ESXi 4.1 contains a vulnerability that can be used to create an amplification attack using the molist command in NTP.
If you’re using that version, you can mitigate the issue by editing /etc/ntp.conf
and adding noquery
and nopeer
to the restrict line
restrict default kod nomodify notrap noquery nopeer
restrict 127.0.0.1
driftfile /etc/ntp.drift
Once done, restart NTP with /etc/init.d/ntpd restart