Warranty status - Dlink router & the time server problem.
Dave (from the UK)
servers' around the world - in much the same way your PC probably does to keep
the clock accurate.
One time server used by some Dlink products is a time server in Denmark for
which they don't have permission to use. It's access policy clearly states there
is a service area and that no clients may use it. But Dlink are shipping clients
all around the world which use this time server.
The owner of the time server is annoyed, as he is incurring large costs due to
the use of his time server. Full story at
http://people.freebsd.org/~phk/dlink/
Where you you stand in the UK if you had such a router and wanted it "repaired"
under warranty so it no longer gets its time from somewhere it should not?
Dlink could fix it quite easily, by releasing firmware updates that don't query
this time server, but it appears they have only corrected a few models and have
only offered minimal compensation to the owner of the time server.
I don't think my Dlink WiFi adapter has an ntp client in it, and in any case it
is out of warranty, but I'm just intersted on your thoughts.
--
Dave K MCSE.
MCSE = Minefield Consultant and Solitaire Expert.
Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.
Cynic
<see-my-s...@southminster-branch-line.org.uk> wrote:
>You may be aware that some routers made by Dlink get the time from 'time
>servers' around the world - in much the same way your PC probably does to keep
>the clock accurate.
>
>One time server used by some Dlink products is a time server in Denmark for
>which they don't have permission to use. It's access policy clearly states there
>is a service area and that no clients may use it. But Dlink are shipping clients
>all around the world which use this time server.
It is an interesting issue. I would say that anyone who allows
unrestricted access to a well-known port is implicitly inviting anyone
to use his server. OTOH if the number of queries from many thousands
of routers is creating a bandwidth overload, it could be regarded as a
DOS attack.
My opinion is that once the owner of the server has informed Dlink
that they do not want them to use their server, Dlink has an
obligation to do whatever is practical to cease their use. though
Dlink may not have an easy way to stop existing products in the field
from stopping the activity unless they have a way of automatically
updating the firmware.
If I was running the server and Dlink were deliberately
unaccomodating, I think I might get mischeivious and program the
server to return the wrong time & date to Dlink requests. Or, if my
intended users are defined and contactable, simply change its IP
address and URL.
--
Cynic
Mike
wrote:
>On Tue, 11 Apr 2006 04:05:02 +0100, "Dave (from the UK)"
><see-my-s...@southminster-branch-line.org.uk> wrote:
>
>>You may be aware that some routers made by Dlink get the time from 'time
>>servers' around the world - in much the same way your PC probably does to keep
>>the clock accurate.
>>
>>One time server used by some Dlink products is a time server in Denmark for
>>which they don't have permission to use. It's access policy clearly states there
>>is a service area and that no clients may use it. But Dlink are shipping clients
>>all around the world which use this time server.
>
>It is an interesting issue. I would say that anyone who allows
>unrestricted access to a well-known port is implicitly inviting anyone
>to use his server.
I disagree. It's well known (among people who implement NTP) that
client machines should never address stratum-1 time servers. Further,
the only place that D-link could have learnt of the address of this
time server contains a clear access policy that specifically prohibits
the sort of use that D-link is making of it.
>OTOH if the number of queries from many thousands
>of routers is creating a bandwidth overload, it could be regarded as a
>DOS attack.
Plus an implied demand that the individual who runs this server should
pay thousands of dollars in costs that result solely from D-link's
misuse.
>My opinion is that once the owner of the server has informed Dlink
>that they do not want them to use their server, Dlink has an
>obligation to do whatever is practical to cease their use. though
>Dlink may not have an easy way to stop existing products in the field
>from stopping the activity unless they have a way of automatically
>updating the firmware.
Which they don't. They could, however, pay the exceptionally high
costs that their incompetence has forced on an innocent infividual.
Instead, they refuse even to apologise and accuse their entirely
innocent victim of attempted "extortion".
>If I was running the server and Dlink were deliberately
>unaccomodating, I think I might get mischeivious and program the
>server to return the wrong time & date to Dlink requests.
