[time-nuts] NTP dos attack

Rob Kimberley rk at timing-consultants.com
Thu Dec 10 23:43:54 UTC 2009


Meinberg released their upgrade yesterday (9th).
 http://www.meinberg.de/english/sw/ntp.htm

Rob K

-----Original Message-----
From: time-nuts-bounces at febo.com [mailto:time-nuts-bounces at febo.com] On
Behalf Of Magnus Danielson
Sent: 10 December 2009 22:18
To: Discussion of precise time and frequency measurement
Subject: [time-nuts] NTP dos attack

Dear fellow time-nuts,

Since I have seen very little news relating to it, I would just like to 
inform you about the security bug of NTP that was recently released about.

Usefull links:
https://support.ntp.org/bugs/show_bug.cgi?id=1331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
http://www.meinberg.de/english/news/lantime-firmware-update-ntp-security-pro
blem-with-mode-7-packets.htm

It's a fun little bug, send a minimal UDP packet in and all hell breaks 
loose. :)

It is fairly easy to set this one up (initial comment in NTP bug 1331 is 
a good read), so you might want to check if your NTP servers need 
software upgrade. Meinberg for instance have confirmed that their 
products needs upgrade. Debian has upgraded their NTP for unstable. 
Check your favorit vendor or OS source.

I'm patching up my machines. Consider doing the same to your machines 
being out there in the open.

Best Regards,
Magnus

_______________________________________________
time-nuts mailing list -- time-nuts at febo.com
To unsubscribe, go to
https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.





More information about the time-nuts mailing list