UNS: Re: NTP security hole CVE-2013-5211?
Warren Block
wblock at wonkity.com
Tue Jan 14 15:40:22 UTC 2014
On Tue, 14 Jan 2014, Eugene Grosbein wrote:
> On 14.01.2014 20:11, Dag-Erling Smørgrav wrote:
>> Garrett Wollman <wollman at bimajority.org> writes:
>>> For a "pure" client, I would suggest "restrict default ignore" ought
>>> to be the norm. (Followed by entries to unrestrict localhost over v4
>>> and v6.)
>>
>> Pure clients shouldn't use ntpd(8). They should use sntp(8) or a
>> lightweight NTP client like ttsntpd.
>
> $ man sntp
> No manual entry for sntp
> $ whereis sntp
> sntp: /usr/sbin/sntp
>
> That's first time I see a reference to sntp(8) for FreeBSD
> while using it since 2.2.5-RELEASE.
>
> Is it documented somewhere?
sntp.1 is in contrib/ntp/sntp/, but it's never installed.
More information about the freebsd-security
mailing list