Ferdinand Goldmann <[email protected]> writes: > Dag-Erling Smørgrav <[email protected]> writes: > > Doesn't "restrict noquery" block monlist in 4.2.6? > I think it should be possible to block it using: > > disable monitor > > seems to work for me.
That disables monlist across the board, whereas the restrict mechanism allows you to disable it selectively: restrict default nomodify nopeer noquery notrap restrict localhost not quite as fine-grained, though, since "disable monitor" only disables monlist while "restrict noquery" blocks all ntpq / ntpdc queries. Of course, the default behavior for a sensible NTP implementation should be to ignore everything except time queries. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
