r7 - 2004-10-15 - 02:19:04 - HarlanStennYou are here: NTP >  Support Web > OtherImplementations > JavaSntpClient > JavaSntpClientDev
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p11 was released on 27 February 2018. It addresses 2 low-/medium-, 1 informational-/medium-, and 2 low-severity security issues in ntpd, 1 medium-severity security issue in ntpq, and provides over 65 non-security bugfixes and other improvements over 4.2.8p10.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Discussion of JavaSntpClient

Should it be SntpClient.java instead of NtpClient.java?

-- HarlanStenn - 23 Jan 2004

Yes.

-- AdamBuckley - 23 Jan 2004

There are two typos in RFC2030 which should be applied to the Java source code. They are detailled at http://www.rfc-editor.org/errata.html >> 2030 >> find errata

-- AdamBuckley - 30 Jan 2004

Jon Dobles spotted an error in encodeTimestamp. Line 394 is:

array[7] = (byte) (Math.random()*255.0);

but should be:

array[7+pointer] = (byte) (Math.random()*255.0);

Thank you Jon!

-- AdamBuckley - 13 Feb 2004

The two Java source files were updated on 28-Aug-2004 to reflect the above comments.

-- AdamBuckley - 28 Aug 2004

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r7 < r6 < r5 < r4 < r3 | More topic actions
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2018 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback