UNS: Re: NTP security hole CVE-2013-5211?
Eugene Grosbein
eugen at grosbein.net
Tue Jan 14 14:03:58 UTC 2014
On 14.01.2014 20:11, Dag-Erling Smørgrav wrote:
> Garrett Wollman <wollman at bimajority.org> writes:
>> For a "pure" client, I would suggest "restrict default ignore" ought
>> to be the norm. (Followed by entries to unrestrict localhost over v4
>> and v6.)
>
> Pure clients shouldn't use ntpd(8). They should use sntp(8) or a
> lightweight NTP client like ttsntpd.
$ man sntp
No manual entry for sntp
$ whereis sntp
sntp: /usr/sbin/sntp
That's first time I see a reference to sntp(8) for FreeBSD
while using it since 2.2.5-RELEASE.
Is it documented somewhere?
Eugene Grosbein
More information about the freebsd-security
mailing list