r12 - 2010-02-23 - 07:12:41 - HarlanStennYou are here: NTP >  Dev Web > PspPlans
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p12 was released on 14 August 2018. It addresses 1 low-/medium-severity security issue in ntpd, 1 low-severity security issue in ntpq and ntpdc, and provides 27 non-security bugfixes and 4 other improvements over 4.2.8p11.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Suggested TODO list

Group 1 (Protocol issues?)

  • SNTP RFC cleanup (Obsolete - now part of the NTPv4 spec)
  • NTP4 RFC
  • What year? (I think this is the "ntpd requires the year to be correct to within 34 years")
  • std "command and control"
  • SNMP MIB?

Group 2 (website things?)

  • Searchable Docs
  • sample configs

Group 3 (code issues?)

  • new conf file format
  • rewrite
  • bad cli/ui
    • autogen may fix this
  • man pages
    • autogen may fix this

ISC Intern ideas

  • Get the Rackable's special serial console port working and cabled
    • switch serial consoles to that port
    • free up the existing/stock serial port for use by refclocks
  • Move the big serial card from psp-fb2 to a new machine (another rackable?) that is reachable even if psp0 is down
  • Create a Yost DB9P/DCE connector for the empty RS-232 port on RHS of the top row of 4 ports on the back of the Meinberg, then build a silver-satin cable for it (with a twist) and plug that in to the (Yost) DB9/DTE connector on the back of psp-fb2, the serial port labeled #4 (I think - on the set of 4 serial ports back there, the bottom-right goes to the COM0 port of the Meinberg and the top-left goes to the RIPE-NCC card just to the left. The bottom-left serial port of the set of 4 is unused).
  • RMA the Netgear GS108(?) switch, labeled "ILOM/IPMI". It should be about waist height on top of a cardboard box on the NTP PSP rack.

 

Site Issues

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r12 < r11 < r10 < r9 < r8 | More topic actions
Dev.PspPlans moved from Dev.IscPlans on 2007-05-28 - 05:59 by HarlanStenn - put it back
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2018 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback