Nmap Development mailing list archives
Re: [NSE] ntp-monlist
From: jah <jah () zadkiel plus com>
Date: Mon, 31 May 2010 08:43:53 +0100
On 31/05/2010 01:52, Richard Miles wrote:
Thanks, it really answered my question. It's nice to know that we can use NTP to discover internal IP address of a network, I was not aware of it. It's a flaw on the implementation? Bad configuration? Or a bad design of the protocol?
It's probably a useful feature if its use is restricted to administrative use. Allowing Control and Private mode requests by the public is a configuration issue. For ntpd it's easy to prevent public access to this info with something like the following in /etc/ntp.conf: restrict default noquery nomodify notrap and then allow unfettered access to an admin machine restrict <IP_Address> jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ntp-monlist jah (May 29)
- Re: [NSE] ntp-monlist jah (May 30)
- Re: [NSE] ntp-monlist Richard Miles (May 30)
- Re: [NSE] ntp-monlist jah (May 30)
- Re: [NSE] ntp-monlist Richard Miles (May 30)
- Re: [NSE] ntp-monlist jah (May 31)
- Re: [NSE] ntp-monlist Richard Miles (May 30)
- Re: [NSE] ntp-monlist jah (May 30)
- Re: [NSE] ntp-monlist jah (Jun 03)
- Re: [NSE] ntp-monlist Patrick Donnelly (Jun 03)
- Re: [NSE] ntp-monlist jah (Jun 03)
- Re: [NSE] ntp-monlist jah (Jun 04)
- Re: [NSE] ntp-monlist jah (Jun 04)