On 29 Jan 2014, at 09:52, John Rowe <[log in to unmask]> wrote: > I've been warned that my SL 5.9 machine is potentially vulnerable to the > recently announced DOS attack. As far as I can see both my 5.9 and 6x > machines are running vulnerable versions, am I missing something or are > we vulnerable? Have a look at these two pages: https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2_Configure_Rate_Limiting_Access_to_an_NTP_service.html I don't know if the fix has been back ported to EL or not (use the test in the first article to check) - if someone has warned you that you are vulnerable, the best option is to rate limit NTP clients. Even if the fix has been back ported, rate limiting is still a good thing to do. Regards, Adam Bishop gpg: 0x6609D460 Janet, the UK's research and education network. Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238