how to configure *nix ntp server for IPS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-20-2006 06:04 AM - edited 03-10-2019 03:03 AM
Can anyone tell me or link me to information on how to configure xntpd/ntpd in *nix (suse) so that IPS sensors can authenticate to it (as I understand it you cannot use ntp without authentication as of 5.0) and update their time?
- Labels:
-
IPS and IDS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2006 01:57 PM
Redhat ES 4:
created a key in /etc/ntp/keys using the following format:
for example:999 M p4ssw0rd
added the following entry to /etc/ntp.conf:
trustedkey
restart the ntp daemon:
/etc/init.d/ntpd restart
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-27-2006 11:14 AM
There is a way to make the underlying Red Hat operating system perform ntp time syncs without using authenticated ntp, but it is not supported by Cisco. Furthermore, most folks agree that unauthenticated ntp will cause any evidence collected via your IDS/IPS sensor to be suspect.
If you want to know how to do ntp time sync w/o authentication, let me know and I can help you out.
