ntp

Mark Parsons — Thu, 17 Dec 2015 18:25:34 GMT

We are currently running servers on HP11.31 with the ntp version running being 4.2.6.5.0.

We have been told by our security group that we should upgrade ntp to 4.2.7p26. The latest version available for hpux being 4.2.6.6.0.

The reason we have been told to upgrade is:

The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source. The monlist feature in ntp_request.c in ntpd in NTP allows remote attackers to cause a denial of service (traffic amplification) via forged REQ_MON_GETLIST or REQ_MON_GETLIST_1 requests. This issue allows an attacker to perform reflection distributed denial of service attacks.

As a workaround (due to the correct release not being available [yet]) is to add the following two lines to ntp.conf:

restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

Does anybody out there know if this is correct or not or when the 4.2.7p26 version of ntp will be available for hpux.
Many thanks in advance.

Re: ntp

Ajin_1 — Fri, 18 Dec 2015 15:36:10 GMT

The latest version below

Release date

NTPv4 HP-UX 11i v3 C.4.2.6.6.0 May 2015

Re: ntp

Mark Parsons — Fri, 18 Dec 2015 15:40:02 GMT

That is the version we have currently loaded!

Re: ntp

Mark Parsons — Fri, 18 Dec 2015 15:43:15 GMT

It seemed a bit silly to go from 4.2.6.5 to 4.2.6.6 but I did it anyway.

topic ntp in Operating System - HP-UX

ntp

Re: ntp

Re: ntp

Re: ntp