[svlug] Serious NTP security holes
Sarah Newman
sarah.newman at computer.org
Sun Dec 21 17:49:40 PST 2014
NTP DDOS reflection attacks have been around for a very long time now. The news is the CVEs.
Anybody who runs their own server, I suggest signing up for the security related lists for their
distribution. Here are a few:
centos http://lists.centos.org/mailman/listinfo/centos-announce
debian https://lists.debian.org/debian-security-announce/
ubuntu https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Realize these are "hey we fixed it, go update" not "this just came out" lists.
Of those centos was the first to fix, followed by debian. Ubuntu has yet to fix:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1404648
For alerts when they happen, it looks like from
https://www.us-cert.gov/mailing-lists-and-feeds
"alerts" and "current activity" are the most pertinent. There's also
http://seclists.org/
>From there it looks like oss-sec is the most pertinent
http://oss-security.openwall.org/subscribe
--Sarah
On 12/21/2014 04:58 PM, Jesse Monroy wrote:
> Hey Guys,
> I'm reading the Arduino threads when I see this. I'm sure there are
> better sources. If someone has the time, please post back to the
> mailing list. All my servers are down at the moment - so this is not
> on my hot list.
>
> TIA
> Jesse
>
>
> Serious NTP security holes have appeared and are being exploited
> http://www.zdnet.com/article/major-ntp-security-holes-appears-and-are-being-exploited/
> """
> NTP can be used easily in "reflection attacks" to initiate distributed
> denial of service (DDoS) attacks
> """
>
> _______________________________________________
> svlug mailing list
> svlug at lists.svlug.org
> http://lists.svlug.org/lists/listinfo/svlug
>
More information about the svlug
mailing list