NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38. Notes:
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
Updated: October 9th, 2007.
Due to troublesome issues stemming from the dynamic IP address of the server, I must take time.heypete.com out of public service effectively immediately.
Since the majority of systems querying the server use NTP, which only resolves the IP address of a server once when the server starts up (and whenever the ntp daemon is restarted), such systems stop syncing to the server whenever the IP address of the server changes. Since most NTP systems remain online for months at a time, this could result in remote systems annoying whatever system occupies the previously-used IP address of time.heypete.com until they restart and check DNS again. This is a Bad Thing(tm).
To prevent service interruption for time.heypete.com users, I've set time.heypete.com to point at pubts0-sj.witime.net
, an open-access stratum 2 in California run by Wireless Time as a public service. This server is hosted in the same facility as Wireless Time's NIST server, and so provides excellent time. (Many thanks to Wireless Time for providing such a service to the public.)
This is only a temporary measure, and you should remove time.heypete.com from your ntp.conf file and replace it with a suitable public server. I reserve the right to remove the time.heypete.com DNS name at any time in the future. I'll probably leave it as it presently is for several months before removing it to make sure that nobody's time service is interrupted. Again, please remove time.heypete.com from your ntp.conf file and replace it with another suitable public server.
This site's Inactive Server's listing is borked at the moment, so I've left this entry in the Stratum Two list for the time being but have marked the server as Closed Access. My hope is that people currently querying the server will see the notice and remove time.heypete.com from their configuration files. Once the Inactive Servers listing becomes un-borked, I'll move the listing from the Stratum Two list to there.
In the future, I look forward to providing public time service, but currently my network arrangements do not permit me to do so in a manner that is satisfactory to the internet community.