Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Unexpected origin timestamp?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
dasPaul
Apprentice
Apprentice


Joined: 14 Feb 2012
Posts: 243
Location: Dresden
PostPosted: Mon Feb 15, 2016 6:42 am    Post subject: Unexpected origin timestamp? Reply with quote
I have ntpd which starts with boot.
Someone trying to attack my ntpd service?
Quote:
ntpd[2860]: Listen normally on 2 eth0 XXX.XXX.XXX.XXX:XXX
ntpd[2860]: receive: Unexpected origin timestamp 0xda6bee98.a20892fe from 85.XX.XX.XX xmt 0xda6bee98.431ca7d6


Should I worry? ntpd -v Ver. 4.2.8p6
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
PostPosted: Mon Feb 15, 2016 11:30 am    Post subject: Re: Unexpected origin timestamp? Reply with quote
dasPaul wrote:
Should I worry? ntpd -v Ver. 4.2.8p6

dasPaul ... no, it seems to be a "priming-the-pump attack" and should be fixed in ntpd > v4.2.8p4 (see link).

best ... khay
Back to top
View user's profile Send private message
Syl20
l33t
l33t


Joined: 04 Aug 2005
Posts: 619
Location: France
PostPosted: Mon Feb 15, 2016 1:09 pm    Post subject: Reply with quote
Do you need to make ntpd listen on internet ? If not, you should set
Code:
interface ignore wildcard
interface listen <the needed NICs only>

in ntp.conf, and/or use some "restrict" rules.

You can (should ?) add a sufficiently restricting firewall to avoid unexpected connections too.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy