In article <[EMAIL PROTECTED]> "Bob" <[EMAIL PROTECTED]> writes: > >"Per Hedeland" <[EMAIL PROTECTED]> wrote in message >news:[EMAIL PROTECTED] >> In article <[EMAIL PROTECTED]> "Bob" >> <[EMAIL PROTECTED]> writes: >>> >>>"Steve Kostecke" <[EMAIL PROTECTED]> wrote in message >>>news:[EMAIL PROTECTED] >>> >>>> None of the following is germane to your symmetric key issue, but ... >>>> >>>>> keys "C:\Program Files\NTP\etc\ntp.keys" >>>>> enable auth >>>> >>>> Auth is enabled by default. It can be disabled on the command-line. The >>>> worst that can happen is this line will generate an extra log entry. >>> >>>I disabled auth earlier this week, and promptly got attacked. I did an >>>enable auth with the intention of reversing my disable auth. >> >> Unless someone has done something really bad to current versions of the >> code, enable/disable auth has nothing to do with ntpdc control commands >> - those *always* require authentication, and if you haven't configured a >> key file, they just cannot be done. If (as you claimed earlier) your >> config got changed by someone else, you have bigger problems to chase >> (as in someone has broken into your system). I suspect that you were >> just seeing a badly-behaved client trying to get time from your server, >> though.
>There was no change to my config file. No, there is no code in ntpd to write to the config file, but of course changing the running config is serious enough. > I noticed that I was frequently >polling a single server in addition to my normal list, which were being >polled at their normal rate. How did you determine that you were "polling" that server, and not just sending replies to requests? > I looked at my server list, via ntpdc, and >there was about 15 entries for the same IP. What exact ntpdc command did you use for this? --Per Hedeland [EMAIL PROTECTED] _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
