On Wed, Nov 27, 2013 at 3:29 PM, Cristiano Deana
cristiano.de...@gmail.com wrote:
Hi,
is it possible to include in base system of the upcoming 10.0 the new
version of ntp (4.2.7 instead of 4.2.4)?
There is a bug in older versions ( 4.2.7) who allows attacker use an ntp
server to DDoS. This
On Wed, Nov 27, 2013 at 5:06 PM, Tom Evans tevans...@googlemail.com wrote:
There is a bug in older versions ( 4.2.7) who allows attacker use an ntp
server to DDoS. This has been corrected in new version:
https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
This attack
On Wed, Nov 27, 2013 at 4:10 PM, Cristiano Deana
cristiano.de...@gmail.com wrote:
On Wed, Nov 27, 2013 at 5:06 PM, Tom Evans tevans...@googlemail.com wrote:
There is a bug in older versions ( 4.2.7) who allows attacker use an
ntp
server to DDoS. This has been corrected in new version:
On Wed, Nov 27, 2013 at 4:29 PM, Cristiano Deana
cristiano.de...@gmail.com wrote:
Hi,
is it possible to include in base system of the upcoming 10.0 the new
version of ntp (4.2.7 instead of 4.2.4)?
There is a bug in older versions ( 4.2.7) who allows attacker use an ntp
server to DDoS. This
On Wed, Nov 27, 2013 at 6:21 PM, Tom Evans tevans...@googlemail.com wrote:
Does it have a CVE? The article is low on content
I don't think so. I think there were lot of ideas about the DDoS, that's
the only article suggesting a right solution (in my experience).
I think they are still
On Wed, Nov 27, 2013 at 9:03 PM, Olivier Cochard-Labbé
oliv...@cochard.mewrote:
Hi
Thanks for this URL, I've meet this problem on my FreeBSD 9.2 few
weeks ago (public NTP registered in the pool.ntp.org).
Same for me.
There is a thread on the ntp.org ML about this too: