration-in-a-box dept.

DES writes "FreeBSD developer and NTP buff Poul-Henning Kamp runs a stratum-1 NTP server specifically for the benefit of networks directly connected to the Danish Internet Exchange (DIX). Some time last fall, however, D-Link started including his server in a hardcoded list in their router firmware. Poul-Henning now estimates that between 75% and 90% of NTP traffic at his server originates from D-Link gear. After five months of fruitless negotiation with a D-Link lawyer (who alternately tried to threaten and bribe him), he has written an open letter to D-Link, hoping the resulting publicity will force D-Link to acknowledge the issue. There are obvious parallels to a previous story, though Netgear behaved far more responsibly at the time than D-Link seem to be."

3 of 567 comments (clear)

Min score:

Reason:

Sort:

Fairly simple fix by fataugie · 2006-04-07 02:55 · Score: 1, Redundant

Is the IP address hard coded? Or the name? Change whichever is needed and propogate the changes to the partners you want to connect. Seems much easier than beating your head against a wall...don't you think?

--

WTF? Over?
What he should do.... by nother_nix_hacker · 2006-04-07 03:05 · Score: 0, Redundant

He should configure the servers to send back the wrong date (one in the future) to the d-link devices. This way customers would see problems and raise calls with d-link.
Re:Easy fix by bensch128 · 2006-04-07 03:26 · Score: 0, Redundant

Why not find out where the D-Link router is sold and blacklist those areas.

Or even better, just whitelist the places he's interested in serving (Denmark)

Geez, what a silly bunt,
Ben