BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] NTP Gone Crazy?

Subject: [Discuss] NTP Gone Crazy?
From: dnb at ccs.neu.edu (David N. Blank-Edelman)
Date: Sun, 12 Jan 2014 15:54:34 -0500
In-reply-to: <52D2FEF6.8050903@borg.org>
References: <52D1F949.5080608@borg.org> <6CFBCB90-10FD-45E1-8540-2213C1C3B748@ccs.neu.edu> <52D2F8EB.7090005@borg.org> <53F8F4AC-7754-4A32-A2AB-9C313DE3947D@ccs.neu.edu> <52D2FEF6.8050903@borg.org>

On 12 Jan 2014, at 15:45, Kent Borg wrote:

> but I am thinking running such obsolete code when this is a hot target 
> is also a bad idea.

Understood. I just ran the following and found some more potential 
reflectors on my net, recommend others do the same:

$ sudo nmap -sU -pU:123 -Pn -n --script=ntp-monlist {target 
host/network}

The hosts that give back real ntp peer information (vs. just showing as 
having NTP in use) are those that need to be clamped down pronto.

         -- dNb

References:
- [Discuss] NTP Gone Crazy?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] NTP Gone Crazy?
  - From: dnb at ccs.neu.edu (David N. Blank-Edelman)
- [Discuss] NTP Gone Crazy?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] NTP Gone Crazy?
  - From: dnb at ccs.neu.edu (David N. Blank-Edelman)
- [Discuss] NTP Gone Crazy?
  - From: kentborg at borg.org (Kent Borg)

Prev by Date: [Discuss] NTP Gone Crazy?
Next by Date: [Discuss] NTP Gone Crazy?
Previous by thread: [Discuss] NTP Gone Crazy?
Next by thread: [Discuss] NTP Gone Crazy?
Index(es):
- Date
- Thread

Boston Linux & Unix / webmaster@blu.org