Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-17-2015 10:25 AM
тАО12-17-2015 10:25 AM
ntp
We are currently running servers on HP11.31 with the ntp version running being 4.2.6.5.0.
We have been told by our security group that we should upgrade ntp to 4.2.7p26. The latest version available for hpux being 4.2.6.6.0.
The reason we have been told to upgrade is:
The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source. The monlist feature in ntp_request.c in ntpd in NTP allows remote attackers to cause a denial of service (traffic amplification) via forged REQ_MON_GETLIST or REQ_MON_GETLIST_1 requests. This issue allows an attacker to perform reflection distributed denial of service attacks.
As a workaround (due to the correct release not being available [yet]) is to add the following two lines to ntp.conf:
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
Does anybody out there know if this is correct or not or when the 4.2.7p26 version of ntp will be available for hpux.
Many thanks in advance.
- Tags:
- NTP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2015 07:36 AM
тАО12-18-2015 07:36 AM
Re: ntp
The latest version below
Release date
NTPv4 HP-UX 11i v3 C.4.2.6.6.0 May 2015
Ajin.S
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2015 07:40 AM
тАО12-18-2015 07:40 AM
Re: ntp
That is the version we have currently loaded!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2015 07:43 AM
тАО12-18-2015 07:43 AM
Re: ntp
It seemed a bit silly to go from 4.2.6.5 to 4.2.6.6 but I did it anyway.