[ntp:questions] Can I stop authenticated peers from mobilizing symmetric associations
michael.cook at sfr.fr
Thu Mar 9 19:36:38 UTC 2017
> Now assume that one of the remote NTP clients turns bad, deliberately configures forged time, and enters "peer <IP_of_my_local_NTP_server>" in its ntp.conf. This (correct me if I'm wrong) creates a dynamic mobilization with my local NTP server, and my local NTP server will eventually believe in the client's (now it's a peering server....) time.
I think that this could only happen if the local NTP server has a peer command for that client. So you only need to restrict that client’s modification access.
> questions mailing list
> questions at lists.ntp.org
"The power of accurate observation is commonly called cynicism by those who have not got it. »
George Bernard Shaw
More information about the questions