Network Time Protocol (NTP) Mode 6 Scanner
修改NTP配置文件#vi /etc/ntp.conf添加以下內容(建議使用此方式):
restrict default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
restrict 1.1.2.1 mask 255.255.255.0 nomodify notrap noquery
建議方法中兩條配置為高版本NTP中的默認配置,noquery參數限制了mode 6 query,可根據NTP服務端實際配置參考修改。
noquery:Deny ntpq and ntpdc queries. Time service is not affected.
notrap:Decline to provide mode 6 control message trap service to matching hosts.
nomodify:Deny ntpq and ntpdc queries which attempt to modify the state of the server.
參考文檔:http ://doc.ntp.org/current-stable/accopt.html
http://support.ntp.org/bin/view/Support/AccessRestrictions
作者:Shad0wpf
链接:https://www.jianshu.com/p/0106ff85df0b
來源:简书
简书著作权归作者所有,任何形式的转载都请联系作者获得授权并注明出处。
