[ntp:questions] problem with pool directive?
David Taylor
david-taylor at blueyonder.co.uk.invalid
Tue Nov 11 16:32:18 UTC 2014
On 11/11/2014 15:57, Brian Inglis wrote:
> On 2014-11-11 04:07, David Taylor wrote:
[]
>> I have no restrict statements at all, but I'm not offering my NTP
>> servers for public use.
>
> Are you sure?
> Even if they are not being offered, does not mean they are not being used.
> Your systems are well documented, so folks could try using them as servers.
> Never seen any counts in the last columnn or six of sysstats?
>
> [Presume sysstats columns report the server's responses to incoming
> packets rather than other servers responses to its outgoing packets
> - this is unclear!]
>
> People spend a lot of time trolling the internet for unprotected systems
> and ports they can exploit for attacks.
>
> Please add the recommended restrict options to lock your systems up, and
> then the required options to open up to your sources, LAN(s), and hosts.
Brian,
As a Linux novice, I have to ask what are sysstats? On Raspian, at
least, I get command not found.
I have always found the restriction options very confusing, but given
the lines to allow full access from 192.168.0.x, and no external
incoming access, I would gladly add those lines in and see what the
resulting problems might be with the pool command. I'm only running
IPv4 at the moment. I can try on one system first, of course.
I don't know what my router would do with unsolicited packets on port
123. I have needed to set up explicit port forwarding for other uses.
Any help on this would be appreciated.
Thanks,
David
--
Web: http://www.satsignal.eu
More information about the questions
mailing list