From owner-freebsd-questions@FreeBSD.ORG Tue Jan 3 11:29:22 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C4DA16A41F for ; Tue, 3 Jan 2006 11:29:22 +0000 (GMT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (imap.infracaninophile.co.uk [81.187.76.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D05943D55 for ; Tue, 3 Jan 2006 11:29:20 +0000 (GMT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from [IPv6:::1] (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.13.4/8.13.4) with ESMTP id k03BSVoA009796; Tue, 3 Jan 2006 11:28:34 GMT (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <43BA5FD9.5060108@infracaninophile.co.uk> Date: Tue, 03 Jan 2006 11:28:25 +0000 From: Matthew Seaman Organization: Infracaninophile User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051221) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Darren Pilgrim References: <001d01c61037$aaf9a150$642a15ac@smiley> In-Reply-To: <001d01c61037$aaf9a150$642a15ac@smiley> X-Enigmail-Version: 0.93.0.0 Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="------------enig97846DA233F069EE8F1C25FA" X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (smtp.infracaninophile.co.uk [IPv6:::1]); Tue, 03 Jan 2006 11:28:34 +0000 (GMT) X-Virus-Scanned: ClamAV 0.87.1/1225/Mon Jan 2 17:54:07 2006 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,NO_RELAYS autolearn=ham version=3.1.0 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: How to bind ntpd to a single address? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jan 2006 11:29:22 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig97846DA233F069EE8F1C25FA Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Darren Pilgrim wrote: > I don't like (let alone want) ntpd binding to every IP address on the host. > The man pages don't say anything about specifying a binding address for > ntpd. A search of the sources and Google also failed to reveal anything > useful. > > So how to I tell ntpd to bind to a specific IP address? ntpd doesn't have that functionality I'm afraid. The next best you can do is review your /etc/ntpd.conf 'restrict' rules carefully and implement a firewall to control access to port 123/UDP. NTP is not usually counted as much of a security risk, and the benefits of running it certainly do outweigh the risks. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enig97846DA233F069EE8F1C25FA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDul/f8Mjk52CukIwRA6CpAJ0YulU2v9v7f+LLQWEDvHXrU0FWvwCdGZmO qcH/0doJ7zcpBNHnz+ZK0H0= =HB3L -----END PGP SIGNATURE----- --------------enig97846DA233F069EE8F1C25FA--