D-link makes crappy network equipment and you should stay away from it if your IP connectivity is important to you. D-link also hire idiots to code their firmware, idiots that hardcode all the stratum 1 NTP servers in their firmware.
Therefore a lot of D-link equipment is sold misconfigured to ask stratum 1 servers for time by default, collectively sending about 2000 packets per second to all stratum 1 servers in their little list of targets. It can only be characterized as a DDoS of critical internet infrastructure.
Poul-Henning Kamp is the owner and operator
of the stratum 1 NTP server
incompetence has cost Poul-Henning pretty serious money, and the only
contact he's had with D-link is a lawyer who's alternating between threats
and trying to bribe him.
Since D-link now seems to be both incompetents and actively evil Poul-Henning decided to go public with it:
- Open Letter to D-Link about their NTP vandalism — by PHK himself.
- Open Letter to the NTP community about D-Link's NTP vandalism — again from PHK.
- When Firmware Attacks! (DDoS by D-Link) — technical details from Richard Clayton.
- D-Link Firmware Abuses Open NTP Servers — the Slashdot story.
- Peachkey and Delinq — a fairytale version meant for Slashdot users.
This is the tragedy of the commons all over again, and I fear D-link is too stupid to treat it as a technical problem. Instead they will let their propaganda department (aka. public relations) and legal department handle it, leaving their equipment still misconfigured by default, DDoS-ing stratum 1 NTP servers on their dirty little list.
Author M. G. Liebach
LastMod 2016-05-01 (9fc4632)