On 29-05-18 17:44, Mark Atwood, Project Manager via devel wrote:
There are a couple of different but very similar angles of approach to
explain why a network security experts will not trust a userspace daemon to
control it's own defensive packet filtering.
Cool.
So what iptables (etc) filter rules would you suggest?
Stuff liek at
http://packetpushers.net/one-liner-iptables-rule-to-filter-ntp-reflection-on-linux-hypervisor/
?
More?
Please comment.
Rationale: simply leaving filtering out without suggesting an (better)
alternative is no good.
Kind regards,
Udo
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
