[ntp:questions] What to do for clients less than 4.2.8?
david at ex.djwhome.demon.invalid
Sun Dec 21 09:47:46 UTC 2014
On 20/12/14 22:01, Rob wrote:
> David Woolley <david at ex.djwhome.demon.invalid> wrote:
>> On 20/12/14 19:58, William Unruh wrote:
>>> Is it an ntp packet (ie a time exchange packet)? is it a control packet
>>> (eg ntpq type packet?) or what?
>>> Ie, unless you use crypto, these two look like they might be dangerous.
>> Both routines only process NTP type 6 packets, i.e. nptq.
> But is that before or after those packets are filtered by "restrict"?
ctl_putdata is sending the response (my guess is the attack is monlist
based), so it is definitely after the filter. configure is a fairly
complex command processing option, so, although I didn't check the code
in detail, I would be most surprised if it wasn't after the filter.
More information about the questions