[cisco-voip] NTP DDOS Vulnerability in 8.x/9.x
Jason Aarons (AM)
jason.aarons at dimensiondata.com
Mon Feb 3 22:10:39 EST 2014
So from the Internet you should block NTP packets to your CallManager or to anything that isn’t doing NTP. NTP shoud have a whitelist.
Wondering how many people have NTP from the Internet allowed to anything unless you’re a ISP.
Read the article several times and found this;
http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Steve Rubin
Sent: Monday, February 03, 2014 7:56 PM
To: cisco-voip
Subject: [cisco-voip] NTP DDOS Vulnerability in 8.x/9.x
http://blogs.cisco.com/security/when-network-clocks-attack/
Call Manager and Unity Connection (likely other products as well) are
vulnerable to the very attack that Cisco blogs about.
Bug is CSCum76937.
--
Steve Rubin
ser at layer42.net<mailto:ser at layer42.net>
Layer42 Networks
http://www.layer42.net/
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
itevomcid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140203/46173200/attachment.html>
More information about the cisco-voip
mailing list