Apparently 2 out of 3 of our GPS clocks were being used in a spoof/DDOS attack.
The basic premise is that time requests are sent to the service with a spoofed IP for the response. Add in 100/1000/10000 clocks send results to a server/service that did not request them results in a denial of service attack.
Both clocks have been removed from the pool, scheduled for February 6th. Hickory.kulish.com has port 123 UDP closed at this time. The maintainer of Dickory.kulish.com has been notified.
Use Chris’ PPS kernel (until I have time or am compelled to compile my own).
Compile ntp 4.2.6p5 as follows (from aquarat):
But first: apt-get install libcap-dev
./configure --enable-ATOM --enable-NMEA --enable-linuxcaps; make; make install
Disable TTY on /dev/AMA0 in /boot/cmdline.txt
dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait
Set baud rate in /boot/config.txt
Disable GPU sdram pause
# Disable GPU sdram mem pause
Comment out getty in /etc/inittab:
#Spawn a getty on Raspberry Pi serial line
#T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100
Add pps-gpio to /etc/modules
The gps.kulish.com FQDN will be re-directed to our backup stratum 2 server during a short maintenance window from 1700 – 2000 CDT US.
ntp pool clients should see no interruption in services. However, this means that kulish.com will be providing a stratum 2 time source while the gps is offline. **
Stratum 1 services are expected to resume at, or before, 2000 CST.
During maintenance we will be making final adjustments to the GPS system before going “live”.
** A second stratum 1 server will be coming online Q2 2008 to avoid the stratum bump in the future.