[ntp:security] Nessus identifies NTP as a security issue
jerry.phillips at cchmc.org
Fri Aug 25 12:14:54 UTC 2006
Security team scans of my Sun/Solaris 8 servers reveal that the NTP
client and NTP server configurations are suspect. Can you please
advise me? Below is the output from the Nessus scan.
"It is possible to determine a lot of information about the remote
host by querying the NTP variables - these include OS descriptor, and
It is possible to gather the following information from the remote
NTP host :
system='SunOS', leap=0, stratum=3, rootdelary=24.51,\r ...." etc.
"Quickfix: Set NTP to restrict default access to ignore all info
restrict default ignore"
I implemented the following /etc/inet/ntp.conf file on a test server
and the security team still claims that it is vulnerable.
# @(#)ntp.client 1.2 96/11/06 SMI
# An example file that could be copied over to /etc/inet/ntp.conf; it
# provides a configuration for a host that passively waits for a server
# to provide NTP packets on the ntp multicast net.
restrict default ignore
restrict 22.214.171.124 mask 255.255.255.0 nopeer noquery nomodify
Any help would be greatly appreciated!
More information about the security