[182185] in North American Network Operators' Group
Re: NTP versions in production use?
daemon@ATHENA.MIT.EDU (Ca By)
Sun Jul 12 14:16:17 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <F2AE201D-1E05-49A0-8444-38D0A1BEC045@gmail.com>
Date: Sun, 12 Jul 2015 11:16:14 -0700
From: Ca By <cb.list6@gmail.com>
To: Alistair Mackenzie <magicsata@gmail.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sunday, July 12, 2015, Alistair Mackenzie <magicsata@gmail.com> wrote:
> I=E2=80=99m currently running a scan of the internet and querying NTP ver=
sions.
>
> I=E2=80=99ll publish the results of it on Github and mail them in here :)
>
>
Please don't.
Please see http://openntpproject.org/
>
>
>
> On 12/07/2015 15:15, "NANOG on behalf of Mike O'Connor" <
> nanog-bounces@nanog.org <javascript:;> on behalf of mjo@dojo.mi.org
> <javascript:;>> wrote:
>
> >:Thanks, and I'm kinda stunned that folks are running such ancient
> >:versions of NTP.
> >
> >I suggest you get accustomed to being stunned.
> >
> >:https://support.ntp.org/bin/view/Dev/ReleaseTimeline
> >:
> >:4.2.0 was EOL'd in June of 2006, and we've fixed about 3,000 issues in
> >:the codebase since then.
> >
> >4.2.0 may have been EOL'd in 2006, but it was still shipping as the
> >default in FreeBSD until 2009.
> >
> >Out of those 3000 issues, only a tiny fraction are security-related
> >that would apply to JunOS. I expect that they backport security and
> >other fixes as necessary, until some bigger engineering effort and|or
> >headache calls for a forklift/mass upgrade of things.
> >
> >
> >--
> > Michael J. O'Connor
> mjo@dojo.mi.org <javascript:;>
> >
> =3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=
=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D--=3D=3D=
--=3D
> >"Fire me, boy!" -The Human
> Bullet
>
>
