[ntp:security] Compromised Time Server

Danny Mayer mayer at ntp.org
Wed Apr 3 12:22:39 UTC 2013


This is not an NTP security issue. Furthermore, just because a server
may have been compromised does not mean that the NTP Server itself has
been compromised. Nothing that I have seen posted by you or others
indicate that the is a problem with the NTP server so I don't know why
you are asking for its removal. If you want to contact the people who
run the pool you should look on the http://www.pool.ntp.org web service
for information.

I also notice that you have signed you note as Matthew Ulm but the email
address is 0chien1 (ChienD) which makes your email message unreliable in
the first place.

Danny
On 4/2/2013 5:38 PM, ChienD wrote:
> 
> I have noticed that the server at 72.8.140.222 is included in the US NTP
> pool lately.
> This machine has been reported compromised by Shadowserver, and a few
> commercial resources. How do we go about getting this removed from the
> NTP pool?
> 
> -- 
> Matthew Ulm
> "So much to learn, So little time"
> 
> 
> _______________________________________________
> security mailing list
> security at lists.ntp.org
> http://lists.ntp.org/listinfo/security
> 



More information about the security mailing list