RE: [nsp] Cisco Security Advisory: NTP vulnerability

• Next message: KF: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Previous message: George Stylianou: "[nsp] FlexWAN & MSFC mapping"
• In reply to: Damir Rajnovic: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Next in thread: Damir Rajnovic: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Nono...

I was thinking of using access list for NTP daemon e.g. ntp access-group server 99.....

or?

cheers

alex

>
> Hi,
>
> At 20:10 08/05/2002 +0200, KF wrote:
> >Anyone aware, if ACL specified for NTP service in IOS are
> overlooked or ?
>
> Do you mean to put an ACL on an interface? It is a valid workaround.
> It is mentioned here:
>
> ======
> Additionally, if you are not using NTP servers external from
> your network,
> you can drop all NTP packets on the network boundary. This
> can be done by
> the ACL as follows:
> ==
>
> If it is not clear then I will have to update the advisory to make it
> more clear.
>
> Gaus
> ==============
> Damir Rajnovic <psirt@cisco.com>, PSIRT Incident Manager,
> Cisco Systems
> <http://www.cisco.com/go/psirt> Telephone: +44 7715 546 033
> 200 Longwater Avenue, Green Park, Reading, Berkshire RG2 6GB, GB
> ==============
> There is no insolvable problems.
> The question is can you accept the solution?
>
>
>

• Next message: KF: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Previous message: George Stylianou: "[nsp] FlexWAN & MSFC mapping"
• In reply to: Damir Rajnovic: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Next in thread: Damir Rajnovic: "RE: [nsp] Cisco Security Advisory: NTP vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:44 EDT