[FreeBSD-Announce] FreeBSD Security Advisory
FreeBSD-SA-10:02.ntpd
Harlan Stenn
stenn at ntp.org
Thu Jan 7 00:37:41 UTC 2010
Not quite...
> II. Problem Description
>
> If ntpd receives a mode 7 (MODE_PRIVATE) request or error response
it's a *malformed* mode 7 request, or an error response ...
Normal mode 7 requests have been (and are) handled just fine and are not
logged by default.
> from a source address not listed in either a 'restrict ... noquery'
> or a 'restrict ... ignore' section it will log the even and send
s/even/event/
> a mode 7 error response.
> IV. Workaround
>
> Proper filtering of mode 7 NTP packets by a firewall can limit the
> number of systems used to attack your resources.
If you can find a firewall that will do this, please lemme know.
We haven't found any.
Thanks...
H
More information about the freebsd-security
mailing list