![](https://seccdn.libravatar.org/avatar/b26376a101e701cbfdcf14521d900645.jpg?s=120&d=mm&r=g)
Tobias Reckhard wrote:
The other problem is that you can establish control connections to an NTP daemon using the same interface as the programs ntpq and ntpdc from the NTP distro. You should definitely use the access control options of NTP to not allow those from the Internet and from the inside only after successful authentication.
I was thinking of using K9 (see http://www.kaska.demon.co.uk/k9.htm) on the client side. It is available for Windows and Linux, small, easy to install and listens to NTP broadcasts. Therefore, I see no need to allow access the firewall's "xntp" even from my trusted network, as the firewall will provide the NTP broadcasts. Or is there any security issue regarding NTP broadcasts which I missed? Mit freundlichen Grüssen / Regards Dipl. Inform. Ralph Seichter ISC Informatik Service & Consulting GmbH Tel +49 2241 867-0 mailto:r.seichter@isc-inf.com Fax +49 2241 867-222 http://www.isc-inf.com/