This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ntp

I have NTP disabled in my network. I've also noticed that 40% of my packet filter violations are NTP related (UDP port 123).

I've read that NTP security concerns are: "It provides both info and an avenue of attack for intruders. Info gathered can include: system uptime, time since reset, time server pkt, I/O, & memory statistics, and ntp peer list. Further, if a host is susceptible to time altering via ntp, an attacker can: 1) Run replay attacks, using captured OTP and Kerberos tickets before they expire. 2) Stop security-related cron jobs from running or cause them to run at incorrect times. 3) Make system and audit logs unreliable, since time is alterable."

Do ASG users here recommend enabling or keeping NTP disabled?

Thoughts/Opinions welcomed!

Thanks,

-Da

This thread was automatically locked due to age.

Parents

0 BarryG over 16 years ago

Astaro 7.0 and newer has an NTP server, so you can point it at some public (or private) servers, ALLOW the internal networks to use it, and point your internal NTP clients at the firewall.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 Dakrisht over 16 years ago in reply to BarryG

Great, thanks Barry.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Dakrisht over 16 years ago in reply to BarryG

Great, thanks Barry.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data