NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
NTP Variables and
Related Topics: Bug #597
, Bug #892
, Bug #973
, Bug #1026
exchange system, peer, clock and flash data.
Over the years the lists of these variables have changed from time to time.
compiled with one 'release' of these values is run against
compiled with a different 'release' of these values the data can be
In this case, if we need to change the names or strings or add/delete entries we do it with some
sort of version bump. I'd expect that we'd have something like
(where X is a version number)
the latest rev, and
and decode them all.
notes the varible list can be queried with by reading the
% ntpq -c 'rv 0 sys_var_list'
assID=0 status=21f4 leap_none, sync_atomic/PPS, 15 events, event_peer/strat_chg,
There are three variables:
We would also have to get the required format definitions as well.
This would entail having a
the formats matching the respective position in the
. Then the problem is to have a
static list of formats.
This is intriguing in that it would allow a common NTP control protocol with
less reliance on implementation details allowing a greater chance of another
implementation. Ideally, the whole control protocol should be independent of
the implementation, just as the actual NTP protocol is.
I'm liking this idea more and more.
I think we'd also want to create
As far as the format list, we could also have a variable that contains the format name and a 'presentation format'.
I'm wondering if we should have
or if the
'response' should contain both the name and the presentation information.
- 21 Aug 2007