Hi, > I just ran a tcpdump looking for NTP packets going to 128.173.14.71. In 90 > minutes, I got hits from 330 unique IP addresses, including some that were > chatty enough to indicate there were dozens of hosts behind a NAT.
ah yes. the joy of the usual 2 scenarios 1) your IP got used in some random equipment config/firmware 2) your IP got used in some documentation rather than using one the official IPv4 documentation address space the last scenario is the IP address was used in some long ago post or blog that google helps unearth whenever anyone asks for NTP. we had the same for DNS.....learnt that lesson :/ >without bothering to sanity check if a clock is still usable.... THAT is the scary part.....they're not even checking its working.... (at least their kit wont crash and burn at the leap second if it hasnt got working NTP ;-) !) alan
