Re: [request] ntp upgrade

From: Olivier Cochard-Labbé <olivier_at_cochard.me>
Date: Wed, 27 Nov 2013 21:03:32 +0100
On Wed, Nov 27, 2013 at 4:29 PM, Cristiano Deana
<cristiano.deana_at_gmail.com> wrote:
> Hi,
>
> is it possible to include in base system of the upcoming 10.0 the new
> version of ntp (4.2.7 instead of 4.2.4)?
>
> There is a bug in older versions (< 4.2.7) who allows attacker use an ntp
> server to DDoS. This has been corrected in new version:
> https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks

Thanks for this URL, I've meet this problem on my FreeBSD 9.2 few
weeks ago (public NTP registered in the pool.ntp.org).

There is a thread on the ntp.org ML about this too:
http://lists.ntp.org/pipermail/pool/2013-November/thread.html

Regards,

Olivier
Received on Wed Nov 27 2013 - 19:03:55 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:44 UTC