Hi Nijin,
Recognizing the urgent need, we have indeed planned to initiate the work needed for this request. However, it would be helpful if we can get in touch with each other to ensure that the solution matches the needs. Can you please email me at
ravishu.arora@broadcom.com so that I can set something up on the calendar with our technical team?
------------------------------
Principal Product Manager
Broadcom Software
------------------------------
Original Message:
Sent: Feb 06, 2023 02:59 AM
From: Nijin K
Subject: ntp probe security flaw
Hi Ravishu
Did you have your review meeting can you please confirm if there is any update on ntp_response probe defect.
Regards
Nijin
Original Message:
Sent: 1/26/2023 7:21:00 AM
From: Ravishu Arora
Subject: RE: ntp probe security flaw
This request has been added to our backlog and shall be reviewed for prioritization in our next meeting.
------------------------------
Principal Product Manager
Broadcom Software
Original Message:
Sent: Jan 24, 2023 08:36 AM
From: Stephen Danseglio
Subject: ntp probe security flaw
Ive sent a reminder to the Security team, and Ill let you know as soon as I hear back.
Steve
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 24, 2023 05:36 AM
From: Nijin K
Subject: ntp probe security flaw
Hi Stephen
Have you got any update on this from security Team?
Regards
Nijin
Original Message:
Sent: 1/20/2023 9:35:00 AM
From: Stephen Danseglio
Subject: RE: ntp probe security flaw
Im working on it, will let you know after my discussion with our Security team.
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 20, 2023 08:40 AM
From: Stephen Danseglio
Subject: ntp probe security flaw
Never mind, I found it. Case 33273686 DE550309
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 20, 2023 07:56 AM
From: Stephen Danseglio
Subject: ntp probe security flaw
The case should not be closed as this does represent a security flaw. What is the case number? I will reach out to our security SME as well.
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 20, 2023 07:54 AM
From: Nijin K
Subject: ntp probe security flaw
Stephen
case opened and closed with same statement that this requires enhancement but no update on enhancement made me search for workaround or other ways to monitor ntp jitter between serer and network device.
So is there any way to speed up this process
regards
nijin
Original Message:
Sent: Jan 20, 2023 07:34 AM
From: Stephen Danseglio
Subject: ntp probe security flaw
great, ask others to vote it up! and please open a case as well.
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 20, 2023 07:32 AM
From: Nijin K
Subject: ntp probe security flaw
Already did stephen
Please use below link to access same
https://community.broadcom.com/idea/ntp-response-probe-using-reserved-mode
regards
Nijin
Original Message:
Sent: Jan 20, 2023 07:14 AM
From: Stephen Danseglio
Subject: ntp probe security flaw
Since this can be considered a Security flaw, please also open a case and we will enter a defect.
Steve
------------------------------
Support Engineer
Broadcom
US
Original Message:
Sent: Jan 20, 2023 06:54 AM
From: Nijin K
Subject: ntp probe security flaw
Hi Team
We are trying to monitor NTP response of all the servers in our environment but when we used ntp protocol on NTP_response probe it got blocked by cisco
time Devices and when client contacted cisco they came up with below finding
- It is incorrect to use ntp packets with mode 6 as (as this is classified as unsecure and possible to use in amplification attack)
- Major distributions and NTP server SW does not support mode 6 or defaults to disable it
- RHEL chrony does not support mode 6 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/assembly_achieving-some-settings-previously-supported-by-ntp-in-chrony_configuring-basic-system-settings
- Cisco ratelimits mode 6 packets https://quickview.cloudapps.cisco.com/quickview/bug/CSCum44673
- Ntpd https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s1-understanding_the_ntpd_configuration_file
Can anybody suggest if there is a workaround for this.
regards
Nijin