Date: Tue, 14 Jan 2014 15:00:27 +0100 From: Ferdinand Goldmann <ferdinand.goldmann@jku.at> To: =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no> Cc: freebsd-security@freebsd.org, Xin LI <d@delphij.net>, Palle Girgensohn <girgen@freebsd.org> Subject: Re: NTP security hole CVE-2013-5211? Message-ID: <97DABA91-0F6E-4109-992D-A3ADFE799018@jku.at> In-Reply-To: <86d2jud85v.fsf@nine.des.no> References: <B0F3AA0A-2D23-424B-8A79-817CD2EBB277@FreeBSD.org> <52CEAD69.6090000@grosbein.net> <81785015-5083-451C-AC0B-4333CE766618@FreeBSD.org> <52CF82C0.9040708@delphij.net> <CAO82ECEsS-rKq7A-9w7VuxKpe_c_f=tvZQoRKgHEfi-yPdNeGQ@mail.gmail.com> <86d2jud85v.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 14.01.2014, at 14:06, Dag-Erling Sm=F8rgrav <des@des.no> wrote: > Cristiano Deana <cristiano.deana@gmail.com> writes: >> I tried several workaround with config and policy, and ended up you = MUST >> have 4.2.7 to stop these kind of attacks. >=20 > Doesn't "restrict noquery" block monlist in 4.2.6? I think it should be possible to block it using: disable monitor=20 seems to work for me. Best Regards, Ferdinand Goldmann --=20 >> Ferdinand Goldmann >> Johannes Kepler University Linz - Information Management >> Mail: Ferdinand.Goldmann@jku.at Phone: 00437024683925 Fax: = 00437024689397 >> A lack of planning on your part doesn't constitute an emergency on my = part.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97DABA91-0F6E-4109-992D-A3ADFE799018>