On Mon, 30 Mar 2020 at 12:08, Harlan Stenn <st...@nwtime.org> wrote: > Are y'all seriously recommending that NTP always sends a max-sized > packet as a client request so the client/server can send back an > identical response?
I'm seriously recommending that, when the server cannot verify authenticity of packet, force attenuation by protocol design. See MinimaLT white paper, https://cr.yp.to/tcpip/minimalt-20131031.pdf ----- Given this, MinimaLT is designed to minimize amplification attacks, in which a request is smaller than its reply (to a spoofed source address). ---- -- ++ytti
