Andy Smith2d ago

If you work at Amazon, Google or Microsoft, the NTP Pool project could do with some sponsorship. Its core DNS infra is partially run by volunteers and one of them recently breached trust to meddle with DNS serving. The project would like to not have to rely on volunteers for this.

https://community.ntppool.org/t/dns-configuration-tampering-on-one-of-our-geodns-servers/4300/35

DNS configuration tampering on one of our GeoDNS servers

I think you identified the root of the problem: our DNS servers are quite hardened but there are some attack vectors that we just can’t stop if the attacker has control of the machine/VM. That being said, we currently lack the funding to rent all of our own infrastructure. geodns is fairly lightweight but I estimate that it would still represent around $5K-$10K per year in hosting, just for the DNS. If anyone has established contacts at AWS, Azure or Google Cloud, having a sponsorship from th...

NTP Pool Project
Show threadNico🦆1d ago
@grifferz honestly, I prefer a volunteer run organisation over one backed by a few big corps
Show threadAndy Smith
@nicoduck
Sure, but I think the issue here is that they got too desperate for DNS nodes so allowed a relative newcomer to buy a VPS and gift it to them. That person then logged in to it and meddled with DNS serving as part of their own unauthorised experiments. So, they would rather have a more direct relationship between the smaller group of longstanding volunteers and the hosting provider.
Apr 7 at 9:13pmWeb