Date: Tue, 14 Jan 2014 21:03:32 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no> Cc: freebsd-security@freebsd.org, Palle Girgensohn <girgen@FreeBSD.org>, Garrett Wollman <wollman@bimajority.org> Subject: Re: UNS: Re: NTP security hole CVE-2013-5211? Message-ID: <52D543B4.8090700@grosbein.net> In-Reply-To: <868uuid7y3.fsf@nine.des.no> References: <B0F3AA0A-2D23-424B-8A79-817CD2EBB277@FreeBSD.org> <52CEAD69.6090000@grosbein.net> <21199.26019.698585.355699@hergotha.csail.mit.edu> <868uuid7y3.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 14.01.2014 20:11, Dag-Erling Smørgrav wrote: > Garrett Wollman <wollman@bimajority.org> writes: >> For a "pure" client, I would suggest "restrict default ignore" ought >> to be the norm. (Followed by entries to unrestrict localhost over v4 >> and v6.) > > Pure clients shouldn't use ntpd(8). They should use sntp(8) or a > lightweight NTP client like ttsntpd. $ man sntp No manual entry for sntp $ whereis sntp sntp: /usr/sbin/sntp That's first time I see a reference to sntp(8) for FreeBSD while using it since 2.2.5-RELEASE. Is it documented somewhere? Eugene Grosbein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52D543B4.8090700>