[ntp:questions] Mitigating the ::1 spoof vulnerability

Marco Marongiu brontolinux at gmail.com
Fri Feb 6 12:17:08 UTC 2015


Hi there

I'm referring to this one in particular: "::1 can be spoofed on some
OSes, so ACLs based on IPv6 ::1 addresses can be bypassed".

Debian Squeeze doesn't have a patched package available in the
squeeze-lts series yet. On those clients would a restriction like

restrict ::1 ignore

mitigate the vulnerability?

Thanks
-- bronto




More information about the questions mailing list