[ntp:questions] Can I stop authenticated peers from mobilizing symmetric associations

Mike Cook michael.cook at sfr.fr
Thu Mar 9 19:36:38 UTC 2017


> 
> 
> Now assume that one of the remote NTP clients turns bad, deliberately configures forged time, and enters "peer <IP_of_my_local_NTP_server>" in its ntp.conf. This (correct me if I'm wrong) creates a dynamic mobilization with my local NTP server, and my local NTP server will eventually believe in the client's (now it's a peering server....) time.
> 
  I think that this could only happen if the local NTP server has a peer command for that client. So you only need to restrict that client’s modification access.

> Stefan
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions

"The power of accurate observation is commonly called cynicism by those who have not got it. »
George Bernard Shaw



More information about the questions mailing list