That's not practical. NTP is a lightweight, fast protocol. Filtering
on source IP address implies passing the packet through a router's CPU
instead of switching in hardware and the overhead ruins the protocol.
In any case, no-one would notice. These D-link products want the time
only so that they can timestamp their internal logs. No-one ever
looks at those logs.
>Or, if my
>intended users are defined and contactable, simply change its IP
>address and URL.
There are 2,000 authorised users. That's possible but difficult (and
expensive) and not "simple", unfortunately.
Mike.
--
Entia non sunt multiplicanda praeter necessitatem
Cynic
>>Or, if my
>>intended users are defined and contactable, simply change its IP
>>address and URL.
>There are 2,000 authorised users. That's possible but difficult (and
>expensive) and not "simple", unfortunately.
Contacting 2000 users is difficult? Why?
--
Cynic
Mike
wrote:
I can't speak for the owner of this time server, obviously.
I'd hazard a guess that he doesn't have email addresses for all of
them, for a start, and it would be time consuming to identify those
source IP addresses that are authorised, translate those into email
addresses from the whois database, find that the whois contact for an
IP subnet inevitably isn't the person who administers the client
requesting NTP services, deal with all the resulting correspondence,
etc, etc.
Then, there's the wasted time (= cost) of all those 2000 users in
reconfiguring their machines. And after all that, a significant
quantity of unwanted traffic would still hit the ingress rourters for
years to come, even when the destination IP address no longer exists.
I suspect the technical details aren't of much interest to readers
here. The legal point is that a corporation that has inflicted an
estimated 60,000 dollars of cost on an individual through that
corporation's incompetence and negligence, should be made to meet the
cost. An apology would be nice, too.
Dave (from the UK)
> I suspect the technical details aren't of much interest to readers
> here. The legal point is that a corporation that has inflicted an
> estimated 60,000 dollars of cost on an individual through that
> corporation's incompetence and negligence, should be made to meet the
> cost. An apology would be nice, too.
>
> Mike.
>
But where would end users stand in England if they buy a unit which is doing this?
I've just checked my DWL-700AP's logs@
Tue Apr 11 2006 12:15:03 Wireless PC Connected Mac: 00-0e-7f-se-cr-et
Tue Apr 11 2006 12:15:23 Wireless PC Connected Mac: 00-0e-7f-se-cr-et
and see the time is correct, which probably means it is getting it from an ntp
server since:
1) I can't recall setting the time,
2) I can't find where to set the time.
3) I have certainly never bothered correcting for British Summer Time
4) I don't believe a cheap unit would keep this accurate without the use of an
ntp server.
But assumnig this unit is less than a year old and is accessing the Danish time
server, would PCWorld or whoever I bought it from have a legal obligation to fix
it for me?
My guess is that if Dlink have used the statum 1 time-server without permission,
they are probably using other stratum 1 time servers without permission too, so
I can imagine other complaints might follow.
Dr Zoidberg
> Mike wrote:
>
>> I suspect the technical details aren't of much interest to readers
>> here. The legal point is that a corporation that has inflicted an
>> estimated 60,000 dollars of cost on an individual through that
>> corporation's incompetence and negligence, should be made to meet the
>> cost. An apology would be nice, too.
>>
>> Mike.
>>
>
> But where would end users stand in England if they buy a unit which
> is doing this?
> I've just checked my DWL-700AP's logs@
>
> Tue Apr 11 2006 12:15:03 Wireless PC Connected Mac: 00-0e-7f-se-cr-et
> Tue Apr 11 2006 12:15:23 Wireless PC Connected Mac: 00-0e-7f-se-cr-et
>
> and see the time is correct, which probably means it is getting it
> from an ntp server since:
>
> 1) I can't recall setting the time,
>
> 2) I can't find where to set the time.
>
> 3) I have certainly never bothered correcting for British Summer Time
>
> 4) I don't believe a cheap unit would keep this accurate without the
> use of an ntp server.
>
> But assumnig this unit is less than a year old and is accessing the
> Danish time server, would PCWorld or whoever I bought it from have a
> legal obligation to fix it for me?
No , not at all as it is not faulty.
