Does your D-link product need to be on ??

You may be aware from the BBC article

http://news.bbc.co.uk/1/hi/technology/4906138.stm .

or elsewhere that there is a serious flaw on many D-link products which
get the time from the Internet using time servers. Whilst many time
servers are open for anyone to use, D-link products are using those
which are not.

The time servers being abused are owned by individuals, the military,
the US Government, some academic institutions and commercial companies.

One owner of a Dutch time server at least is incurring very large costs
due to this and even more costs in paying a consultant to find the problem.

http://people.freebsd.org/~phk/dlink/

To my knowledge no owners have asked for users to switch off their
D-link products, but given they are abusing the time servers, it would
be sensible to keep them switched off when not absolutely necessary.


--
Dave K MCSE.

MCSE = Minefield Consultant and Solitaire Expert.

Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.

Its not a dutch but a danish server.
"Dave (from the UK)" <see-my-(E-Mail Removed)>
skrev i en meddelelse news:444119fc@212.67.96.135...
> You may be aware from the BBC article
>
> http://news.bbc.co.uk/1/hi/technology/4906138.stm .
>
> or elsewhere that there is a serious flaw on many D-link products which
> get the time from the Internet using time servers. Whilst many time
> servers are open for anyone to use, D-link products are using those which
> are not.
>
> The time servers being abused are owned by individuals, the military, the
> US Government, some academic institutions and commercial companies.
>
> One owner of a Dutch time server at least is incurring very large costs
> due to this and even more costs in paying a consultant to find the
> problem.
>
> http://people.freebsd.org/~phk/dlink/
>
> To my knowledge no owners have asked for users to switch off their D-link
> products, but given they are abusing the time servers, it would be
> sensible to keep them switched off when not absolutely necessary.
>
>
> --
> Dave K MCSE.
>
> MCSE = Minefield Consultant and Solitaire Expert.
>
> Please note my email address changes periodically to avoid spam.
> It is always of the form: month-year@domain. Hitting reply will work
> for a couple of months only. Later set it manually.
>
>

Jakob Salomonsson wrote:

> Its not a dutch but a danish server.

Sorry. You are right of course - I don't know what I was thinking of there.

But it now appears there are forty odd servers throughout the world

http://people.freebsd.org/~phk/dlink/letter2.html

where this abuse is happening. So people with D-link products might
well be using several of these without permission.


--
Dave K MCSE.

MCSE = Minefield Consultant and Solitaire Expert.

Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.

Its stupid done of D-Link
"Dave (from the UK)" <see-my-(E-Mail Removed)>
skrev i en meddelelse news:444133e3@212.67.96.135...
> Jakob Salomonsson wrote:
>
>> Its not a dutch but a danish server.
>
> Sorry. You are right of course - I don't know what I was thinking of
> there.
>
> But it now appears there are forty odd servers throughout the world
>
> http://people.freebsd.org/~phk/dlink/letter2.html
>
> where this abuse is happening. So people with D-link products might well
> be using several of these without permission.
>
>
> --
> Dave K MCSE.
>
> MCSE = Minefield Consultant and Solitaire Expert.
>
> Please note my email address changes periodically to avoid spam.
> It is always of the form: month-year@domain. Hitting reply will work
> for a couple of months only. Later set it manually.

"Dave (from the UK)" <see-my-(E-Mail Removed)> wrote:

> You may be aware from the BBC article
>
> http://news.bbc.co.uk/1/hi/technology/4906138.stm .
>
> or elsewhere that there is a serious flaw on many D-link products which
> get the time from the Internet using time servers. Whilst many time
> servers are open for anyone to use, D-link products are using those
> which are not.
>
> The time servers being abused are owned by individuals, the military,
> the US Government, some academic institutions and commercial companies.
>
> One owner of a Dutch time server at least is incurring very large costs
> due to this and even more costs in paying a consultant to find the problem.
>
> http://people.freebsd.org/~phk/dlink/
>
> To my knowledge no owners have asked for users to switch off their
> D-link products, but given they are abusing the time servers, it would
> be sensible to keep them switched off when not absolutely necessary.
>

Better yet, how about making the time server the thing uses configurable so that users can simply set them to use a public server... or even provide a list of acceptable servers to use.

Turn it off? You MUST be joking! My operation is active 24/7/365 Turning it off costs money and the board of directors tends to frown on things that cost money without producing a larger profit. Turning off a D-Link product is one example of such.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <444119fc@212.67.96.135>,
Dave (from the UK) <Apr-(E-Mail Removed)> wrote:
>To my knowledge no owners have asked for users to switch off their
>D-link products, but given they are abusing the time servers, it would
>be sensible to keep them switched off when not absolutely necessary.

It would be even more sensible to change router settings to use an alternate
address (like us.pool.ntp.org) instead. Instead of your router pinging
addresses it shouldn't when it's on, it'll never ping those addresses at
all. There's an option in there (in the DI-604, at least) to specify an NTP
server to use. Fill it with something from *.pool.ntp.org and you're all
set.

