FreeBSD Security Advisory FreeBSD-SA-14:31.ntp
Garrett Wollman
wollman at bimajority.org
Wed Dec 24 17:31:08 UTC 2014
<<On Wed, 24 Dec 2014 17:12:04 +0000, Glen Barber <gjb at FreeBSD.org> said:
> On Wed, Dec 24, 2014 at 05:42:16PM +0100, Andrei wrote:
>> On Wed, 24 Dec 2014 00:33:09 +0100 (CET)
>> FreeBSD Security Advisories <security-advisories at freebsd.org> wrote:
>> > ports, namely tcp/123 and udp/123 when it is not clear that all
>> > systems have been patched or have ntpd(8) stopped.
>>
>> Why tcp/123?
>>
> gjb at nucleus:~ % grep -i ^ntp /etc/services
> ntp 123/tcp #Network Time Protocol
> ntp 123/udp #Network Time Protocol
It's IANA's policy to reserve the ports for both TCP and UDP. NTP
does not use TCP, nor has it ever done so. It's highly unlikely that
it ever will. You might as well tell people to firewall 123/sctp as
well; it will have just as much effect.
-GAWollman
More information about the freebsd-security
mailing list