--
Alex
Piece by piece the penguins have taken my sanity
www.drzoidberg.co.uk www.ebayfaq.co.uk
Cynic
<see-my-s...@southminster-branch-line.org.uk> wrote:
>My guess is that if Dlink have used the statum 1 time-server without permission,
>they are probably using other stratum 1 time servers without permission too, so
>I can imagine other complaints might follow.
I wonder how often it sends a request? It should not be necessary to
send a request more than once per day in order to have sufficient
accuracy for the purpose of a log. Inaccuracies in the internal clock
can even be corrected by keeping a note of how fast or slow it is
running after the daily time update and applying it as a correction
factor.
--
Cynic
Dave (from the UK)
> On Tue, 11 Apr 2006 12:29:23 +0100, "Dave (from the UK)"
> <see-my-s...@southminster-branch-line.org.uk> wrote:
>
>
>>My guess is that if Dlink have used the statum 1 time-server without permission,
>>they are probably using other stratum 1 time servers without permission too, so
>>I can imagine other complaints might follow.
>
>
> I wonder how often it sends a request?
I don't know, but it would not be too hard to find out.
> It should not be necessary to
> send a request more than once per day in order to have sufficient
> accuracy for the purpose of a log. Inaccuracies in the internal clock
> can even be corrected by keeping a note of how fast or slow it is
> running after the daily time update and applying it as a correction
> factor.
>
The full ntp protocol does have a mechanism for determine the drift of the clock
and correcting for it, so the time is kept as accurate as possible. The
theoretical accuracy is something like 30 ps (1 ps = 0.000000000001 s) but in
practice it will not reach that. But in something like a wireless access point,
one would probably write the code to be simple, and therefore do the lookups
more regularly than absolutely necessary.
One of the things that gave away the dlink was the fact it was using a very old
version of the ntp protocol.
Dave (from the UK)
>>But assumnig this unit is less than a year old and is accessing the
>>Danish time server, would PCWorld or whoever I bought it from have a
>>legal obligation to fix it for me?
>
>
> No , not at all as it is not faulty.
But what happens if
1) The Danish time server owner (Poul-Henning Kamp) writes/emails me asking me
cease using his time server, for which I don't have permission.
2) I find there is no firmware update, so I go back to Dabs / PC World etc and
request the model is changed since I am making a nuisance of myself whenever it
is switched on.
Would that not be good enough reason for a refund, replacement or repair? If no
joy, I'd be tempted to contact my credit card company if I paid that way.
He just posted a message with the IP addresses used in my DLink model, which can
be obtained from the firmware file on a UNIX system with:
$ dd if=dwl700AP_firmware_202.dlf bs=489 iseek=40 | gunzip | strings
It seems to contain these hardcoded IP numbers:
131.107.1.10 (time-nw.nist.gov.)
129.6.15.29 (time-b.nist.gov.)
209.0.72.7 (Somewhere in Level3)
207.126.103.202 (Somewhere (unused ?) in AboveNet)
128.138.140.44 (india.colorado.edu.)
192.43.244.18 (time.nist.gov.)
So my unit will not attempt to connect to his time sever, but clearly others are.
The Electric Fan Club
"Dr Zoidberg" <AlexNOOOO!!!!!!!@drzoidberg.co.uk> wrote in message
news:4a1l1rF...@individual.net...
Well that is technically true, but the sellar has a duty to ensure a supply
of services and consumables for (IIRC) 10 years from the point of sale. If
the time server were to be cut off for any reason, then the OP would have a
claim against the seller[1]. However, he wouldn't get all his money back as
the fact that he has had some use would be taken into account.
You may recall that when the Iridium global satellite phone network went
belly up[2], the sellers of the phones were forced into buying them back.
[1] It comes under the heading of 'unfair trading'.
[2] First time around - I gather the service is operating again under a new
owner.
Sharky
http://support.dlink.com/faq/view.asp?prod_id=1228
Dave (from the UK)
> "Dr Zoidberg" <AlexNOOOO!!!!!!!@drzoidberg.co.uk> wrote in message
>>>But assumnig this unit is less than a year old and is accessing the
>>>Danish time server, would PCWorld or whoever I bought it from have a
>>>legal obligation to fix it for me?
