on 6-12-2009 12:17 AM Lucian@xxxxxxxxxxx spake the following: > 2009/6/12 MontyRee <chulmin2@xxxxxxxxxxx>: >> Hello, all. >> >> I would like to use ntpd for time sync not rdate or ntpdate. >> >> but after installation the ntpd, I found that listened at all interfaces >> like below. >> >> udp 0 0 192.168.111.2:123 >> 0.0.0.0:* 11528/ntpd >> udp 0 0 xxx.xxx.62.20:123 >> 0.0.0.0:* 11528/ntpd >> udp 0 0 127.0.0.1:123 0.0.0.0:* & >> nbsp; 11528/ntpd >> udp 0 0 0.0.0.0:123 >> 0.0.0.0:* 11528/ntpd >> >> >> Is there any way or option that only listen 127.0.0.1 for security reason? >> >> >> Thanks in advacne. >> >> ________________________________ >> ������ �θư�! ����� ���̺� ����� �ذ�����! ä��� �⺻! 25GB �ڷ��� ��! ������ ����Ʈ ��� Ŭ��! >> _______________________________________________ >> CentOS mailing list >> CentOS@xxxxxxxxxx >> http://lists.centos.org/mailman/listinfo/centos >> >> > > You could also ditch the ntp daemon (uncheck it in ntsysv) in favour > of running `ntpdate some.time.server` every now and then from cron. > e.g. > @hourly /usr/sbin/ntpdate ro.pool.ntpdate.org > > Sure, it might not be as elegant and practical, but it works. Don't do that on a server, especially a mail server as you will cause yourself a lot of grief as the time makes large jumps around. Many daemons are very sensitive to big time jumps either forward or backward. Ntpd is very easy to use and you can easily restrict which ports it listens to.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
