[ntp:security] [Bug 1331] DoS with mode 7 packets

Danny Mayer via the NTP Bugzilla bugzilla at ntp.org
Sun Oct 4 22:39:43 UTC 2009


Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2009-10-04 22:39

>From Dave Mills:

That code was last touched by Dennis Fergusson circa 1984. It should be fixed.

The cardinal rule, at least in the mainline code, is that packets with bad
format, wrong length or incorrect version are always dropped and do nothing
except increment a tattletale. Control/monitor packets can't be checked by the
mainline code, since the packet lengths are different.

As you know, I would much, much rather strip ntpdc of anything except raw debug.

There is actually a much easier way to mount a DoS attack. Thrwow monlist
commands at ntpdc at a nice fat rate. The monitoring tools should be subject to
the same rate controls as the mainline code.

Danny Mayer <mayer at ntp.org>

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the security mailing list