_/_
/ v \ Scott Alfter (remove the obvious to send mail)
(IIGS( http://alfter.us/ Top-posting!
\_^_/ rm -rf /bin/laden >What's the most annoying thing on Usenet?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEQVoZVgTKos01OwkRAnxmAKDPm4UsgAkgGg6JOS8ADo vd8CxyiACfQbPo
wp9xSamK+rbVDeNjxDUDjTo=
=SQgD
-----END PGP SIGNATURE-----

On 15 Apr 2006 20:25:46 GMT, (E-Mail Removed) (Scott
Alfter) wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>In article <444119fc@212.67.96.135>,
>Dave (from the UK) <Apr-(E-Mail Removed)> wrote:
>>To my knowledge no owners have asked for users to switch off their
>>D-link products, but given they are abusing the time servers, it would
>>be sensible to keep them switched off when not absolutely necessary.
>
>It would be even more sensible to change router settings to use an alternate
>address (like us.pool.ntp.org) instead. Instead of your router pinging
>addresses it shouldn't when it's on, it'll never ping those addresses at
>all. There's an option in there (in the DI-604, at least) to specify an NTP
>server to use. Fill it with something from *.pool.ntp.org and you're all
>set.
>
> _/_
> / v \ Scott Alfter (remove the obvious to send mail)
>(IIGS( http://alfter.us/ Top-posting!
> \_^_/ rm -rf /bin/laden >What's the most annoying thing on Usenet?
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.2.2 (GNU/Linux)
>
>iD8DBQFEQVoZVgTKos01OwkRAnxmAKDPm4UsgAkgGg6JOS8AD ovd8CxyiACfQbPo
>wp9xSamK+rbVDeNjxDUDjTo=
>=SQgD
>-----END PGP SIGNATURE-----

My old DI-804U doesn't seem to have such an option. But it surely
pre-dates 2005 (that's when the problem started, as the BBC article
states).

NNN

Scott Alfter wrote:

> It would be even more sensible to change router settings to use an alternate
> address (like us.pool.ntp.org) instead. Instead of your router pinging
> addresses it shouldn't when it's on, it'll never ping those addresses at
> all. There's an option in there (in the DI-604, at least) to specify an NTP
> server to use. Fill it with something from *.pool.ntp.org and you're all
> set.

True, but for many models the time servers can't be changed - the
DWL-700AP I own is one such model. But the time servers it uses are OK
to use.
--
Dave K MCSE.

MCSE = Minefield Consultant and Solitaire Expert.

Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.

(E-Mail Removed) wrote:
>
> My old DI-804U doesn't seem to have such an option. But it surely
> pre-dates 2005 (that's when the problem started, as the BBC article
> states).
>
> NNN

That BBC article is not well written, so I would not tend to put much
weight on what it says.

Although the issue with the Danish time server started in 2005, there
are many other time servers which are being accessed by D-link products
which have restricted access.

I have no idea if the names or IP addresses of any of those time servers
were coded into older models - I suggest you ask D-link about the
particular model(s) you have. You can get to their support page at:

http://support.dlink.com/


--
Dave K MCSE.

MCSE = Minefield Consultant and Solitaire Expert.

Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.

On Sat, 15 Apr 2006 17:06:19 +0100, "Dave (from the UK)"
<see-my-(E-Mail Removed)> wrote:

>You may be aware from the BBC article
>
>http://news.bbc.co.uk/1/hi/technology/4906138.stm .

Hmmm, usual Bimbo Broadcasting "Science & Technology" reporting job. Where
do they get those people?

>or elsewhere that there is a serious flaw on many D-link products which
>get the time from the Internet using time servers. Whilst many time
>servers are open for anyone to use, D-link products are using those
>which are not.

Uhh.... where are those "many time servers"?

>The time servers being abused are owned by individuals, the military,
>the US Government, some academic institutions and commercial companies.
>
>One owner of a Dutch time server at least is incurring very large costs
>due to this and even more costs in paying a consultant to find the problem.
>
>http://people.freebsd.org/~phk/dlink/
>
>To my knowledge no owners have asked for users to switch off their
>D-link products, but given they are abusing the time servers, it would
>be sensible to keep them switched off when not absolutely necessary.

This is not a question of "switch off". In fact, if the gateway/routers
work well this would aggravate the "problem" because every switch-on would
cause a look-up. Besides, people with ADSL or cable access want/need a
permanent connection anyway.

Why don't you check the NTP server which your Internet Gateway/router is
using for NTP look-up? Mine -- not a D-Link -- is set from the factory to
look up clock.isc.org and is so documented in the mfr's docs. In fact I've
tried to find a Stratum-2 NTP server but none of those which were
"documented" worked. The problem here is that the NTP "community" has
their heads up their a... err, in the sand with their "open access - please
notify by e-mail" and "use name only" comments and their docs are either
obsolete or impossible to follow. Do'h this is not a lot of help.

In the office I have our DC set to use time.nist.gov because I couldn't
find anything else which worked - my ISP has a NTP.<ISPName> which maps to
an IP address but the time look-up fails there. I suppose there's
time.windows.com but I had trouble getting a response there - hardly
surprising because that's what every (U.S.) Windows XP system is set to
use.... and do we all want to depend on Bill Gates for our clock-time
now?;-)

I wonder how the conclusion was reached that *only* D-Link was at fault
here? AFAIK D-Link is one of the few vendors which actually makes such
equipment - it might be that their OEMs don't reprogram the NTP-Server
field/algorithm in the configuration. It could also be that D-Link owners
spend a lot of time re-booting their gateway/routers.:-) If the Danish guy
is getting a lot of hits, who do you think is responsible for programming
his NTP Server address into D-Link routers?

Calling this "vandalism" and "abuse" is nuts IMO. If you set up a Time
Server, it's gonna take a LOT of hits simply because Stratum-2 is a mess of
obsolete, non-functioning addresses. I have to ask what gateway/router
vendors are supposed to program into their devices for "default" NTP
look-up, given that most end-users are not expert enough to be fiddling
with the configuration settings. Ideally, the ISP who supplies them to
end-users would have a functioning NTP Server and then program that address
in before delivery but that does not happen... apparently.

--
Rgds, George Macdonald