Hello,
When I made a scan with nessus scanner, we have this medium risk:
Risk: Medium
Application: ntp
Port: 123
Protocol: udp
ScriptID: 97861
Synopsis:
The remote NTP server responds to mode 6 queries.
Description:
The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP
amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause
a reflected denial of service condition.
Solution:
Restrict NTP mode 6 queries.
5.0
CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Plugin Output:
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system="/", leap=0, stratum=6, precision=-20,
rootdelay=89.881, rootdisp=186.125, refid=10.56.36.7,
reftime=0xde43c58d.f4ccc634, clock=0xde43c5c9.bb616b2e, peer=46269,
tc=6, mintc=3, offset=2.284, frequency=-20.303, sys_jitter=6.497,
clk_jitter=1.453, clk_wander=0.014'
Did you have a solution for restrict NTP mode 6 queries ?
Thanks.
#NTP