[ntp:security] reproducing mode 7 ping pong

Danny Mayer mayer at ntp.org
Tue Oct 13 03:38:40 UTC 2009


Dave Hart wrote:
> With ntpdc alone you can't trigger the DoS, to see the impact on ntpd
> in the one-ntpd and two-ntpd cases.  Putting the triggering code in
> ntpd avoids the need to forge the source address.

Right but you don't need to do that to test the patch since we already
know the attack vector and fixing the code to drop bad data is
sufficient though there is nothing wrong with testing this the DOS itself.

Danny

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the security mailing list