>>
>>No , not at all as it is not faulty.
>>
>
>
> Well that is technically true, but the sellar has a duty to ensure a supply
> of services and consumables for (IIRC) 10 years from the point of sale. If
> the time server were to be cut off for any reason, then the OP would have a
> claim against the seller[1].
This is not likely to be an issue, as they have the IP addresses of several time
servers stored in them. So if the Danish time server was to cease transmitting
time signals, it would not stop the Dlink product working properly as it would
just query another time server. (My machine queries about 5 of them to get the
time. It does this for increased accuracy, but one is sufficient).
However, if you got threats of legal action if you did not cease accessing a
server for which you have no permission to do, then what? Poul-Henning Kamp has
not asked end-users to refrain from using their Dlink products unless they can
stop them accessing his server, but it would not seem an unreasonable request.
If he made that request, then what? Would PC world, Dabs or whoever not have any
obligations to allow you to use the product without leaving yourself open to
legal issues if you did not conform?
Mike
> Is it not the same as these models:
> http://support.dlink.com/faq/view.asp?prod_id=1228
No, that model allows the user to enter a time server address. Many
D-link models have a list of servers hard-coded into the firmware.
I'm astonished to see that, even now, the "Click here for a list of
time servers" link in that D-link Web page takes the punter to a list
of stratum 1 time servers. These bozos have no business recommending
to their customers that they use stratum 1 servers. None of the
servers in that list are intended to be used by end-user consumer
electronics.
Mike.
Dave (from the UK)
No
In the case of the model I have, there is no way I can set the NTP server it
uses. (If I could, I'd set it to my own server, as I run one myself for use on
my own network only - it is not public access).
On a UNIX system the IP addresses of the time servers of my Dlink product can be
found by decompressing the firmware file and inspecting its contents.
$ dd if=dwl700AP_firmware_202.dlf bs=489 iseek=40 | gunzip | strings
The following IP addresses are seen. The names in brackets are what a lookup of
them finds.
131.107.1.10 (time-nw.nist.gov.)
129.6.15.29 (time-b.nist.gov.)
209.0.72.7 (Somewhere in Level3)
207.126.103.202 (Somewhere (unused ?) in AboveNet)
128.138.140.44 (india.colorado.edu.)
192.43.244.18 (time.nist.gov.)
So in the case of the Dlink DWL 700-AP, which is what I own, the time servers
can't be set by me, but the list does not include the Danish one. I checked and
all those used for which I could find information are public access, with you
allowed to query up to 20 times per hour averaged over a 1 day period from a
single IP address.
I've got an Intertex ADSL modem/router/firewall and that can be set to anything
I want.
Sharky
> Sharky <sp...@hotmail.com> wrote:
>
>
>>Is it not the same as these models:
>>http://support.dlink.com/faq/view.asp?prod_id=1228
>
>
> No, that model allows the user to enter a time server address. Many
> D-link models have a list of servers hard-coded into the firmware.
Those models *have* a hard-coded list - and probably the same list as in
yours - however if you do enter a number in the box it uses your choice
rather than the list.
>
> I'm astonished to see that, even now, the "Click here for a list of
> time servers" link in that D-link Web page takes the punter to a list
> of stratum 1 time servers. These bozos have no business recommending
> to their customers that they use stratum 1 servers. None of the
> servers in that list are intended to be used by end-user consumer
> electronics.
>
Yes, that is very iffy.
However, perhaps the router only checks its time and date once in a long
while, which wouldn't be so bad.
> Mike.
Cynic
<see-my-s...@southminster-branch-line.org.uk> wrote:
>The full ntp protocol does have a mechanism for determine the drift of the clock
>and correcting for it, so the time is kept as accurate as possible. The
>theoretical accuracy is something like 30 ps (1 ps = 0.000000000001 s) but in
>practice it will not reach that. But in something like a wireless access point,
>one would probably write the code to be simple, and therefore do the lookups
>more regularly than absolutely necessary.
