[ntp:questions] NTP internal server?

Maarten Wiltink maarten at kittensandcats.net
Sun Oct 29 18:02:26 UTC 2006


"Richard B. Gilbert" <rgilbert88 at comcast.net> wrote in message
news:_eWdna3k2Zfvpd_YnZ2dnUVZ_uqdnZ2d at comcast.com...
> Maarten Wiltink wrote:
>> "Richard B. Gilbert" <rgilbert88 at comcast.net> wrote in message
>> news:9dqdndo838CLatzYnZ2dnUVZ_uqdnZ2d at comcast.com...

>>> As far as anyone here knows there are no "exploits" associated with
>>> NTP.

>> After a short look-around on SecurityFocus, I would like to exclude
>> myself from that 'anyone' group.

> All right, there are, or were, fifteen reported exploits.  None is dated
> more recently than 2004 and some seem to be complaining about ten year
> old software distributed by companies such as Sun, Redhat, Debian, etc.

Still distributed right now, yes. For all those people who aren't allowed
to run something not backed by RFCs, and then come here with questions
about something called xntp. Sound familiar?


[...]
> I'd say that the proper response is not to forbid the use of the NTP
> protocol but rather to avoid running defective implementations thereof!

That would be nice. However, letting your guard down is _never_ a
secure response. I will work on the assumption that there are exploits
in the current NTP until you _prove_ to me it's safe, and I'm not
holding my breath.

Which doesn't stop me from running it. But I keep it on a short leash.

Groetjes,
Maarten Wiltink





More information about the questions mailing list