NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
NTP Testing Lab
Background and Overview
NTP can benefit from operational testing in a controlled and studied environment.
This topic exists to provide a place to track the information regarding:
- What that lab could be used for
- Exactly how various testing would be performed
- TestingLabInfrastructure - the sort of equipment that lab should contain
- Anything else about the lab
What/How to test
A side-benefit of all testing is that it provides an excellent opportunity to compare the actual behavior with the documented behavior, correcting and augmenting the documentation as we go.
The various operational modes of NTP can be tested, using a variety of:
- different versions of NTP, running on
- different versions of
- different OSes, on
- different types of hardware
We can test under a variety of network behaviors (async delays, jitter, dropped packets).
Behavior and Quality of Refclocks
A variety of different refclocks can be tested and their behavior measured.
Internal behavior of NTP
We can measure the sources of delay, error, and jitter in NTP.