Danilo Dy Fri, 02/15/2008 - 09:11

Hi,

Which system is being audited? Cisco/IOS? IBM/AIX? Linux? Unix?

Was there a vulnerability test perform for the auditor to refer the result to the mentioned link?

The document was publiched 7 years ago, surely it has been rectified by patches.

NTPD is always prone to remote buffer overflow attack because it runs in UDP. However, you can setup your NTP using the following level of security;

- setup one or two systems to sync to NTP outside your network and sync all your devices to these two systems.

- password

- ACL between source/destination

- regularly update/patch

In any auditing, you have to defend the need supported by precautions and by following documented process/standards if the service providing the need has some weaknesses. There is no perfect security, but make sure you are always 1 step ahead.

Regards,

Dandy

Actions

This Discussion