Everybody’s connecting!

netgeareverybody.gif So, what’s the best way to execute a global denial of service attack against an unsuspecting university? Simple! Convince a megacorporation to start selling routers with hardcoded NTP servers set to the intended victim! And then, just for grins and giggles, make sure the end user isn’t allowed to change the setting! Sweet…screwups like this make me happy in pants.

Everybody’s connecting. Why yes…yes they are!

Update (08/22/2003): What’s the second best way to DOS a university? Slashdot their writeup on getting DOSed.

0 thoughts on “Everybody’s connecting!”

  1. Well, the router needs to connect to a valid NTP time server because it has no battery backup. Every time you unplug the router, it forgets what time it is. Since accurate time is extremely important for routers and firewalls, it tries to connect to an NTP time server that’s been synced up with the various atomic clocks around the country.

    One of the developers who was writing the code for the router more than likely went to WISC and already knew the IP address of WISC’s NTP time server. So, since he needed to choose an NTP server that was always available, he probably just used a public IP that he was already familiar with instead of going through the rules of engagement and actually acquiring permission to use a commercial service. Other valid addresses are time.nist.gov and time.apple.com.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.