On 29 Jan 2014, at 09:52, John Rowe <j.m.r...@exeter.ac.uk> wrote:
> I've been warned that my SL 5.9 machine is potentially vulnerable to the
> recently announced DOS attack. As far as I can see both my 5.9 and 6x
> machines are running vulnerable versions, am I missing something or are
> we vulnerable?


Have a look at these two pages:
  https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
  
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2_Configure_Rate_Limiting_Access_to_an_NTP_service.html

I don't know if the fix has been back ported to EL or not (use the test in the 
first article to check) - if someone has warned you that you are vulnerable, 
the best option is to rate limit NTP clients.

Even if the fix has been back ported, rate limiting is still a good thing to do.

Regards,
  
Adam Bishop

 gpg: 0x6609D460

Janet, the UK's research and education network.


Janet(UK) is a trading name of Jisc Collections and Janet Limited, a 
not-for-profit company which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238

Reply via email to