NTP BUG 3592: DoS Attack on Unauthenticated Client
Last update: May 9, 2023 14:31 UTC (f9b991261)
The fix for 3445 introduced a bug whereby a system that is running ntp-4.2.8p12 or p13 that only has one unauthenticated time source can be attacked in a way that causes the victim’s next poll to its source to be delayed, for as long as the attack is maintained.
- Use authentication with symmetric peers.
- Have enough sources of time.
- Upgrade to 4.2.8p14 or later.
Reported by Miroslav Lichvar.