[ntp:questions] problem with pool directive?
David Taylor
david-taylor at blueyonder.co.uk.invalid
Tue Nov 11 16:58:30 UTC 2014
On 11/11/2014 15:57, Brian Inglis wrote:
> On 2014-11-11 04:07, David Taylor wrote:
[]
>> I have no restrict statements at all, but I'm not offering my NTP
>> servers for public use.
>
> Are you sure?
> Even if they are not being offered, does not mean they are not being used.
> Your systems are well documented, so folks could try using them as servers.
> Never seen any counts in the last columnn or six of sysstats?
>
> [Presume sysstats columns report the server's responses to incoming
> packets rather than other servers responses to its outgoing packets
> - this is unclear!]
>
> People spend a lot of time trolling the internet for unprotected systems
> and ports they can exploit for attacks.
>
> Please add the recommended restrict options to lock your systems up, and
> then the required options to open up to your sources, LAN(s), and hosts.
I just ran a Gibson Shields Up check on port 123 and it said I was in
what it calls "perfect stealth" mode. Perhaps that is a sign that I am
OK externally without restrict lines?
--
Cheers,
David
Web: http://www.satsignal.eu
More information about the questions
mailing list