[ntp:security] [Bug 3012] Sybil vulnerability: ephemeral association attack

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri Apr 29 06:36:12 UTC 2016


http://bugs.ntp.org/show_bug.cgi?id=3012

--- Comment #3 from Harlan Stenn <stenn at ntp.org> 2016-04-29 06:36:12 UTC ---
(In reply to comment #2)
> This page
> http://support.ntp.org/bin/view/Main/NtpBug3012
> 
> mentions that this bug is fixed in 4.2.8p7, and says:
> 
> "Use the 4th argument in the ntp.keys file to limit the IPs that can be time
> servers."
> 
> Where is documented how the 4th parameter is to be used?

We publish a mitigation or work-around, not a fix.

The 4th parameter is documented in the man page for the ntp.keys file.

> BTW, the state of this bug is still "Confirmed", not "Resolved". Which is
> correct?

It is Confirmed because we're working on code changes that will provide a way
to specifically limit the number of ephemeral associations.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list