2.2.1.2 Ensure ntp is configured - NTP Server

Information

If ntp is in use on the system proper configuration is vital to ensuring time synchronization is working properly.

Solution

Add or edit restrict lines in /etc/ntp.conf to match the following:
restrict -4 default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
Add or edit server or pool lines to /etc/ntp.conf as appropriate:
server <remote-server>
Add or edit the OPTIONS in /etc/sysconfig/ntpd to include ' -u ntp:ntp ':
OPTIONS='-u ntp:ntp'

See Also

https://workbench.cisecurity.org/files/1857

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8(1), CSCv6|6.1

Plugin: Unix

Control ID: af6b0d56e84e464446b3b77e2dac1b427634a00987a8fdd9277a0c5e7879fd41