RE: [nsp] Cisco Security Advisory: NTP vulnerability

From: Damir Rajnovic (gaus@cisco.com)
Date: Fri May 10 2002 - 09:13:08 EDT


At 15:02 10/05/2002 +0200, KF wrote:
>I was thinking of using access list for NTP daemon e.g. ntp access-group server 99.....

You can use ntp access-group server but only to mitigate the exposure.
All you need to do is to spoof the right source IP. This will allow
the execution of control packets so you are still exposed.

Gaus

==============
Damir Rajnovic <psirt@cisco.com>, PSIRT Incident Manager, Cisco Systems
<http://www.cisco.com/go/psirt> Telephone: +44 7715 546 033
200 Longwater Avenue, Green Park, Reading, Berkshire RG2 6GB, GB
==============
There is no insolvable problems.
The question is can you accept the solution?



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:44 EDT