Network Time Protocol NTP Server Detection
This entry from Security Metrics indicates that your Network Time Server is exposed to the internet. Anonymous users can read the time running on your server and can synchronize their clocks to that time.
ClearCenter response
Short response
This is not a risk.
Long response
Knowing that the date and time of the server is accurately affixed to world clocks does not denote a risk.
Resolution
No action is required.
You can close anonymous access to your NTP server by removing port 123 UDP (NTP) from your incoming firewall rules. If you need access from the Internet to this server, consider closing the range of addresses that can access this server to a restricted list using the Custom Firewall module.
Links
content/en_us/kb_3rdparty_security_metrics_network_time_protocol_ntp_server_detection.txt · Last modified: 2015/01/29 09:44 (external edit)