• 1 reply
  • Latest Post - ‏2014-06-24T10:47:08Z by Eve582
1 Post

Pinned topic AMM ntp vulnerability

‏2014-05-16T09:23:28Z |


We have bladecenter chasis s, with AMM module which has external routable IP address.

We got repot from our ISP, that AMM IP has  UDP based NTP amplification vulnerability (
Ant it is used for DDOS attack.

I have upgraded AMM firware to version BPET66D. Change log claims:

- Fixed an NTP vulnerability.


Also i have disabled NTP protocol via AMM web interface MM control => Network Protocols => network time protocol

But we still geting these reports about vulnerability.

And amm stil responds to query:
ntpdc -c monlist {IP}

So it is still vulnarable.

How can we fix that?
How to completely disable NTP service on AMM module?

  • Eve582
    1 Post

    Re: AMM ntp vulnerability


    The latest version of NTP server is 4.2.7p445, which fixes the monlist DDOS attack vulnerability. However, this release of NTP is still a development version and not a production release. As I understand it, the latest production release of NTP is 4.2.6p5 (dated 2011/12/24) is still vulnerable to the monlist attack. My view is that I would rather stick with a known stable version of the NTP distribution and configure it to stop the use of monlist than use a development version of NTP that may not be wholly reliable.