NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15
was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Please see the NTP Security Notice for vulnerability and mitigation details.Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
server 127.127.x.y noselect fudge 127.127.x.y time1 0
statistics peerstats statdir /var/log/ntp/stats/ filegen peerstats type day file peers enableThis makes ntpd generate one file of peer statistics a day. Note the trailing / in the statdir-definition.
$ LANG=C awk -f peer.awk /var/log/ntp/stats/peers.* ident cnt mean rms max delay dist disp ========================================================================== 127.127.8.0 98 -1.487 1.091 2.642 0.000 0.000 0.000 193.162.159.194 84 0.907 0.414 1.051 8.953 943.384 25.527 193.162.145.130 84 0.770 0.435 1.085 8.658 942.140 25.586 193.10.7.250 84 0.702 0.398 0.952 27.279 951.166 25.686 193.10.7.246 85 0.711 0.490 1.253 27.546 952.638 25.082After a while the means for the servers will be close to 0.000 and the mean for the clock can be used as a good value for time1. The mean will show up as negative because the clock lacks the adjustment. Note that the mean is in ms but the value for time1 is in seconds. LANG=C makes sure that the script works even for locales with , as the decimal point. -- RuneMagnussen - 11 Apr 2007
WebForm | |
---|---|
NtpVersion | Select one... |
OperatingSystem | |
OsVersion |