[ntp:security] Nessus identifies NTP as a security issue
jerry phillips
jerry.phillips at cchmc.org
Fri Aug 25 12:14:54 UTC 2006
Greetings,
Security team scans of my Sun/Solaris 8 servers reveal that the NTP
client and NTP server configurations are suspect. Can you please
advise me? Below is the output from the Nessus scan.
"It is possible to determine a lot of information about the remote
host by querying the NTP variables - these include OS descriptor, and
time settings.
It is possible to gather the following information from the remote
NTP host :
system='SunOS', leap=0, stratum=3, rootdelary=24.51,\r ...." etc.
"Quickfix: Set NTP to restrict default access to ignore all info
packets:
restrict default ignore"
I implemented the following /etc/inet/ntp.conf file on a test server
and the security team still claims that it is vulnerable.
# @(#)ntp.client 1.2 96/11/06 SMI
#
# /etc/inet/ntp.client
#
# An example file that could be copied over to /etc/inet/ntp.conf; it
# provides a configuration for a host that passively waits for a server
# to provide NTP packets on the ntp multicast net.
#
server neo-a.chmcc.org
multicastclient 224.0.1.1
driftfile /var/ntp/ntp.drift
restrict default ignore
restrict 205.142.199.172 mask 255.255.255.0 nopeer noquery nomodify
notrap
restrict 127.0.0.1
authenticate no
Any help would be greatly appreciated!
Thank you,
jerry
More information about the security
mailing list