This document is meant to record details about some specific events that have occurred. These specific instances may contain details that may be helpful in other situations.

People looking for information about events that a computer recorded in a log is discussed in other sections, such as Windows Event Log Messages, problematic messages, logs, errors. Handling such problems is not the topic that this section is about.

This page has more focus on actual noteworthy instances that really did occur in the world. Some (most?) of these may have affected quite a few people, or been notably expensive.

[#ntpvandl]: NTP

Who knew that such a simple task, of setting a clock, could cause so much trouble?

Vendors refers to University of Wisconsin(-Madison) hammered by Netgear hardware mentions (in the “Inform the Internet Community” section) that 85,000 SMC brand routers caused a similar issue for another organization.

Poul-Henning Kamp's report on D-Link (archived by the Wayback Machine @, and also Poul-Henning Kamp's report on D-Link (archived by the Wayback Machine @ (updated, with substantial content removed)

Wikipedia: NTP server misuse and abuse discusses multiple incidents, including these. Another one referred to by Wikipedia was “ one of the largest distributed denial-of-service attacks known at the time” “at the end of 2013”, when servers were being deliberately misused to perform an attack.

Sweden domain (.se)

See: Royal Pingdom's report of .se TLD being offline for about an hour in October, 2009. Even worse than that sounds: this error was able to propagate, so cached results could lead to communications issues for days (or weeks) after the incident started.

GRC DOS Perhaps related:
Overloaded site refers to where Lucas had set up “OpenBSD boxes in a live-failover configuration, protecting our big-name commercial firewall as well as shaping traffic.”