Citrix has posted a Security Advisory today regarding NTP exploits - CTX200355
By default NTP is disabled on NetScaler appliances, however if NTP has been configured Citrix recommends taking the following steps.
Open the NetScaler’s ntp.conf file in /etc and add the following lines:
restrict -4 default notrap nopeer nomodify noquery
restrict -6 default notrap nopeer nomodify noquery
All other restrict statements should also be reviewed and verified to contain both 'nomodify' and 'noquery'.
Save the file after editing and restart the NTP service.
No comments:
Post a Comment