Date: Fri, 13 Apr 2001 00:06:59 -0700 From: Steve Reid <sreid@sea-to-sky.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:31.ntpd Message-ID: <20010413000659.A88148@grok.bc.hsia.telus.net> In-Reply-To: <200104122058.f3CKwLe45352@freefall.freebsd.org>; from FreeBSD Security Advisories on Thu, Apr 12, 2001 at 01:58:21PM -0700 References: <200104122058.f3CKwLe45352@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 12, 2001 at 01:58:21PM -0700, FreeBSD Security Advisories wrote: > IV. Workaround > Disable the ntpd daemon using the following command: None of the advisories I've seen released (FreeBSD or otherwise) have listed "restrict" directives in ntp.conf as a workaround. Is this because it is not sufficient, or are the people writing the advisories not aware of it, or other? Restricting by address is subject to spoofing of course, but is there any reason "restrict default noquery nomodify notrap nopeer" would not be sufficient to protect a typical NTP client while still allowing it to receive time service? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010413000659.A88148>