On Wed, Dec 24, 2014 at 05:42:16PM +0100, Andrei wrote:> On Wed, 24 Dec 2014 00:33:09 +0100 (CET)
> FreeBSD Security Advisories <security-advisories at freebsd.org>
wrote:
>
> > No workaround is available, but systems not running ntpd(8) are not
> > affected. Because the issue may lead to remote root compromise, the
> > FreeBSD Security Team recommends system administrators to firewall NTP
> > ports, namely tcp/123 and udp/123 when it is not clear that all
> > systems have been patched or have ntpd(8) stopped.
>
> Why tcp/123?
>
gjb at nucleus:~ % grep -i ^ntp /etc/services
ntp 123/tcp #Network Time Protocol
ntp 123/udp #Network Time Protocol
Glen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-security/attachments/20141224/147dd2d1/attachment.sig>