On 12/20/14, 12:01, Rainer May wrote:
Am 20.12.2014 um 16:41 schrieb Philip Gladstone:
There appear to be >3 million exposed NTP servers on the internet.
- It may or may not be feasible for the big distributors to kill the
whole problem with manpower. But if they do not, there's nothing the
"default admin" can do against it (even if he could technically he may
not be allowed to by policy).
I have found that both centos and some versions of ubuntu have now
issued patched versions (well, they pushed out an update within the last
24 hours). Unfortunately (and this is a big issue) they kept the old
version number. This means that you have to use the compile date to
determine if it has been patched.
For example, for an old system:
ntpq [email protected] Sat Dec 20 02:52:15 UTC 2014 (1)
and a more recent one:
ntpq [email protected] Sat Dec 20 02:53:43 UTC 2014 (1)
Philip
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
