cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
623
Views
0
Helpful
2
Replies

how to configure *nix ntp server for IPS

slug420
Level 1
Level 1

Can anyone tell me or link me to information on how to configure xntpd/ntpd in *nix (suse) so that IPS sensors can authenticate to it (as I understand it you cannot use ntp without authentication as of 5.0) and update their time?

2 Replies 2

mhellman
Level 7
Level 7

Redhat ES 4:

created a key in /etc/ntp/keys using the following format:

M

for example:999 M p4ssw0rd

added the following entry to /etc/ntp.conf:

trustedkey

restart the ntp daemon:

/etc/init.d/ntpd restart

There is a way to make the underlying Red Hat operating system perform ntp time syncs without using authenticated ntp, but it is not supported by Cisco. Furthermore, most folks agree that unauthenticated ntp will cause any evidence collected via your IDS/IPS sensor to be suspect.

If you want to know how to do ntp time sync w/o authentication, let me know and I can help you out.

Review Cisco Networking for a $25 gift card