Anyone know about this?

Zesty

Registered
Hey all-

I just got an advisory from my isp regarding anybody who runs any flavor of Unix and uses the NTP (Network Time Protocol ... the ntpd daemon)

http://www.kb.cert.org/vuls/id/970472

I'm wondering if this vunerability is in MacOS X as well. Hope Apple knows about it.

 

mattyb77

Registered
I'm sure that Apple knows about this because ntpd does run to synchronize time in OS X. I don't know if it affects OS X's ntpd or not, though.

If you're worried about it, I recommend turning off time synchronization.

Matt
 

marmoset

Official Volunteer
Originally posted by Zesty
Hey all-

I just got an advisory from my isp regarding anybody who runs any flavor of Unix and uses the NTP (Network Time Protocol ... the ntpd daemon)
Ah, that sucks. :(

Until Apple (hopefully) updates this via
Software Update I guess it's time to block
port 123 on my firewall. (I've been sync-ing
my machines at work to my OSX box, which
is rather a handy thing to be able
to do...)

 

endian

Dis Member
I've been sync-ing
my machines at work to my OSX box, which
is rather a handy thing to be able
to do...
heh heh I'd hate that.. all my machines at work are set 10 minutes late ;)
 

scruffy

Notorious Olive Counter
It likely does affect the ntpd in OS X - it's based on Free- and NetBSD sources, and both Free and Net have updates posted.

You might be able to build the BSD updates on OS X - anyone tried that? Apple is such a lot of slackers about patches, they likely won't fix it until 10.0.1 officially comes out, if then.
 
Top