[ntp:questions] Re: security of reverse port on the firewall

Richard B. Gilbert rgilbert88 at comcast.net
Sun Nov 7 18:28:58 UTC 2004


Don S wrote:

>I can't seem to find any discussions on the security of opening a reverse
>port of a firewall for NTP. I would have thought this was a fairly important
>point of discussion or is it not? Can anyone point me to info on this item?
>
>Don
>  
>
If you limit port 123 to UDP, I don't see that there is much, if any, 
hazard in opening it outbound. If you open it inbound (allowing queries) 
you should be certain that your NTP keys are set up properly.  If you 
don't create and designate NTP "request" and "control" keys strangers 
might be able to alter the configuration of your NTP daemon.

You might want to search Symantec's web site for any references to port 
123; if anyone has written a virus or a worm that uses it, they should 
certainly know about ti.

If there are any known vulnerabilites someone should speak up.




More information about the questions mailing list