Nmap Development mailing list archives

Re: [NSE] ntp-monlist

From: jah <jah () zadkiel plus com>
Date: Mon, 31 May 2010 08:43:53 +0100

On 31/05/2010 01:52, Richard Miles wrote:

Thanks, it really answered my question. It's nice to know that we can
use NTP to discover internal IP address of a network, I was not aware
of it. It's a flaw on the implementation? Bad configuration? Or a bad
design of the protocol?

It's probably a useful feature if its use is restricted to
administrative use. Allowing Control and Private mode requests by the
public is a configuration issue.  For ntpd it's easy to prevent public
access to this info with something like the following in /etc/ntp.conf:

restrict default noquery nomodify notrap

and then allow unfettered access to an admin machine

restrict <IP_Address>

jah
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] ntp-monlist jah (May 29)
- Re: [NSE] ntp-monlist jah (May 30)
  - Re: [NSE] ntp-monlist Richard Miles (May 30)
    - Re: [NSE] ntp-monlist jah (May 30)
    - Re: [NSE] ntp-monlist Richard Miles (May 30)
    - Re: [NSE] ntp-monlist jah (May 31)
- Re: [NSE] ntp-monlist David Fifield (May 31)
  - Re: [NSE] ntp-monlist jah (Jun 03)
    - Re: [NSE] ntp-monlist Patrick Donnelly (Jun 03)
    - Re: [NSE] ntp-monlist jah (Jun 03)
- Re: [NSE] ntp-monlist Ron (Jun 03)
  - Re: [NSE] ntp-monlist jah (Jun 04)
- Message not available
  - Re: [NSE] ntp-monlist jah (Jun 04)