[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

NTP port 123 outbound traffic

Posted on 2014-08-13
4
Medium Priority
?
931 Views
Last Modified: 2016-02-25
Hi,

I have been monitoring too many NTP traffic going out through Sophos firewall and they are all blocked by default. The destination of the outbound traffic is many different NTP server location not only one server.

Client PCs are trying to get time information from many locations, how can I make PCs to get their time information from internal NTP server rather external NTP server?

This is the list of IP address that internal PCs are trying to reach to get time information.

207.57.100.235 grapeofwrath.com.au
128.138.141.172 utcnist2.colorado.edu
24.56.178.140 host-24-56-178-140.beyondbb.com
64.113.32.5 nist.netservicesgroup.com
165.193.126.229 nist1-nj2.ustiming.org
0
Comment
Question by:Educad
4 Comments
 
LVL 10

Expert Comment

by:Prashant Girennavar
ID: 40259963
Are you using Active directory?

Make sure you have set the correct registroy entry on the client PC. Check below link

http://social.technet.microsoft.com/Forums/windowsserver/en-US/c6b3754d-d3e6-41bd-ac8e-3372a1afef04/ntpserver-registry-key

w32tm /monitor will give you the exact information.

Thanks,

-Prashant Girennavar.
0
 

Expert Comment

by:Heera Bisht
ID: 40259984
Hi,

If the systems are in wokrgroup, use w32tm /unregister to unregister the ntp time source on the client system. This will remove any ntp defined settings from the registry.
and use w32tm /register to register the time source again.

IF these are domain joined system you can disable the same through group policy.
0
 
LVL 12

Accepted Solution

by:
Ganesh Kumar A earned 1000 total points
ID: 40260030
I would suggest if this is in client server (domain environment) : Configure the PDC to be internal time server and allow rule to sync with valid and trustworthy time server to sync. Configure Group policy to push the time to client.

https://www.greyware.com/software/domaintime/v5/installation/activedirectory.asp
0
 
LVL 14

Assisted Solution

by:frankhelk
frankhelk earned 1000 total points
ID: 40260417
If your list of servers is complete, I would think of a mere bute force measure: Configure the servers in your DNS server with IP addresses pointing to your internal NTP server.

As an alternative, you could stuff that info into the HOSTS file on the clients, but that's a bit more complicated to maintain if changes occur (but more effective if the configuration in your DNS server proves to be tricky).
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month19 days, 2 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question