UNS: Re: NTP security hole CVE-2013-5211?

Dag-Erling Smørgrav des at des.no
Tue Jan 14 13:11:43 UTC 2014


Garrett Wollman <wollman at bimajority.org> writes:
> For a "pure" client, I would suggest "restrict default ignore" ought
> to be the norm.  (Followed by entries to unrestrict localhost over v4
> and v6.)

Pure clients shouldn't use ntpd(8).  They should use sntp(8) or a
lightweight NTP client like ttsntpd.

DES
-- 
Dag-Erling Smørgrav - des at des.no


More information about the freebsd-security mailing list