To ensure that the RTC on such a device is accurate to within a second
or so all the time is pretty easy. Simply get the time from the
server once per day, and each time compute how fast or slow the RTC
clock is before setting it to the correct time. Then apply a scaled
error offset to the value read from the RTC every time it is accessed.
The RTC is not likely to change its error much in a day.
--
Cynic
Dave (from the UK)
space is limited, so applying linear corrections is probably considered a waste
of space.
To use NTP to the best, you have to connect to multiple servers and get the time
from each. Then you can work out propagation delays more accurately. If many
servers indicate about the same time, but one or two show greater deviations,
those with the greatest deviations still contribute to the estimate of time, but
have less "weight" than those that agree more closely.
Years ago, I wrote a DOS utility that corrected the time each time a PC was
booted. It just applied a linear correction based on what I knew the approximate
drift was.
But if I was to write an embedded application now, I'd probably just consult one
server once or twice a day and not bother with any corrections.
Dave (from the UK)
> Sharky <sp...@hotmail.com> wrote:
>
>>Mike wrote:
>>
>>>Sharky <sp...@hotmail.com> wrote:
>>>
>>>
>>>
>>>>Is it not the same as these models:
>>>>http://support.dlink.com/faq/view.asp?prod_id=1228
>>>
>>>
>>>No, that model allows the user to enter a time server address. Many
>>>D-link models have a list of servers hard-coded into the firmware.
>>
>>Those models *have* a hard-coded list - and probably the same list as in
>>yours - however if you do enter a number in the box it uses your choice
>>rather than the list.
>
>
> owner to select a time server. Some of them do, some of them don't.
>
> Mike.
I think the most sensible way would be like a DNS server. The router has
hard-coded the IP address of a server that dlink own. That server gives out the
IP address of half a dozen time servers, then the clients go and consult those
time servers. That way, if access policies of a server change, dlink have to
update one web server.
However, I have not thought this thru in any detail and am no expert on it.
There are a few methods suggested at
http://www.lightbluetouchpaper.org/2006/04/07/when-firmware-attacks-ddos-by-d-link/
where the author clearly knows a lot more than me. But in any case, the
technical details are not so inversing on uk.legal. I'm quite technical, not
legal at all, but I was interested where the legal situation might be, which is
why I started the thread.
I would add, although it seems that some have hard-coded servers, I am not sure
if any like mine, where the address can't be changed, actually access the Danish
site.
As for Dlink suggesting the use of stratum 1 servers, one has to question the
logic of stratum 1 servers having an access policy that allows clients like this
to connect. Some clearly do. The extra traffic almost certainly causes some
degradation in the accuracy of the data from the servers.
Cynic
<see-my-s...@southminster-branch-line.org.uk> wrote:
>> To ensure that the RTC on such a device is accurate to within a second
>> or so all the time is pretty easy. Simply get the time from the
>> server once per day, and each time compute how fast or slow the RTC
>> clock is before setting it to the correct time. Then apply a scaled
>> error offset to the value read from the RTC every time it is accessed.
>> The RTC is not likely to change its error much in a day.
>True, but even easier is to not correct at all. On those sort of things memory
>space is limited, so applying linear corrections is probably considered a waste
>of space.
I write applications for embedded network processors as part of my
job. Applying such a correction would entail at most about 20 lines
in assembler code - so probably 50 bytes of program space and 3 or 4
bytes of RAM. Well below the noise threshold, and well worth it for
accuracy when you cannot connect to a time server.
>To use NTP to the best, you have to connect to multiple servers and get the time
>from each. Then you can work out propagation delays more accurately. If many
>servers indicate about the same time, but one or two show greater deviations,
>those with the greatest deviations still contribute to the estimate of time, but
>have less "weight" than those that agree more closely.
Only necessary if you want accuracy a lot better than one second -
which is completely unnecessary for most applications. All I do is
measure the time taken to get the reply and add half of that to the
time returned by the server. The round-trip delay is usually less
than half a second so it makes little difference in practical terms.
