[pve-devel] Is there a reason to use the ntp package?
Falk Husemann
fh at paketsequenz.de
Sun Jan 5 15:09:40 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I've been buildin a small penetration testing lab for myself using
Proxmox VE 3.1 and wrote Martin where to direct questions concerning
security.
In the default installation you install the ntp package and as far as
I could check, it's only used to synchronise the local time. It
doesn't allow external connections. Looks entirely like the default
config.
Sadly ntp listens on 0.0.0.0:123 UDP, even though it doesn't answer
requests there.
What would I have to do to get you to switch to openntpd which
provides the same functionality but doesn't listen on 0.0.0.0?
BTW: I'm still flabbergasted by how well Proxmox works for what I
attempt to do :)
Greets,
Falk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSyWekAAoJEPPG1NATKThtOSYH/juqcZ4+h5cnvq9uCxM/A2WS
x92xO2HDWOwU+8stCoPKiVCYm1DBD027MlMWn0vzEwMXcUmZ8nLec3g9qKLejibl
EjtbOnnCkS05sd886Mm6JpxISmtaHIexYjWIpNzw7dapdp40TgfXp1oXtw8wVVaB
TSdHQzW8kThEevIftnqfXmM4B1dtRDaITwljBcm9MD+MXnZgFUu07juhCx5aZhKE
W5mdQ0CkDDVPydYuoco2TImHih2o4cxsfTfKGD7XYX3zzFVbn4kAlSZAD6H5Gc5X
Soo7TOLxWFBFngjD+/V1FOsWVKj05QD65qvlTIJWLU/EXWmkUezgK/rbaT4r3wY=
=8fOL
-----END PGP SIGNATURE-----
More information about the pve-devel
mailing list