11-27-2017 02:05 AM - edited 03-08-2019 12:53 PM
Hi all,
we are getting below Vulnerability on internet switches(CVE-2016-9310)
The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query.
#IOS also updated latest one.
Is there any workaround to resolved this issue.
11-27-2017 04:21 AM
Hello,
the easiest way to remedy this is to use NTP authentication. The vulnerability exists only with regard to unauthorized 'attackers'...
11-27-2017 06:54 AM
Thanks for the reply !
already we have authenticate ntp on all devices
11-27-2017 05:31 PM
Hi,
Don't use your switches as NTP servers. Your switches should only be NTP clients. Get an NTP appliance or configure a PC server to run NTP. Configure your switches to deny all NTP requests using the NTP access-group command.
Thanks
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide