Gary E. Miller via devel <devel@ntpsec.org>: > Yo Eric! > > On Tue, 29 May 2018 16:17:36 -0400 > "Eric S. Raymond" <e...@thyrsus.com> wrote: > > > Please either choose one drop/no-drop or explain why these cases > > should be treated separately. > > If that is the choice, the choice should be no-drop.
Well, then, we're back to square one, and you now have an argument
with Mark over his decision to drop filtering by name.
> A ton of ntpd installations were setup a long time ago, and unlikely an
> admin ever looks a the config. Even new ones are setup from age-old
> howto's that use the built-in ntpd IP filtering.
>
> if a distro should update from NTP Classic to NTPsec, and the admin
> is asleep at the wheel (99% probability), then the security features
> configured into ntdp on day-one will be lost, but no compensating
> security features, like a firewall, are configured to compensate.
>
> Now the poor system is wide open to abuse. Bad outcome. NTPsec gets
> a blck eye as being 'insecure'.
But when I wrote this:
"We have removed packet filtering by interface name because we judge it's
a security-defect attractor. The place to do this is in kernel-level packet
filters and firewalls, which get much more scrutiny; good admin practice
in this century is to not trust usespace packet filtering at all."
you endorsed it. Does that change if "name" in the first sentence is
deleted?
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
