[ntp:questions] problem with pool directive?

David Taylor david-taylor at blueyonder.co.uk.invalid
Tue Nov 11 16:58:30 UTC 2014


On 11/11/2014 15:57, Brian Inglis wrote:
> On 2014-11-11 04:07, David Taylor wrote:
[]
>> I have no restrict statements at all, but I'm not offering my NTP
>> servers for public use.
>
> Are you sure?
> Even if they are not being offered, does not mean they are not being used.
> Your systems are well documented, so folks could try using them as servers.
> Never seen any counts in the last columnn or six of sysstats?
>
> [Presume sysstats columns report the server's responses to incoming
> packets rather than other servers responses to its outgoing packets
> - this is unclear!]
>
> People spend a lot of time trolling the internet for unprotected systems
> and ports they can exploit for attacks.
>
> Please add the recommended restrict options to lock your systems up, and
> then the required options to open up to your sources, LAN(s), and hosts.

I just ran a Gibson Shields Up check on port 123 and it said I was in 
what it calls "perfect stealth" mode.  Perhaps that is a sign that I am 
OK externally without restrict lines?

-- 
Cheers,
David
Web: http://www.satsignal.eu



More information about the questions mailing list