[ntp:questions] NTP 4.2.6 Released

Ronan Flood usenet at umbral.org.uk
Thu Dec 17 12:57:34 UTC 2009


On Sat, 12 Dec 2009 11:51:46 -0500,
NTP Public Services Project <webmaster at ntp.org> wrote:

> * If an attacker spoofs an address of ntpd host A in a mode 7 response
> packet sent to ntpd host A, A will respond to itself endlessly,

Academic, but is that true?  I thought the "ntpport, interface, ignore"
restrictions which ntpd automatically puts on all interface addresses
were supposed to prevent it seeing traffic from itself -- with the aim
of stopping it synchronising to itself, but would affect this too.

-- 
Ronan Flood <usenet at umbral.org.uk>




More information about the questions mailing list