On Wed, Nov 27, 2013 at 4:10 PM, Cristiano Deana
> On Wed, Nov 27, 2013 at 5:06 PM, Tom Evans <tevans...@googlemail.com> wrote:
>> > There is a bug in older versions (< 4.2.7) who allows attacker use an
>> > ntp
>> > server to DDoS. This has been corrected in new version:
>> > https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
>> > This attack seems to be increasing in the last few weeks.
>> > net/ntp-devel is Ok.
>> ntp 4.2.4p8 isn't vulnerable.
>> The reflection attack is the first in the list, 4.2.4p7 and below are
> Thank you, Tom for your quick reply.
> That is not the same bug. I had two ntpd with 4.2.4p8 used the last days to
> DDoS. I found the link below, used net/ntp-devel and the abuse was gone.
Does it have a CVE? The article is low on content :(
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"