[169150] in North American Network Operators' Group
Re: OpenNTPProject.org
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sun Feb 16 23:30:28 2014
In-Reply-To: <1BF56ACA-672D-4281-8430-291970A6D61E@orthanc.ca>
Date: Sun, 16 Feb 2014 23:30:09 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Lyndon Nerenberg <lyndon@orthanc.ca>
Cc: NANOG List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Feb 16, 2014 at 11:09 PM, Lyndon Nerenberg <lyndon@orthanc.ca> wrote:
>
> On Feb 16, 2014, at 7:59 PM, Mark Tinka <mark.tinka@seacom.mu> wrote:
>
>> Juniper's Junos implementation (which is based on FreeBSD)
>> hasn't been patched
>>
>> Using firewall filters is the only way to mitigate the
>> vulnerability.
>
> But doesn't the JunOS ntpd read/parse ntpd.conf? It's worth getting to the admin mode shell prompt and taking a poke around /etc.
and good luck with figuring out:
1) when you need to re-do that magic move
2) making sure that the move is automatable over time
it's sort of weird that the service on a routing platform supports
more than 'the current time is XX:YY::ZZ' anyway, eh?
