DDoS Attacks on NTP Servers affecting some GNSS receivers
There have recently been widespread attacks by internet gamers on Network Time (NTP) servers - many computers, servers, and devices run these, and some GNSS receivers have proven to be vulnerable.
See this article for a good description of the issue:
Our immediate recommendation is that any new-generation JAVAD or Trimble NetR5, NetR8, or NetR9 GNSS receiver (with firmware versions 4.81 or earlier) that has a direct connection to the internet - i.e. a public IP address with no firewall router, cellular modem or VSAT/BGAN in its communication path - should have its NTP server disabled and/or IP Filtering enabled as soon as possible.
NTP servers are left enabled by default on these devices although only a small minority of users require this functionality.
The server can be disabled in the "Network Configuration -> NTP" tab of a Trimble NetR5, NetR8, or NetR9 on the web interface. The recommended configuration will be:
Please see the following Trimble Document for general recommendations regarding the internet security of their devices:
Super-users and system administrators may run a diagnostic command to determine if any given device is vulnerable or under attack to the current NTP (replacing the X’s with the IP address or URL of your device)
If you are operating any other devices with direct internet exposure you should contact your local IT Staff to determine whether a vulnerability needs to be addressed.
|Posted by: Freddy Blume - February 20, 2014. This article has been viewed 651 times.|
|Online URL: https://kb.unavco.org/article/ddos-attacks-on-ntp-servers-affecting-some-gnss-receivers-800.html|
Powered by PHPKB (Knowledge Base Software)