[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] ALERT: remote root exploit in ntpd



On Fri, Apr 06, 2001 at 07:09:23PM -0700, Martin Siegert wrote:

> Workaround
> ==========
> If you are using ntpd only to synchronize time with external servers, i.e.,
> if you are using ntpd only as a client (no machines connect to your machine
> to get the time from it), then you can add the following line to you
> /etc/ntp.conf file:
> 
> restrict default ignore
> 
> This was reported to prevent the exploit.

If you choose this workaround, do not forget to restart ntpd (or xntpd) after
changing the /etc/ntp.conf file.