to retrive list of ntp clients accesing NTP servers

Hi All,

I want to retrieve list of all clients accessing my ntp servers like there IP and hostname for inventory - please help me with that.
apunkabollywoodAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Daniel HelgenbergerConnect With a Mentor Commented:
Hello apunkabollywood,

I do not know if it is possible to log ntpd access, but of course iptables can do so; I think this is one of the easiest ways:
Create a rule for 123/udp on your NTP server, like this:
iptables -A INPUT -p udp -s 0.0.0.0/0 --dport 123 -j LOG --log-level 6 --log-prefix='ntpaccess'

Open in new window


Note, these might be logged to your kernel.log depenting on your distro. You might want to change the location to your liking with rsyslog like this:
$ cat /etc/rsyslog.d/ntpdaccess
:msg,contains,"ntpaccess" /var/log/ntpdaccess.log

Open in new window

Restart rsyslog after changing configs.

Note: this should work on any normal commonly modern linux (Debian Lenny+, Ubuntu 12+, RHEL/CentOS 6, Fedora 14+, ect.)
0
 
serialbandCommented:
It might be in your /var/log/syslog, but it depends on your configuration.

http://serverfault.com/questions/359835/where-are-the-ntpd-log-file-located-and-how-can-we-configure-the-ntpd-log-file

You can read up on how to configure NTP here:  http://support.ntp.org/bin/view/Support/ConfiguringNTP

You can even set up access restrictions.
http://support.ntp.org/bin/view/Support/AccessRestrictions
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.