[Bug 859190] New: network:time/ntp: DDOS
https://bugzilla.novell.com/show_bug.cgi?id=859190 https://bugzilla.novell.com/show_bug.cgi?id=859190#c0 Summary: network:time/ntp: DDOS Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: openSUSE 13.1 Status: NEW Severity: Major Priority: P5 - None Component: 3rd party software AssignedTo: max@suse.com ReportedBy: opensuse@dstoecker.de QAContact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Blocker: --- The current NTP default setup does not differntiate between internal and external access. The default setup should be modified, so that external access is restricted and admins need to remove restrictions when wanted. Probabably 99% of all NTP installations aren't meant to be worldwide visible, but suse defaults are extremely open. E.G. Ubuntu has # By default, exchange time with everybody, but don't allow configuration. restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=859190 https://bugzilla.novell.com/show_bug.cgi?id=859190#c1 --- Comment #1 from Dirk Stoecker <opensuse@dstoecker.de> 2014-01-17 11:35:11 UTC --- Created an attachment (id=574790) --> (http://bugzilla.novell.com/attachment.cgi?id=574790) My default ntp configuration from an Hetzner uBuntu server -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=859190 https://bugzilla.novell.com/show_bug.cgi?id=859190#c2 Reinhard Max <max@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Version|unspecified |13.1 Milestone 4 Component|3rd party software |Network AssignedTo|max@suse.com |bnc-team-screening@forge.pr | |ovo.novell.com Resolution| |DUPLICATE Product|openSUSE.org |openSUSE Factory QAContact|opensuse-communityscreening |qa-bugs@suse.de |@forge.provo.novell.com | Target Milestone|--- |13.2 Milestone 0 --- Comment #2 from Reinhard Max <max@suse.com> 2014-01-17 14:35:24 CET --- The security team decided that we only need to change this in Factory. BTW, the Bugzilla product openSUSE.org is about the openSUSE project and its infrastructure. Bugs against openSUSE should be reported against either openSUSE Factory or one of the released versions. *** This bug has been marked as a duplicate of bug 857195 *** http://bugzilla.novell.com/show_bug.cgi?id=857195 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com