Ping a Specific Port

Question

Adam Matan

Asked: 2009-08-04 01:01:46 +0800 CST2009-08-04 01:01:46 +0800 CST 2009-08-04 01:01:46 +0800 CST

Blocking ntp client from listening

772

I have been trying to build and configure ntp clients and server, and used this line in the ntp.conf for the clients:

restrict default ignore

Still, I see that my client is listening on the local network interface. From the system log:

Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
Listening on interface #1 wildcard, ::#123 Disabled
Listening on interface #2 vmnet8, fe80::250:56ff:fec0:8#123 Enabled
Listening on interface #3 lo, ::1#123 Enabled
Listening on interface #4 eth0, fe80::222:68ff:fe10:1529#123 Enabled
Listening on interface #5 vmnet1, fe80::250:56ff:fec0:1#123 Enabled
Listening on interface #6 lo, 127.0.0.1#123 Enabled
Listening on interface #7 eth0, 192.168.111.183#123 Enabled
Listening on interface #8 vmnet1, 172.16.139.1#123 Enabled

0-1 are disabled, which is good.

List of open ports using nmap -sUS -O 127.0.0.1:

Starting Nmap 4.53 ( http://insecure.org ) at 2009-08-03 12:25 IDT
Interesting ports on localhost (127.0.0.1):
Not shown: 3195 closed ports
PORT     STATE         SERVICE
22/tcp   open          ssh
631/tcp  open          ipp
902/tcp  open          iss-realsecure-sensor
5432/tcp open          postgres
68/udp   open|filtered dhcpc
123/udp  open|filtered ntp
5353/udp open|filtered zeroconf
Device type: general purpose
Running: Linux 2.6.X

As you can see, ntp is listening on port 123. Why?

Any ideas?

Udi

3 Answers

Voted

Adam Matan · Answer 1 · 2009-08-04T03:36:24+08:00

Best Answer

Adam Matan

2009-08-04T03:36:24+08:002009-08-04T03:36:24+08:00

The answer seems to be type of protocol used: NTP uses UDP protocol, which is connectionless, and therefore needs an open port to receive the time from the server following the request.

I guess I will just have to keep that port open, as NTP has a very good security reputation.

7

genehack · Answer 2 · 2009-08-04T01:19:52+08:00

genehack

2009-08-04T01:19:52+08:002009-08-04T01:19:52+08:00

Is it actually trying to sync, though? My copy of 'man ntp.conf' suggests that default entries are automatically added to prevent the self-sync issue (which is what I assume you're worried about; if not, you may want to clarify what your question is):

Default restriction list entries with the flags ignore, interface, ntpport, for each of the local host's interface addresses are inserted into the table at startup to prevent the server from attempting to synchronize to its own time. A default entry is also always present, though if it is otherwise unconfigured; no flags are associated with the default entry (i.e., every- thing besides your own NTP server is unrestricted).

(ntpd 4.2.4p7)

2

nik · Answer 3 · 2009-08-04T01:19:19+08:00

nik

2009-08-04T01:19:19+08:002009-08-04T01:19:19+08:00

From what i recollect, thats a server line.

Read the Controlling Access to Your Server section at this FreeBSD article

If you want to deny all machines from accessing your NTP server, add [that line to the server]

You might want to recheck with these Basic NTP configuration notes at TLDP-SAG pages.

1

Blocking ntp client from listening

Ping a Specific Port

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What's the command-line utility in Windows to do a reverse DNS look-up?

How to check if a port is blocked on a Windows machine?

What port should I open to allow remote desktop?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?