poti sa dai un tcpdump pe client

tcpdump -ni eth0 udp port 123

in timp ce dai ntpdate 10.0.0.2

tx.

On 11/16/05, Alex <[EMAIL PROTECTED]> wrote:
> Sal Lucian,
>
> >
> > 123/udp open|filtered ntp
> >
> > mai verifica totusi firewall-ul de pe 10.1.1.2...
>
> de pe 10.0.0.2 (care este serverul de timp) dau catre clientul meu (10.0.0.19)
>
> # ping -R 10.0.0.19
> PING 10.0.0.19 (10.0.0.19) 56(124) bytes of data.
> 64 bytes from 10.0.0.19: icmp_seq=0 ttl=64 time=0.292 ms
> RR:     10.0.0.2
>         10.0.0.19
>         10.0.0.19
>         10.0.0.2
>
> 64 bytes from 10.0.0.19: icmp_seq=1 ttl=64 time=0.300 ms        (same route)
> 64 bytes from 10.0.0.19: icmp_seq=2 ttl=64 time=0.311 ms        (same route)
>
> de pe client (10.0.0.19) dau in server (10.0.0.2)
>
> # ping -R 10.0.0.2
> PING 10.0.0.2 (10.0.0.2) 56(124) bytes of data.
> 64 bytes from 10.0.0.2: icmp_seq=0 ttl=64 time=0.332 ms
> RR:     10.0.0.19
>         10.0.0.2
>         10.0.0.2
>         10.0.0.19
>
> 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.320 ms (same route)
> 64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.260 ms (same route)
>
> Acum, mai dau si firewall-ul jos (pe ambele masini trec pe default):
> # iptables -L -n
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> [EMAIL PROTECTED] ~]#
>
> Deci cu siguranta acum portul 123 UDP este deschis, foarte deschis chiar daca
> nmap-ul raporteaza si un filtered ...  Este el un pic confuz, dar portul este
> deschis.
> 123/udp open|filtered ntp (asta inseamna deschis sau filtrat)
>
> Dau sa ma sincronizez cu serverul de pe clientul 10.0.0.19:
> # ntpdate -u 10.0.0.2
> 16 Nov 10:42:43 ntpdate[9117]: no server suitable for synchronization found
>
> Deci nu merge!!!! In schimb, de pe un RH7.2 care se afla remote (in bv) si mai
> trece si printr-un tunel VPN, dau:
>
> # ntpq  -p
>      remote           refid      st t when poll reach   delay   offset  jitter
> ==============================================================================
>  10.0.0.2        0.0.0.0         16 u    - 1024    0    0.000    0.000 4000.00
> *LOCAL(0)        LOCAL(0)        10 l   52   64  377    0.000    0.000   0.008
> [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2
> 16 Nov 10:34:01 ntpdate[26124]: step time server 10.0.0.2 offset 230.975701
> sec
> [EMAIL PROTECTED] alx_bkup]# date
> Wed Nov 16 10:34:17 EET 2005
> [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2
> 16 Nov 10:34:44 ntpdate[26129]: adjust time server 10.0.0.2 offset 0.002209
> sec
> [EMAIL PROTECTED] alx_bkup]# ntpq -p
>      remote           refid      st t when poll reach   delay   offset  jitter
> ==============================================================================
>  10.0.0.2        0.0.0.0         16 u    - 1024    0    0.000    0.000 4000.00
> *LOCAL(0)        LOCAL(0)        10 l  288   64  377    0.000    0.000   0.008
> [EMAIL PROTECTED] alx_bkup]#
>
> Ce pusca mea nu e in regula?
>
> Pe masina RH7.2 de la brasov am:
> # rpm -q ntp
> ntp-4.1.1-1
>
> pe serverul de timp cit si pe clientul 10.0.0.19 am centos 4 cu:
> # rpm -q ntp
> ntp-4.2.0.a.20040617-4
>
> Alex
>
> _______________________________________________
> RLUG mailing list
> [email protected]
> http://lists.lug.ro/mailman/listinfo/rlug
>

_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug

Raspunde prin e-mail lui