- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-02-2018 05:56 AM
тАО03-02-2018 05:56 AM
HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk Medium NTP mode 6 queries
Hello,
When I made a scan with nessus scanner, we have this medium risk:
Risk: Medium
Application: ntp
Port: 123
Protocol: udp
ScriptID: 97861
Synopsis:
The remote NTP server responds to mode 6 queries.
Description:
The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP
amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause
a reflected denial of service condition.
Solution:
Restrict NTP mode 6 queries.
5.0
CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Plugin Output:
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system="/", leap=0, stratum=6, precision=-20,
rootdelay=89.881, rootdisp=186.125, refid=10.56.36.7,
reftime=0xde43c58d.f4ccc634, clock=0xde43c5c9.bb616b2e, peer=46269,
tc=6, mintc=3, offset=2.284, frequency=-20.303, sys_jitter=6.497,
clk_jitter=1.453, clk_wander=0.014'
Did you have a solution for restrict NTP mode 6 queries ?
Thanks.
- Tags:
- NTP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2018 06:21 AM
тАО03-04-2018 06:21 AM
Re: HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk Medium NTP mode 6 queries
What exact Comware software version is actually running on your HPE 5510 48G 4SFP+ HI 1-slot Switch (SKU: JH146A)?
I'm not an HPE Employee

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2018 01:48 AM - edited тАО03-05-2018 01:48 AM
тАО03-05-2018 01:48 AM - edited тАО03-05-2018 01:48 AM
Re: HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk Medium NTP mode 6 queries
Hello,
The version is:
Boot image: flash:/5510hi-cmw710-boot-r1309.bin
Boot image version: 7.1.070, Release 1309
Compiled Jul 21 2017 16:00:00
System image: flash:/5510hi-cmw710-system-r1309.bin
System image version: 7.1.070, Release 1309
Compiled Jul 21 2017 16:00:00
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2018 11:42 PM
тАО03-09-2018 11:42 PM
Re: HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk Medium NTP mode 6 queries
What's the output of display ntp-service status and display ntp-service sessions commands? There is an entire Chapter dedicated to configuring NTP (named "Configuring NTP") on the HPE FlexNetwork 5510 HI Switch Series Network Management and Monitoring Configuration Guide...
I'm not an HPE Employee

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2018 02:10 AM
тАО03-12-2018 02:10 AM
Re: HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A / Risk Medium NTP mode 6 queries
Hello,
This the result of the commands:
<5510>display ntp-service status
Clock status: synchronized
Clock stratum: 6
System peer: 10.xx.xx.7
Local mode: client
Reference clock ID: 10.xx.xx.7
Leap indicator: 00
Clock jitter: 0.013672 s
Stability: 0.000 pps
Clock precision: 2^-20
Root delay: 76.99585 ms
Root dispersion: 209.64050 ms
Reference time: de50c0d6.a3ffa273 Mon, Mar 12 2018 10:03:18.640
System poll interval: 64 s
<5510>display ntp-service sessions
source reference stra reach poll now offset delay disper
********************************************************************************
[12345]10.xx.xx.7 10.xx.xxx.241 5 255 64 7 14.100 2.1972 19.271
Notes: 1 source(master), 2 source(peer), 3 selected, 4 candidate, 5 configured.
Total sessions: 1
Thanks.