Hi I have recently received a NTP Mode 6 vulnerability letter. Not sure what this is about.
It then forward me onto following website virginmedia.com/ntpmod6 which then sens me to openNTPProject.org. This advises me to run the following command ntpq -c rv 192.0.2.1. It adds if you receive a response your server may be used in attacks.
I have an apple MacBook pro and when I run this from terminal it says timed out, nothing received Request timed out.
Does this mean I'm ok? Not sure what else to check.
bigkam, the ntpq command needs to be run against your cable modem's public IP address and from a location external to your local area network. You can use GRC's ShieldsUP! service to scan your public IP address for NTP service here.
FYI, typing ip in your favoured search engine may return you public IP address in addition to results, for example, in Bing.
The GRC status of closed indicates you are not vulnerable however to be sure run the ntpq command from another network against your IP address.
I posted the following here but it is just as applicable to your post:
Reflection and amplification attacks are not designed to break the security of the device, they take advantage of its open services.
FYI, a reflection and amplification attack is where a spoofed IP address is used by the attacker to send a small amount of data to devices that are running open name services like mDNS which respond back (reflection) to the spoofed IP address of the target with more data (amplification) than that received. The result is the victim servers are overwhelmed by the volume of data from name server queries they did not make.