Network Time Protocol NTP Mode 6 Scanner (97861)

Support for security such as Firewalls and securing linux
Post Reply
paraspiral
Posts: 4
Joined: 2014/05/21 14:58:41

Network Time Protocol NTP Mode 6 Scanner (97861)

Post by paraspiral » 2018/12/12 17:05:34

Issue: Nessus has identified all my CENTOS servers with this vulnerability Network Time Protocol NTP Mode 6 Scanner (97861)
OS: 6.1
Tech Note from Redhat: https://access.redhat.com/solutions/690293
Instructions I followed: I changed the /etc/ntp.conf to
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

This appears to NOT have solved the issue. Any advice on what would make this NTP mode 6 vulnerability go away?

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Network Time Protocol NTP Mode 6 Scanner (97861)

Post by avij » 2018/12/12 17:17:18

See if yum update helps.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Network Time Protocol NTP Mode 6 Scanner (97861)

Post by TrevorH » 2018/12/12 17:52:42

And restarted ntpd after making that change?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

paraspiral
Posts: 4
Joined: 2014/05/21 14:58:41

Re: Network Time Protocol NTP Mode 6 Scanner (97861)

Post by paraspiral » 2018/12/12 23:08:08

Yep that was it. What a duh moment.

Post Reply