[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
>
>> I suspect even in ntpd what they mean is that these commands should not be
>> turned on, rather than exlicitly disabled. Ie, the sysadmin must explicitly
>> enable them rather than explicitly disable them. monlist seems to report all
>> of the past connection sources, which means that a
>> request from such a server can return far more data than was in the request.
>> This opens a denial of service attack possiblity. (You send a short packet,
>> they send a whole gob of material tying up the network.)
>>
>> I suspect both others are similar. So this has to do with the remote query
>> abilities of ntpd.
>
> Sounds legible, but I can only guess whether using chrony instead
> of ntpd fulfils the requirements or if extra work has to be spent.
No extra work required.
>
> Ciao
>
> Dominik ^_^ ^_^
>
> --
>
> Dominik Vogt
>
> --
> To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "unsubscribe" in the subject.
> For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "help" in the subject.
> Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.
>
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.