Solved: why it show security vulnerability even without config ntp

Leftz · ‎03-16-2022

Hi why it show security vulnerability even without config ntp? I got the below the same message normal switch. but this device is a little special. please see show version below

Network Time Protocol (NTP) Mode 6 Scanner

1A#sh ver
Arista DCS-7050QX-32-R
Hardware version: 02.11
Serial number: JPE15310461
System MAC address: 444xxxxxxxx

Software image version: 4.16.6M
Architecture: i386
Internal build version: 4.16.6M-3205780.4166M
Internal build ID: 373dxxbd3c-60xxxxxxx

Uptime: 50 weeks, 4 days, 17 hours and 42 minutes
Total memory: 3978148 kB
Free memory: 591968 kB

balaji.bandi · ‎03-16-2022

Arista DCS-7050QX-32-R

Hope you are posting right forum, this is cisco, the question need to go to Arista i guess. or am i reading wrong ?

may check the model Manual what is default :

https://www.arista.com/assets/data/dArista DCS-7050QX-32-Rocs/Manuals/EOS-4.17.0F-Manual.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎03-16-2022

Arista DCS-7050QX-32-R

Hope you are posting right forum, this is cisco, the question need to go to Arista i guess. or am i reading wrong ?

may check the model Manual what is default :

https://www.arista.com/assets/data/dArista DCS-7050QX-32-Rocs/Manuals/EOS-4.17.0F-Manual.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎03-16-2022

Hello,

out of curiosity, how did you resolve this ?

The NTP Mode 6 alert means that a crafted packet can potentially be use in an amplification attack...

https://www.tenable.com/plugins/nessus/97861

https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016