EasyManua.ls Logo

EndRun Sonoma D12 - Receiver: Receiver Page

EndRun Sonoma D12
172 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
S o n o m a U s e r M a n u a l
44
C H A P T E R F I V E
45
S o n o m a U s e r M a n u a l
S E C U R I T Y
After making and saving your changes, you must copy the edited le to the non-volatile FLASH area
and reboot the unit:
cp -p /etc/httpd/httpd.conf /boot/etc/httpd
reboot
Restrict Query Access - NTP
The Network Time Protocol (NTP) implementation in the Sonoma is built from the reference distri-
bution from:
http://www.ntp.org
By factory default, remote control and query of the NTP daemon ntpd is disabled. Query-only op-
eration is supported only from processes running on the Sonoma itself, i.e. from the localhost. This
restricts access to ntpd from remote hosts using either of the two NTP companion utilities ntpq and
ntpdc.
Control via these two utilities is disabled in the /etc/ntp.conf le in two ways. First, MD5 authentica-
tion keys are not dened for control operation via a requestkey or controlkey declaration. Second,
this default address restriction line is present in the le:
restrict default nomodify noquery nopeer
restrict 127.0.0.1 nomodify
restrict 0::1 nomodify
The rst line eliminates control and query access from ALL hosts. The second and third lines disable
the localhost from making any modications to the ntpd daemon, but query access is not affected
by this restriction. These lines must not be removed, as they are necessary for various monitoring
processes running on the Sonoma to function properly.
Knowledgable NTP users who would like to customize the security aspects of the conguration of the
NTP daemon in the Sonoma should edit the /etc/ntp.conf le directly and then copy it to the /boot/etc
directory. Be sure to retain the ownership and permissions of the original le by using cp –p when
performing the copy.
CAUTION
If you are planning to make changes to the /etc/ntp.conf file, you must NOT restrict query access from
the local host to the NTP daemon. Various system monitoring processes running on the system require this
access.
An example follows which shows how to restrict query access to a specic remote host with IP ad-
dress 192.168.1.10 while also allowing processes running on the Sonoma to have query access as
well:

Table of Contents

Related product manuals