RemiP
October 8, 2021, 5:26pm
1
Hello,
The following IP address (37.228.129.2) is sometime returned while sending a DNS query for the following subdomains :
0.amazon.pool.ntp.org
0.ubuntu.pool.ntp.org
0.pool.ntp.org
pool.ntp.org
2.ubuntu.pool.ntp.org
3.debian.pool.ntp.org
This is still applicable today.
That IP address appears to be a Tor Exit Node since 14 days
Additionnaly, the IP does not seems to respond to ntp requests (ntpq -crv timed out).
Could you verify if this entry is obsolete ?
Regards,
Hi RemiP and welcome!
It does respond from here at the moment. The mode 6 control command you issued (rv
, or readvar
) is not supposed to work for safety reasons.
Here’s the monitoring page:
https://www.ntppool.org/scores/37.228.129.2
2 Likes
RemiP
October 8, 2021, 5:57pm
3
Thanks for the quick reply.
Correct, it is restricted for mode 6, otherwise it is responding.
Is it a violation of your use policy to share a NTP service on the same host than a Tor exit node ?
I don’t think it is, but I am not an admin, so not 100% sure.
It has lead to some complaints and some discussion on this forum in the past though.