Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
396
Views
2
Helpful
2
Replies

Confusion regarding no ntp allow mode control command

will-reynolds-smith
Level 1
Level 1

‎02-16-2025 08:46 PM

I am trying to correct an NTP vulnerability on two external Cisco routers and an FTD firepower device.

I was under the belief that the command 'no ntp allow mode control' would prevent mode 6 NTP packets and therefore a DoS attack.

However, I saw some conflicting information stating that the command actually disables the default 3 second delay on NTP control packets and would assist a DoS attack by allowing an uncontrolled flow of packets.

If anyone is able to help me understand what the command no ntp allow mode control actually does that would be great.

 

Labels:
0 Helpful
2 Replies 2

marce1000
Hall of Fame
Hall of Fame

‎02-16-2025 11:01 PM

 

      -  FYI : https://community.cisco.com/t5/network-management/ntp-allow-mode-control/m-p/4602625/highlight/true#M146101

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

will-reynolds-smith
Level 1
Level 1
In response to marce1000

‎02-17-2025 03:04 PM

Thanks. I did see that post but I still would feel better if there is some actual Cisco doco on what that command does, or someone who can confirm it works in the way I believe it to.

Customers Also Viewed These Support Documents