[OpenIndiana-discuss] NTP trouble and 123 port
Gary Mills
gary_mills at fastmail.fm
Sat Apr 26 00:27:54 UTC 2014
On Fri, Apr 25, 2014 at 10:53:36PM +0200, Brogyányi József wrote:
> **
> **I modified the ntp.conf but something is missing.*
>
[...]
>
> *If enable the ntp then the server is runing on 123 port.*
That's okay. `ntpd' must run continuously so that it can modify
your system clock, and so that it can periodically poll the four
time servers you have listed in the config file.
The restrictions for the default network in the config file mean that
it won't respond to commands arriving on most network interfaces.
That's what prevents the NTP amplification attack. Indeed it's a
server, but it's invisible as far as the outside world can tell.
It will respond to 127.0.0.1 and ::1 . That's why `ntpq -p' works.
--
-Gary Mills- -refurb- -Winnipeg, Manitoba, Canada-
More information about the OpenIndiana-discuss
mailing list