Semi-urgent: Disable NTP replies?
Darren Pilgrim
list_freebsd at bluerosetech.com
Tue Feb 18 23:25:28 UTC 2014
On 2/18/2014 3:18 PM, Michael Sierchio wrote:
> If you want to prevent your ntp process from being used in DDOS
> reflection attacks, just put this directive in the ntp.conf file:
>
> disable monitor
>
> You don't necessarily have to restrict access for normal queries
> (unless you want to).
You can disable the monitoring features, but they do have use. Normal
queries are only restricted if you use the "kod" or "ignore" restrict
keywords.
More information about the freebsd-questions
mailing list