Date: Tue, 18 Feb 2014 15:25:28 -0800 From: Darren Pilgrim <list_freebsd@bluerosetech.com> To: Michael Sierchio <kudzu@tenebras.com>, "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Semi-urgent: Disable NTP replies? Message-ID: <5303EBE8.7050300@bluerosetech.com> In-Reply-To: <CAHu1Y71jpZEwUHE=TOmLt3BpHcJEmCC=egPmWBGYUBcSe65zHw@mail.gmail.com> References: <2505.1392764000@server1.tristatelogic.com> <CAHu1Y71jpZEwUHE=TOmLt3BpHcJEmCC=egPmWBGYUBcSe65zHw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/18/2014 3:18 PM, Michael Sierchio wrote: > If you want to prevent your ntp process from being used in DDOS > reflection attacks, just put this directive in the ntp.conf file: > > disable monitor > > You don't necessarily have to restrict access for normal queries > (unless you want to). You can disable the monitoring features, but they do have use. Normal queries are only restricted if you use the "kod" or "ignore" restrict keywords.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5303EBE8.7050300>