[ntp:questions] Re: security of reverse port on the firewall
Richard B. Gilbert
rgilbert88 at comcast.net
Sun Nov 7 18:28:58 UTC 2004
Don S wrote:
>I can't seem to find any discussions on the security of opening a reverse
>port of a firewall for NTP. I would have thought this was a fairly important
>point of discussion or is it not? Can anyone point me to info on this item?
If you limit port 123 to UDP, I don't see that there is much, if any,
hazard in opening it outbound. If you open it inbound (allowing queries)
you should be certain that your NTP keys are set up properly. If you
don't create and designate NTP "request" and "control" keys strangers
might be able to alter the configuration of your NTP daemon.
You might want to search Symantec's web site for any references to port
123; if anyone has written a virus or a worm that uses it, they should
certainly know about ti.
If there are any known vulnerabilites someone should speak up.
More information about the questions