[ntpwg] KISS codes
David L. Mills
mills at udel.edu
Tue Jul 10 23:07:05 UTC 2007
Brad,
As reported in the paper last cited, it's really hard to overload a
server. What's more likely, at least at USNO some time back, is overload
the network. The NIST and USNO are serving 3000 requests per second and
are far from redline. It would be easy to stomp on all packets as a
function of load, the real trick is to separate the few elephants from
the many mice. There are techniques, especially probabilistic packet
marking, that can do this. However, this would be more effective in the
context of a distributed attack and would be most effective in an
upstream gateway.
Dave
Brad Knowles wrote:
> On 7/10/07, <anthony.flavin at bt.com> wrote:
>
>> That doesn't work.
>>
>> For a busy server the client list is being updated all the time, so the
>> list is not static. So how do you identify which clients are misbehaving?
>
>
> Well, for the model we're talking about where the server is totally
> overloaded, by definition all clients are misbehaving from the
> perspective of the server. So, just send a KoD to all of them, and
> you keep sending KoDs to every single new client from which you
> receive a query packet.
>
> Where the server is not totally overloaded, you do whatever selection
> process you'd do today.
>
>
> I don't see where the problem is.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ntp.org/pipermail/ntpwg/attachments/20070710/6f4223a8/attachment-0001.html
More information about the ntpwg
mailing list