This one time, at band camp, John Clarke wrote: >On Thu, Aug 14, 2003 at 02:30:46PM +1000, Jamie Wilkinson wrote: >> That's not so good. > >No, but you can work around it with iptables (not as good as not >listening, but better than nothing). Allow port 123 (tcp and udp) from >your upstream servers and downstream clients and block it from >everywhere else.
Yep, that's what I'm doing at the moment, I was hoping to lock down ntp as well; multiple levels and all that. -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
