On 11/11/2014 15:57, Brian Inglis wrote:
On 2014-11-11 04:07, David Taylor wrote:
[]
I have no restrict statements at all, but I'm not offering my NTP
servers for public use.
Are you sure?
Even if they are not being offered, does not mean they are not being used.
Your systems are well documented, so folks could try using them as servers.
Never seen any counts in the last columnn or six of sysstats?
[Presume sysstats columns report the server's responses to incoming
packets rather than other servers responses to its outgoing packets
- this is unclear!]
People spend a lot of time trolling the internet for unprotected systems
and ports they can exploit for attacks.
Please add the recommended restrict options to lock your systems up, and
then the required options to open up to your sources, LAN(s), and hosts.
Brian,
As a Linux novice, I have to ask what are sysstats? On Raspian, at
least, I get command not found.
I have always found the restriction options very confusing, but given
the lines to allow full access from 192.168.0.x, and no external
incoming access, I would gladly add those lines in and see what the
resulting problems might be with the pool command. I'm only running
IPv4 at the moment. I can try on one system first, of course.
I don't know what my router would do with unsolicited packets on port
123. I have needed to set up explicit port forwarding for other uses.
Any help on this would be appreciated.
Thanks,
David
--
Web: http://www.satsignal.eu
_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions
