閱讀文章 - 看板 FB_security

發信人stenn@ntp.org (Harlan Stenn),

看板FB_security

標題Re: [FreeBSD-Announce] FreeBSD Security Advisory

發信站NCTU CS FreeBSD Server (Thu Jan 7 03:18:20 2010)

轉信站ptt!csnews.cs.nctu!news.cs.nctu!FreeBSD.cs.nctu!freebsd.org!owner-free

Not quite... > II. Problem Description > > If ntpd receives a mode 7 (MODE_PRIVATE) request or error response it's a *malformed* mode 7 request, or an error response ... Normal mode 7 requests have been (and are) handled just fine and are not logged by default. > from a source address not listed in either a 'restrict ... noquery' > or a 'restrict ... ignore' section it will log the even and send s/even/event/ > a mode 7 error response. > IV. Workaround > > Proper filtering of mode 7 NTP packets by a firewall can limit the > number of systems used to attack your resources. If you can find a firewall that will do this, please lemme know. We haven't found any. Thanks... H _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"