I can haz Navisys GPS USB pucks, gr601w and gr701w
Gary E. Miller
gem at rellim.com
Sun May 15 02:29:59 UTC 2016
Yo Hal!
On Sat, 14 May 2016 18:08:42 -0700
Hal Murray <hmurray at megapathdsl.net> wrote:
> gem at rellim.com said:
> > I like the PR aspect. Does NTPsec advertise itself in any way over
> > NTP protocol? Like a version number or something?
>
> In general, exposing version info is considered a security risk.
Some think that. The logic goes that people will scan your host, see
what version you are running, then run the exploit. I have never seen
a hacker do that. They just spray all their exploits at everything and
see wwhat sticks.
This is prolly a consequence of distros lying about their versions, or
backporting 'security' patches.
I prefer to leave my versions in the open, then when I do a an
automated security scan it tells me when I need to update.
As long as the user has a choice.
> If the ntpq stuff isn't restricted with noquery, you can get the
> version string with:
> /usr/local/sbin/ntpq -c "rv 0 version" $SERVER
Hmm, maybe this should say ntpsec, instead of ntpd:
catbert:/etc/fail2ban# ntpq -c "rv 0 version" pi2
version="ntpd 0.9.3-5fd5d82 May 14 2016 13:13:35"
And chronyd does nothing in response:
catbert:/etc/fail2ban# ntpq -c "rv 0 version" dagwood
dagwood.rellim.com: timed out, nothing received
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160514/a6cdd374/attachment.bin>
More information about the devel
mailing list