How To
Summary
NTP mode 6 and 7 queries can be used in denial of service attacks. This document has instructions for disabling support for these queries in the xntpd daemon.
Environment
These instructions only apply to the NTP version 3 daemon.
Steps
Add the following lines to the /etc/ntp.conf file. This disables mode 6 and 7 queries, as well as other vulnerabilities, for all IP addresses, but allows them on the local loopback interface.
restrict default notrust nomodify nopeer noquery notrap
restrict 127.0.0.1
Add restrict and server entries for each trusted NTP server on the network. This overrides the default setting for the specified servers.
server 10.11.12.13
restrict 10.11.12.13 nomodify notrap noquery
Refresh xntpd for the changes to take effect.
refresh -s xntpd
Related Information
[{"Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"ARM Category":[{"code":"a8m0z000000cvxSAAQ","label":"Communication Applications->NTP\/TIMED"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
17 September 2020
UID
ibm10717709