Hello, I am running ntp-4.2.8p10. I have a user who is complaining that we are responding to mode 6 requests as follows:
[www@eng ~]$ ntpq -c rv 192.xx.xx.xx associd=0 status=0615 leap_none, sync_ntp, 1 event, clock_sync, version="ntpd 4.2.8p10@1.3728<mailto:4.2.8p10@1.3728> Thu Jul 12 18:15:43 UTC 2018 (1)", processor="ppc", system="Linux/2.6.22", leap=00, stratum=4, precision=-12, rootdelay=43.665, rootdisp=89.247, refid=192.168.56.185, reftime=e0f2824f.423d1b2d Mon, Aug 5 2019 6:24:15.258, clock=e0f289e9.82f3c482 Mon, Aug 5 2019 6:56:41.511, peer=32846, tc=10, mintc=3, offset=-2.945153, frequency=6.130, sys_jitter=0.000000, clk_jitter=0.993, clk_wander=0.149 [www@eng ~]$ I see that NTP Bug 3118 for CVE-2016-9310 was addressed in 4.2.8p9. Forgive me for my lack of knowledge in this area, but does the above command and output still show the vulnerability? If so, is the fix (as NTP Bug 3118 explains) to add "restrict default noquery" to the ntp.conf file? If this is the fix, then all queries are shutoff, correct? Thanks for any assistance you can provide. Phil _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