One of my products is a nifty little time server not much bigger than
a packet of cigarettes BTW. It uses a GPS engine to get the time from
satellites. You just need to find a place in a building that has
access to the LAN and a view of at least 30% of the sky through a
window or skylight. Accurate to about 10mS. Developed because other
products require the use of a timeserver and customers were
complaining that they didn't have a way of providing access to a
timeserver (not all businesses have Internet connectivity available
from their LAN).
--
Cynic
The Electric Fan Club
> The Electric Fan Club wrote:
>> "Dr Zoidberg" <AlexNOOOO!!!!!!!@drzoidberg.co.uk> wrote in message
>
>>>>But assumnig this unit is less than a year old and is accessing the
>>>>Danish time server, would PCWorld or whoever I bought it from have a
>>>>legal obligation to fix it for me?
>>>
>>>No , not at all as it is not faulty.
>>>
>>
>>
>> Well that is technically true, but the sellar has a duty to ensure a
>> supply of services and consumables for (IIRC) 10 years from the point of
>> sale. If the time server were to be cut off for any reason, then the OP
>> would have a claim against the seller[1].
>
> This is not likely to be an issue, as they have the IP addresses of
> several time servers stored in them. So if the Danish time server was to
> cease transmitting time signals, it would not stop the Dlink product
> working properly as it would just query another time server. (My machine
> queries about 5 of them to get the time. It does this for increased
> accuracy, but one is sufficient).
>
> However, if you got threats of legal action if you did not cease accessing
> a server for which you have no permission to do, then what? Poul-Henning
> Kamp has not asked end-users to refrain from using their Dlink products
> unless they can stop them accessing his server, but it would not seem an
> unreasonable request. If he made that request, then what? Would PC world,
> Dabs or whoever not have any obligations to allow you to use the product
> without leaving yourself open to legal issues if you did not conform?
>
Methinks this an inadequately explored legal backwater.
Mike Tomlinson
sign...@southminster-branch-line.org.uk> writes
>This is not likely to be an issue, as they have the IP addresses of several time
>servers stored in them. So if the Danish time server was to cease transmitting
>time signals, it would not stop the Dlink product working properly as it would
>just query another time server.
I don't understand why Dlink didn't simply use pool.ntp.org, which is a
round-robin list of publicly accessible stratum-2 servers, instead of
hard-coding a list of servers in its firmware.
--
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
Dave (from the UK)
I expect you are right - it has not been explored.
But I also suspect some retailers, not wishing for a legal fight or bad customer
relations, would give in and offer refunds. The cost to Dlink would then I
suspect be high due to loss of confidence.
I suspect they have increased the priority given to firmware upgrades now. But
that still does not get around the fact that 95% of users will not know a thing
about this and not upgrade.
I upgraded the firmware on a £400 motherboard the other day and it is always a
bit risky. I have a UPS, so made sure the machine was on that. But a power
failure during a firmware upgrade can be disastrous.
We shall see what happens.
Cynic
<see-my-s...@southminster-branch-line.org.uk> wrote:
>I upgraded the firmware on a £400 motherboard the other day and it is always a
>bit risky. I have a UPS, so made sure the machine was on that. But a power
>failure during a firmware upgrade can be disastrous.
Not if you plan it adequately. Firstly, many BIOS Flash chips these
days have a "boot sector" that is write protected. In the event of a
corrupt BIOS, a jumper on the MB allows you to boot from that sector
which in turn allows a boot from a floppy. If your system is like
that, ensure you first make a floppy with a program that can flash the
chip with a working BIOS. Though if you don't take even that
precaution, it is simply a case of arranging to use another computer
to download and create such a floppy. Also, use the manufacturer's
utilities to firs extract the current, known good BIOS to a file on
floppy. Just in case the "upgrade" it buggy.
If there is no such provision, you will need to find someone with a
Flash programmer who can reprogram the BIOS chip. If you do such
upgrades regularly, it would be a good idea to buy such a programmer,
they are not terrifically expensive.
--
Cynic
Richard Clayton
<mi...@NOSPAM.jasper.org.uk> writes
>I don't understand why Dlink didn't simply use pool.ntp.org
because it was only invented in January 2003 -- and much of their
equipment (and some of their current firmware) predates that
>, which is a
>round-robin list of publicly accessible stratum-2 servers, instead of
>hard-coding a list of servers in its firmware.
