Public bug reported:
The "restrict" row comments of the default /etc/ntp.conf configuration
file should more explicity warn(!) against the dropping on "noquery" or
similar options, because their removal might cause the server to become
vulenrable to (become a party in) DoS attacks.
Many admins have mistakenly removed the block, thinking they have either
enabled the server to be queried from the subnet in question or made it
more usable by doing so. This resulted in a number of reflection attacks
via NTP we have been seeing in the past few days.
** Affects: ntp (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1263703
Title:
Warn on noquery in ntp.conf
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1263703/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
