[ntp:questions] Unauthorized remote server configuration

Steve Kostecke kostecke at ntp.org
Sun Jul 6 02:14:28 UTC 2008


On 2008-07-05, Bob <bobsjunkmail at bellsouth.net> wrote:

> It's happened again. I disabled auth last night after my previous post, and 
> let it run overnight with Wireshark capturing I've now got two IP addresses 
> listed as peers that I did not add. They are listed as "sym_passive". I see 
> requests from these sites listed as "mode 1" in monlist.

This is the first time I've been able to understand what you're going on
about.

There is a very simple solution here. You need to be using the nopeer
restriction on your default restrict line.

I highly suggest that you review
http://support.ntp.org/Support/AccessRestrictions to learn about setting
a proper default restriction.

Here's a good paranoid default restriction which allows only time
service to everyone, but blocks symmtric_passive peers, and allow more
access for the localhost:

restrict default nomodify nopeer notrap noquery
restrict 127.0.0.1

-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/




More information about the questions mailing list