• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 481
  • Last Modified:

to retrive list of ntp clients accesing NTP servers

Hi All,

I want to retrieve list of all clients accessing my ntp servers like there IP and hostname for inventory - please help me with that.
0
apunkabollywood
Asked:
apunkabollywood
1 Solution
 
Daniel HelgenbergerCommented:
Hello apunkabollywood,

I do not know if it is possible to log ntpd access, but of course iptables can do so; I think this is one of the easiest ways:
Create a rule for 123/udp on your NTP server, like this:
iptables -A INPUT -p udp -s 0.0.0.0/0 --dport 123 -j LOG --log-level 6 --log-prefix='ntpaccess'

Open in new window


Note, these might be logged to your kernel.log depenting on your distro. You might want to change the location to your liking with rsyslog like this:
$ cat /etc/rsyslog.d/ntpdaccess
:msg,contains,"ntpaccess" /var/log/ntpdaccess.log

Open in new window

Restart rsyslog after changing configs.

Note: this should work on any normal commonly modern linux (Debian Lenny+, Ubuntu 12+, RHEL/CentOS 6, Fedora 14+, ect.)
0
 
serialbandCommented:
It might be in your /var/log/syslog, but it depends on your configuration.

http://serverfault.com/questions/359835/where-are-the-ntpd-log-file-located-and-how-can-we-configure-the-ntpd-log-file

You can read up on how to configure NTP here:  http://support.ntp.org/bin/view/Support/ConfiguringNTP

You can even set up access restrictions.
http://support.ntp.org/bin/view/Support/AccessRestrictions
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now