Default configuration of ntp-4.2.6p5-9 is vulnerable to DDoS participation
j.rekorajski at gmail.com
Sun Oct 5 19:48:14 CEST 2014
On Fri, Oct 3, 2014 at 1:54 PM, Bartosz Lis <bartoszl at ics.p.lodz.pl> wrote:
> See: https://bugzilla.redhat.com/show_bug.cgi?id=1047854
> "users can disable monitor functionality using 'disable monitor' command in
> the /etc/ntp.conf. Note that use of 'restrict' command with 'limited' flag
> also enables monitor functionality even when 'disable monitor' command is
> I suggest updating ntp.conf file found in ntp.git project with the following
Did you read this bug? Especially comment #3 and followups to it?
'noquery' in restrict line block monlist command. No patching needed.
Jan Rękorajski | SysAdm | PLD/Linux | http://www.pld-linux.org/
More information about the pld-devel-en