Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColorgreen
borderStylesolid
Example 1:
edit /etc/inet/ntp.client -> ntp.conf
 added:
#added for DDoS prevention - don't allow any machine, except those w/o flags
restrict default notrust nomodify noquery    
restrict 127.0.0.1
restrict 128.83.185.40
restrict 128.83.185.41
 
Example 2 (with additional comments):
# Permit#permit time synchronization with our time source, but do not
# permit#permit the source to query or modify the service on this system.
restrict default ignore
restrict -6 default ignore
 
#restrict default kod nomodify notrap nopeer noquery 
#restrict -6 default kod nomodify notrap nopeer noquery
 
# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
server 128.83.185.40
restrict 128.83.185.40 nomodify notrap nopeer noquery
server 128.83.185.41
restrict 128.83.185.41 nomodify notrap nopeer noquery
 
~~~~~~~~``
default servers are commented out
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst

...