> Another quirk. I just blundered into a variation on raw mode breaking mru
ntpq> debug 2 debug level is 2 ntpq> mru Ctrl-C will stop MRU retrieval and display partial results. sendrequest: opcode=12, associd=0, qdata= 2019-10-08T19:35:20.8144388Z Fragment collection begins 2019-10-08T19:35:20.814789Z Fragment collection ends. 32 bytes in 1 fragments Command `mrulist' is unknown ntpq> debug 1 works ---------- An addition to the message describing mrulist that started this thread. Things like mrulist that return lots of data can be used for DDoS attacks. (DNS has similar problems.) The older version, monlist, was used for at least one major DDoS attack. The mrulist handshake avoids that by requiring a cookie. There is an extra pair of packets at the start of the mrulist operations to get that cookie. The cookie proves that the request came from the target system rather than the return address in a forged request. That cookie has a lifetime. I don't know how/when it gets refreshed. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
