[no subject]

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


>
>> I suspect even in ntpd what they mean is that these commands should not be
>> turned on, rather than exlicitly disabled. Ie, the sysadmin must explicitly
>> enable them rather than explicitly disable them. monlist seems to report all
>> of the past connection sources, which means that a
>> request from such a server can return far more data than was in the request.
>> This opens a denial of service attack possiblity. (You send a short packet,
>> they send a whole gob of material tying up the network.)
>>
>> I suspect both others are similar. So this has to do with the remote query
>> abilities of ntpd.
>
> Sounds legible, but I can only guess whether using chrony instead
> of ntpd fulfils the requirements or if extra work has to be spent.

No extra work required.

>
> Ciao
>
> Dominik ^_^  ^_^
>
> --
>
> Dominik Vogt
>
> --
> To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "unsubscribe" in the subject.
> For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "help" in the subject.
> Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.
>

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/