NTP security hole CVE-2013-5211?
Brett Glass
brett at lariat.org
Fri Mar 21 04:21:08 UTC 2014
At 03:37 PM 3/20/2014, Ronald F. Guilmette wrote:
>Starting from these lines in my /etc/ntp.conf file:
>
>server 0.freebsd.pool.ntp.org iburst
>server 1.freebsd.pool.ntp.org iburst
>server 2.freebsd.pool.ntp.org iburst
>
>I resolved each of those three host names to _all_ of its associated
>IPv4 addresses. This yielded me the following list:
>
>50.116.38.157
>69.50.219.51
>69.55.54.17
>69.167.160.102
>108.61.73.244
>129.250.35.251
>149.20.68.17
>169.229.70.183
>192.241.167.38
>199.7.177.206
>209.114.111.1
>209.118.204.201
[Snip]
All of this is good. However, remember that anyone who can spoof IPs will know
that the above addresses are the defaults for any FreeBSD machine and can
take advantage of these "holes" in your firewall.
--Brett Glass
More information about the freebsd-security
mailing list