> I'm no expert on ntp.conf, but this appears in my ntp.conf on one of
> my FreeBSD systems:
>
> restrict default kod nomodify notrap nopeer noquery
> restrict -6 default kod nomodify notrap nopeer noquery
>
> However, it also has these:
>
> restrict 127.0.0.1
> restrict -6 ::1
> restrict 127.127.1.0
These work on a "last match" basis. The latter three lines lift all
restrictions for localhost, so you can still "ntpq -pn" your own server,
but nobody else can.
DES
--
Dag-Erling Smørgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
No comments:
Post a Comment