--
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
Mike Tomlinson
<ric...@highwayman.com> writes
>because it was only invented in January 2003 -- and much of their
>equipment (and some of their current firmware) predates that
Thanks.
I see the D-Link NTP problem has now made the BBC News, and you're
mentioned, Richard!
http://news.bbc.co.uk/1/hi/technology/4906138.stm
Cynic
<mi...@NOSPAM.jasper.org.uk> wrote:
>In article <733NLmAM...@highwayman.com>, Richard Clayton
><ric...@highwayman.com> writes
>
>>because it was only invented in January 2003 -- and much of their
>>equipment (and some of their current firmware) predates that
>
>Thanks.
>
>I see the D-Link NTP problem has now made the BBC News, and you're
>mentioned, Richard!
>
>http://news.bbc.co.uk/1/hi/technology/4906138.stm
Good Grief! Looking at the photograph in that article, I suddenly
realised that *I* am using a Dlink router. It's tucked out of sight
and I rarely give it a thought.
How can I discover whether it has the problem? I don't *think* it
has, 'cos it doesn't get its time automtically (after a power outage
it will reset to midnight 1st Jan and never correct it by itself).
--
Cynic
Mike Tomlinson
<cyni...@yahoo.co.uk> writes
>How can I discover whether it has the problem?
Have a look at http://people.freebsd.org/~phk/dlink/ and see if the
firmware used by your router is listed.
> I don't *think* it
>has, 'cos it doesn't get its time automtically (after a power outage
>it will reset to midnight 1st Jan and never correct it by itself).
Apparently, some products use NTP to datestamp entries in their logs
only, not using it to keep the router's date and time, so their users
assume it's not making NTP queries at all. If this is the case, it's
pretty bizarre behaviour.
Cynic
<mi...@NOSPAM.jasper.org.uk> wrote:
>In article <dqrt325e1c3d3u9b1...@4ax.com>, Cynic
><cyni...@yahoo.co.uk> writes
>
>>How can I discover whether it has the problem?
>
>Have a look at http://people.freebsd.org/~phk/dlink/ and see if the
>firmware used by your router is listed.
>
>> I don't *think* it
>>has, 'cos it doesn't get its time automtically (after a power outage
>>it will reset to midnight 1st Jan and never correct it by itself).
>
>Apparently, some products use NTP to datestamp entries in their logs
>only, not using it to keep the router's date and time, so their users
>assume it's not making NTP queries at all. If this is the case, it's
>pretty bizarre behaviour.
It certainly is. But the log on my router is not timestamped
correctly if its RTC it not set, and I see it is not listed on the URL
given. I was thinking of upgrading, because it has a bug. I have
filled it's rules table, and now the router crashes whenever I try to
access the table to change it. It still works fine with the entries
it has, it just means I cannot modify them. I could do a hard reset
and enter everything again, but have been putting off he evil day. I
had plannned to look for a firmware update when I got a round tooit.
Now I shan't bother.
--
Cynic
Dave (from the UK)
> In article <dqrt325e1c3d3u9b1...@4ax.com>, Cynic
> <cyni...@yahoo.co.uk> writes
>
>
>>How can I discover whether it has the problem?
>
>
> Have a look at http://people.freebsd.org/~phk/dlink/ and see if the
> firmware used by your router is listed.
There are two problems in using the list at
http://people.freebsd.org/~phk/dlink/
for the purpose of determine if your D-link product has a problem.
1) The list is by no means complete - it says that.
2) The list only shows the D-link products connecting to the Danish time
server GPS.dix.dk There are a huge number of time servers which are
being abused - see
http://people.freebsd.org/~phk/dlink/letter2.html
As far as I am aware, there is no list of what models are abusing time
servers.
I know the time servers my own model DWL-700AP connects to and know they
are all public access, so there is no problem. But other models are
definitely connecting to time servers they should not.
I suggest you ask D-link about your particular model.