On Monday, February 17, 2014 04:38:06 AM Brian Rak wrote:

> There is no excuse to still be running a NTP server with
> monlist enabled.  Fix your configuration, and you don't
> need IPTables rules.

Juniper's Junos implementation (which is based on FreeBSD) 
hasn't been patched

Using firewall filters is the only way to mitigate the 
vulnerability.

For those with Juniper access:

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10613&actp=SUBSCRIPTION

It's not clear when the software patch will be made 
available.

As it were, ScreenOS and JUNOSe are not affected, as they 
don't support the MONLIST feature.

Mark.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to