From owner-freebsd-security@FreeBSD.ORG Fri Mar 21 00:50:33 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D903EB05 for ; Fri, 21 Mar 2014 00:50:33 +0000 (UTC) Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6FDBCE54 for ; Fri, 21 Mar 2014 00:50:33 +0000 (UTC) Received: by mail-we0-f172.google.com with SMTP id t61so1160225wes.3 for ; Thu, 20 Mar 2014 17:50:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=Rq8IfcNmmHdXJXMkdYYNtojH2ABPlRaHRKjhULb+T2E=; b=XwssXA65ULEimlz7wfXQ2QtgaSt4g1hCXiJ3PD1HktGH5B49/gW5CbZfH1O8yh9vAm UgmcYM5y+GZo15l9Tva1zHiRpnpK2XAKdBlBWy/tSfpTDrBy6YoZM46hjpiq91f9Hp2z M34WLp6trJUeXtcLAZbzt+1inVWZ5zDaFMJD8ntx5aBl8NvnD77U22tgY3L2bMNkLFCs S1GNMoFshVPokPV1NMyLDqaxWUe9D92x/Y1JJyDr2kLPY1Wle5+3OasjXdHsCWwVdHZM 4EVD0HcyQsCo76F08ZCHpeYHwTeEFX4i6AgCprabEUbKtImD9shopdUQTDvDrn6Od6hb jz3A== X-Received: by 10.180.12.115 with SMTP id x19mr5807984wib.19.1395363031798; Thu, 20 Mar 2014 17:50:31 -0700 (PDT) Received: from gumby.homeunix.com ([94.195.197.72]) by mx.google.com with ESMTPSA id rx9sm3086556wjb.20.2014.03.20.17.50.30 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Thu, 20 Mar 2014 17:50:30 -0700 (PDT) Date: Fri, 21 Mar 2014 00:50:28 +0000 From: RW To: freebsd-security@freebsd.org Subject: Re: NTP security hole CVE-2013-5211? Message-ID: <20140321005028.5c51faf4@gumby.homeunix.com> In-Reply-To: <45647.1395351474@server1.tristatelogic.com> References: <742A1A10-15BF-433A-8693-CA2DD1DE0501@mac.com> <45647.1395351474@server1.tristatelogic.com> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.22; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 00:50:33 -0000 On Thu, 20 Mar 2014 14:37:54 -0700 Ronald F. Guilmette wrote: > I resolved each of those three host names to _all_ of its associated > IPv4 addresses. This yielded me the following list: > > 50.116.38.157 > ... > It's a pool, if you try it a few minutes later you will probably get a different 16 addresses. Depending on what precisely you are trying to do, you probably need a stateful rule for outgoing connections.