From owner-freebsd-security  Wed Apr  4 17:17: 4 2001
Delivered-To: freebsd-security@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by hub.freebsd.org (Postfix) with ESMTP id D6B0D37B446
	for <freebsd-security@FreeBSD.ORG>; Wed,  4 Apr 2001 17:16:59 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter (localhost [127.0.0.1])
	by critter.freebsd.dk (8.11.3/8.11.3) with ESMTP id f350Gpt52944;
	Thu, 5 Apr 2001 02:16:51 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Brett Glass <brett@lariat.org>
Cc: Michael Bryan <fbsd-secure@ursine.com>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Fwd: ntpd =< 4.0.99k remote buffer overflow 
In-Reply-To: Your message of "Wed, 04 Apr 2001 18:14:37 MDT."
             <4.3.2.7.2.20010404181106.044485d0@localhost> 
Date: Thu, 05 Apr 2001 02:16:51 +0200
Message-ID: <52942.986429811@critter>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <4.3.2.7.2.20010404181106.044485d0@localhost>, Brett Glass writes:
>Workaround: Use
>
>/usr/sbin/ntpdate -s time.nist.gov (or pick your favorite server)
>
>periodically from /etc/crontab. (Once a day, at an odd hour and
>minute of the morning, is sufficient for most machines.) This 
>is what we have always done. It reduces overhead because there 
>isn't a daemon constantly running.

And it has a lot worse performance, but let's not get into that...

--
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message