Workaround for NTP exploit

Status
Not open for further replies.
M

mnt_schred

Dabbler
Joined
Aug 6, 2012
Messages
29
We've got a Freenas instance 8.3.0 which we cannot upgrade without first backup data first. However, it has been compromised multiple times with an exploit. Is there any way we can implement a workaround?
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
Unplug it from the Internet, since it is not designed to be exposed to the Internet.

Then kill ntpd.

Then use the remediation steps outlined in various places to reconfigure ntpd to "not do that." You may need to determine how FreeNAS generates the ntp.conf file.

Then plug your NAS into a firewall so that it doesn't see the packets that it should never have been exposed to.

Then start ntpd.

Happiness.
 
C

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
Without having a good firewall I don't even want to think about what other exploits you've been a victim of and don't even know it. It's just as jgreco said.. you should not be putting FreeNAS on the internet without a firewall. That's just asking to be pwned.
 
Status
Not open for further replies.

Similar threads

C
  • Locked
"Compromised host from IP"?
Replies
5
Views
2K
tvsjr
T
J
  • Locked
Using FreeNAS without Internet Access or NTP
Replies
4
Views
4K
Ericloewe
Ericloewe
fosaq
Disk Replace with TrueNAS 13.0 with a workaround for the workaround: is this a problem?
Replies
2
Views
1K
fosaq
fosaq
D
  • Locked
lagg0 Not Performing
Replies
5
Views
2K
jgreco
jgreco
msrhedges
  • Locked
NTP Server not Reached
Replies
8
Views
10K
msrhedges
msrhedges
Top