NTP reflection attack - changing ntp.conf file on COS5.2

Offline

NTP reflection attack - changing ntp.conf file on COS5.2

Resolved

0 votes

Hi.

I read this article ISC NTP reflection attack linkthis morning.

The article suggests adding the following to the ntp.conf file:

disable monitor

to disable this type of attack and information leak.

Will this change affect the sync to Clear found at the top of the ntp.conf file?

If yes, then is there something we can do to ensure we aren't affected by this type of attack?

Thanks in advance.

In Intrusion Detection and Prevention

Sunday, December 29 2013, 05:54 PM

Share this post:

Responses (2)

Accepted Answer
nuke

Offline
Monday, December 30 2013, 05:32 PM - #Permalink
Resolved

0 votes

Thanks, Nick!
The reply is currently minimized Show
Accepted Answer
Nick Howitt

Offline
Sunday, December 29 2013, 10:31 PM - #Permalink
Resolved

0 votes

The default set up of the firewall does not allow external queries to your ntp server (it only allows back in related and established connections).
The reply is currently minimized Show

Your Reply

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.

Community Forums

ClearOS Portal

ClearVM Platform

ClearVM 2 Platform

Forums