sensor configuration ntp

c-fay · ‎05-20-2002

The sensor have xntpd daemon,but I can't find ntp.conf?

how can I use it become a ntp server or client?

kleem · ‎05-20-2002

There is currently no support for ntp on the CIDS appliance. The next major release of the product (v4) will have support for ntp, including configuration commands in the CLI.

w.tresp · ‎05-21-2002

We run our sensors in a ntp client configuration only. Simply rename /etc/inet/ntp.client to /etc/inet/ntp.conf and modify it for your needs.

Ex.:

# @(#)ntp.client 1.2 96/11/06 SMI

#

# /etc/inet/ntp.conf

#

# NTP client configuration

#

# insert your NTP servers here:

server 1.1.1.1

server 1.1.2.1

restrict default ignore # default: ignore all NTP msgs

# from all machines

restrict 127.0.0.1 # localhost is unrestricted

# nomodify: Don't allow modifications to local running configuration

# noquery: Don't allow hosts to query for time

restrict 1.1.1.1 nomodify noquery

restrict 1.1.2.1 nomodify noquery

driftfile /var/ntp/ntp.drift

After you have modified your time source ip addresses run the xntpd:

/etc/rc2.d/S74xntpd start as superuser and check after some minutes with the ntpq -p command if everything works.

You can also a ntp server but I wouldn't run it on a security device. If you need to do so, use the 'restrict xxx.xxx.xxx.xxx nomodify' configuration line to allow only a minimum ntp clients.

Although xntpd is not supported by Cisco it works perfectly for me without any problems. But make sure that you install the latest Service Pack for the sensor to install the latest Solaris patches also.

Wilfried