Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
From: JonesMB <jonesmb@arthem.com>
Date: Thu, 05 Apr 2001 12:40:57 -0500
Message-id: <3.0.6.32.20010405124057.00caf100@arthem.com>
In-reply-to: <20010405193348.P32713@agisphere.com>
References: <3.0.6.32.20010405121217.00c8d100@arthem.com> <20010405164810.D8923@finlandia.infodrom.north.de> <3.0.6.32.20010405121217.00c8d100@arthem.com>

>>I guess we should expect a whole lot of attempts to connect to the ports
>>used by NTP once the script kiddies figure this one out.
>> 
>>I probably average about 20 connect attempts to ports 53 and 111 every day.
>
>port 137 has also a good average.

oh yeah, I forgot about that one, along with 27374.

jmb

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: Lindsey Simon <lsimon@auschron.com>

References:
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: JonesMB <jonesmb@arthem.com>
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: Philippe BARNETCHE <barnetch@agisphere.com>

Prev by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Previous by thread: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by thread: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Index(es):
- Date
- Thread