NTP servers, like most techniques are open to abuse and misuse. NTP servers can be flooded with targeted traffic (a distributed denial of service – DDoS assault), the server’s access policy could be violated or the NTP rules of engagement drawn up to prevent misuse of time servers could be breached.

The abuse of NTP servers has acquired much consideration of late due largely to the case of D-website link and a Danish Stratum one NTP server run by Poul-Henning Kamp. Mr Kamp observed a huge rise in targeted traffic to his time server, which at the time was the only Danish stratum 1 server obtainable to the basic public.

He found out that up to 90 % of the traffic was coming from D-Link router products that had been latching on to his stratum 1 server for a time reference.

Normally only stratum 2 servers should connect to stratum 1 server and perhaps some servers wherever apps require a lot more precision than that of a normal pc network, which can acquire its time code by means of a multitude of resources.

In numerous nations, timekeeping companies are supplied by a authorities agency (these kinds of as NPL in the UK or NIST in the US). As there is no Danish equivalent, Kamp furnished his time service to the basic public in return his ISP agreed to provide a no cost connection the assumption that the bandwidth concerned would be comparatively very low. With the increased targeted traffic triggered by the D-Hyperlink routers, his ISP then requested Kamp shell out for the additional bandwidth.

D-Hyperlink is a Taiwanese primarily based organization that manufactures wireless and Ethernet items for the home and small office atmosphere. Whilst not a deliberate try at sabotage Kamp’s time server D-Hyperlink routers were configured to directly query around forty stratum 1 servers.

The disagreement lasted fro virtually 6 months wherever in 2006 D-Link and Kamp announced they had arrive to an agreement and D-Website link have reconfigured their new routers but tiny can be done about the current products out there.

A new defense has subsequently been extra to NTP which responds to an authorized request with a packet explicitly requesting the customer server stops requesting. This packet has been drastically named the Kiss-of-death – KOD.

Regrettably the new requirements of the NTP protocol do not operate retrospectively, and aged clientele and implementations do not identify KoD it and at the moment there are not any technical means to counteract the misuse of NTP servers.

ntp server