|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Athanasius (Athanasius
MIGGY.ORG)Date: Fri Apr 06 2001 - 12:29:15 CDT
On Thu, Apr 05, 2001 at 08:03:38PM -0400, Charles Sprickman wrote:
> On Wed, 4 Apr 2001, Przemyslaw Frasunek wrote:
>
> > /* ntpd remote root exploit / babcia padlina ltd. <venglinfreebsd.lublin.pl> */
>
> Just a quick note to save others a bit of legwork... If you are running
> ntpd on a machine simply as a client, the following line in /etc/ntp.conf
> should keep people away:
>
> restrict default ignore
If you want ntpq to be useable to check the local ntp daemon you'll
want to add something like:
restrict 127.0.0.1
This, of course, assumes you have some other filtering restricting
loopback addresses to the loopback interface only.
-Ath
-- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key "And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence." Paula Cole - ME
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]