| VID |
23001 |
| Severity |
20 |
| Port |
123 |
| Protocol |
UDP |
| Class |
NTPD |
| Detailed Description |
The NTP (Network Time Protocol) service is found to allows query of NTP variables.
NTP (Network Time Protocol) is the service widely used with many unix and linux systems for system time synchronization over a network. There are two protocol versions in use, NTP v3 and NTP v4. The NTP daemon implementing version 3 is called 'xntp3', and the version implementing version 4 is called 'ntp'.
It is possible to determine a lot of information about the remote host by querying the NTP variables - these include OS descriptor, and time settings. This service can be used remote users to gather information of target system.
* References:
http://www.iss.net/security_center/static/8410.php |
| Recommendation |
The NTP service should be disabled if you don't use it.
Solaris 10, Solaris 11:
# svcadm disable svc:/network/ntp:default
Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
# service ntpd stop
# chkconfig ntpd off
-- OR --
Set NTP service to ignore all INFO packets at your boarder router. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
