Re: NTP security hole CVE-2013-5211?
In message <532CC8CF.4030508@elischer.org>,
Julian Elischer <julian@elischer.org> wrote:
>>> 50.116.38.157
>>> 69.50.219.51
>>> 69.55.54.17
>>> 69.167.160.102
>>> 108.61.73.244
>>> 129.250.35.251
>>> 149.20.68.17
>>> 169.229.70.183
>>> 192.241.167.38
>>> 199.7.177.206
>>> 209.114.111.1
>>> 209.118.204.201
>
>You can't use this list because the members of the pool change over time.
Yes. I've understood that now. Thank you.
>you need the following rules placed in the correct places in your ruleset.
>
>check-state
> and
>allow udp from me to any 123 out via ${oif} keep-state.
I've implemented this now, and it seems to be working great.
My sincere thanks to everyone who stepped forward to help.
Regards,
rfg
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 45 之 48 篇):