I need to know which version of NTP is install in Solaris 10 box. How can I check it.
IF NTP 3 in implemented then somebody told me implement NTP 4 due to security reasons, for that I have to tell what are the vulnerabilities present in NTP 3 to higher authorities. I could not able to get vulnerabilities present in NTP 3 through google. Kindly help me in this regard
The time on your systems could be subverted a causing denial attack.
Whch ever version of NTP you are using if you are in control of your NTP server you can make your NTP system use an encryption key, according to this page: http://www.eecis.udel.edu/~mills/ntp/html/keygen.html
what they are proposing requires NTPv4 to be used.
Solaris Version 9 (SunOS 5.9) and earlier have the xntpd version 3 protocol see RFC 1305.., The most current protocol is version 4 - only RFC 2030 exists now for it. This is not complete.
Read your man page - it tells you the default protocol for xntpd (NTP)
No, it is something I was aware of at the back of my mind, could well only apply to earlier NTP protocols, I did a lot of work with NTP and a time receiver back in 1999...