[ntp:questions] What to do for clients less than 4.2.8?
david at ex.djwhome.demon.invalid
Sat Dec 20 09:30:45 UTC 2014
On 20/12/14 09:22, Martin Burnicki wrote:
> As far as I understand the reports on bugzilla the main vulnerabilities
> are in functions where signed packets (symmetric key or autokey) are
> received/checked, or dynamic/remote configuration via ntpq and/or ntpdc
> is enabled, which, as far as I know also requires some sort of crypto
> top be enabled.
One might be in a pure status enquiry, so you may have to set noquery.
In any case, except possibly for people using encryption, and maybe not
even them, these affect neither client nor server mode, only remote
More information about the questions