Date: Thu, 16 Jan 2014 10:41:24 +0100 From: Fabian Wenk <fabian@wenks.ch> To: freebsd-security@freebsd.org Subject: Re: NTP security hole CVE-2013-5211? Message-ID: <52D7A944.70604@wenks.ch> In-Reply-To: <86d2jud85v.fsf@nine.des.no> References: <B0F3AA0A-2D23-424B-8A79-817CD2EBB277@FreeBSD.org> <52CEAD69.6090000@grosbein.net> <81785015-5083-451C-AC0B-4333CE766618@FreeBSD.org> <52CF82C0.9040708@delphij.net> <CAO82ECEsS-rKq7A-9w7VuxKpe_c_f=tvZQoRKgHEfi-yPdNeGQ@mail.gmail.com> <86d2jud85v.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Dag-Erling On 14.01.2014 14:06, Dag-Erling Smørgrav wrote: > Cristiano Deana <cristiano.deana@gmail.com> writes: >> I tried several workaround with config and policy, and ended up you MUST >> have 4.2.7 to stop these kind of attacks. > > Doesn't "restrict noquery" block monlist in 4.2.6? It does at least in 4.2.4p8 (running on FreeBSD 9.1), so I guess this should also work in newer versions. bye Fabian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52D7A944.70604>