Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 27 Nov 2013 17:21:05 +0000
From:      Tom Evans <tevans.uk@googlemail.com>
To:        Cristiano Deana <cristiano.deana@gmail.com>
Cc:        freebsd-current <freebsd-current@freebsd.org>
Subject:   Re: [request] ntp upgrade
Message-ID:  <CAFHbX1KKMHgsRgFgmxvYBgJJvyhd%2BqwxDGg6yDUFsj3MwjBR8Q@mail.gmail.com>
In-Reply-To: <CAO82ECH8YXswVMuxzcnjfE9-KRvD-aKh6sRVJ7odRpB02aCXrA@mail.gmail.com>
References:  <CAO82ECHMS-JUWC4TGwZpfU0opKE-2rOgW8RLOiR23RzVKgFJ3w@mail.gmail.com> <CAFHbX1%2B4%2BydUf=4VTrkP5TyQHxDc31F8Uh48mVzyyfoDpsMLYA@mail.gmail.com> <CAO82ECH8YXswVMuxzcnjfE9-KRvD-aKh6sRVJ7odRpB02aCXrA@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 27, 2013 at 4:10 PM, Cristiano Deana
<cristiano.deana@gmail.com> wrote:
> On Wed, Nov 27, 2013 at 5:06 PM, Tom Evans <tevans.uk@googlemail.com> wrote:
>
>>
>> > There is a bug in older versions (< 4.2.7) who allows attacker use an
>> > ntp
>> > server to DDoS. This has been corrected in new version:
>> > https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
>> >
>> > This attack seems to be increasing in the last few weeks.
>> >
>> > net/ntp-devel is Ok.
>>
>>
>> ntp 4.2.4p8 isn't vulnerable.
>>
>> http://www.cvedetails.com/vulnerability-list/vendor_id-2153/NTP.html
>>
>> The reflection attack is the first in the list, 4.2.4p7 and below are
>> affected.
>
>
>
> Thank you, Tom for your quick reply.
>
> That is not the same bug. I had two ntpd with 4.2.4p8 used the last days to
> DDoS. I found the link below, used net/ntp-devel and the abuse was gone.
>

Does it have a CVE? The article is low on content :(

Cheers

Tom



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFHbX1KKMHgsRgFgmxvYBgJJvyhd%2BqwxDGg6yDUFsj3MwjBR8Q>