On 20/12/14 22:01, Rob wrote:
David Woolley <david@ex.djwhome.demon.invalid> wrote:
On 20/12/14 19:58, William Unruh wrote:
Is it an ntp packet (ie a time exchange packet)? is it a control packet
(eg ntpq type packet?) or what?
Ie, unless you use crypto, these two look like they might be dangerous.
Both routines only process NTP type 6 packets, i.e. nptq.
But is that before or after those packets are filtered by "restrict"?
ctl_putdata is sending the response (my guess is the attack is monlist
based), so it is definitely after the filter. configure is a fairly
complex command processing option, so, although I didn't check the code
in detail, I would be most surprised if it wasn't after the filter.
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
