[ntp:security] Amplification DDoS vulnerabilities in Cisco's NTP server implementation(s)

Clay Kossmeyer ckossmey at cisco.com
Fri Aug 16 14:00:07 UTC 2013


Thanks Harlan and Christian, we'll wait to hear from CERT regarding their communication plan, etc.

Clay

On Aug 16, 2013, at 7:53 AM, Harlan Stenn <stenn at ntp.org> wrote:

> Cisco folks,
> 
> It may not need to be said but just to be sure, please make no
> announcements about this situation until the CERT announcement schedule
> is made.
> 
> Network Time Foundation has Certification and Compilance programs to
> help make sure these and other damaging and potentially embarrassing
> events will not happen, and these programs are available to
> institutional members of Network Time Foundation.  I again offer to talk
> with folks at Cisco about these opportunities and the very real benefits
> they can bring.
> -- 
> Harlan Stenn <stenn at ntp.org>
> http://networktimefoundation.org - be a member!



More information about the security mailing list