[time-nuts] NTP dos attack
Magnus Danielson
magnus at rubidium.dyndns.org
Thu Dec 10 22:18:03 UTC 2009
Dear fellow time-nuts,
Since I have seen very little news relating to it, I would just like to
inform you about the security bug of NTP that was recently released about.
Usefull links:
https://support.ntp.org/bugs/show_bug.cgi?id=1331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
http://www.meinberg.de/english/news/lantime-firmware-update-ntp-security-problem-with-mode-7-packets.htm
It's a fun little bug, send a minimal UDP packet in and all hell breaks
loose. :)
It is fairly easy to set this one up (initial comment in NTP bug 1331 is
a good read), so you might want to check if your NTP servers need
software upgrade. Meinberg for instance have confirmed that their
products needs upgrade. Debian has upgraded their NTP for unstable.
Check your favorit vendor or OS source.
I'm patching up my machines. Consider doing the same to your machines
being out there in the open.
Best Regards,
Magnus
More information about the Time-nuts_lists.febo.com
mailing list