| VID |
23098 |
| Severity |
20 |
| Port |
123 |
| Protocol |
UDP |
| Class |
NTPD |
| Detailed Description |
The NTP server reveals too much information about the relevant host with the NTP variables. Network Time Protocol (NTP) daemon is responsible for providing accurate time reports used for synchronizing the clocks on installed systems. The NTP variables include OS descriptor, and time settings. A remote attacker can use this information to perform further attack.
* Platforms Affected:
All Platforms running NTP service |
| Recommendation |
1. If it is not needed, consider disabling NTP service completely.
Solaris 10, Solaris 11:
# svcadm disable svc:/network/ntp:default
Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
# service ntpd stop
# chkconfig ntpd off
2. Block ntp requests (123/{tcp,udp}) from untrusted networks.
3. If you can do it, set NTP to restrict default access to ignore all info packets. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
