1.9.1.2 Ensure 'NTP authentication key' is configured correctly

Information

Sets the key used to authenticate NTP servers

Rationale:

When authentication is not enabled, attackers can disguise as NTP servers and broadcast wrong time and it will be difficult to correlate events upon an incident. In some other cases, attackers can perform NTP DDoS attacks such as NTP Amplification.

Solution

Step 1: Run the following to set the authentication key ID <key_id>

hostname(config)# ntp trusted-key <key_id>

Step 2: Run the following to configure the authentication key <authentication_key>

hostname(config)# ntp authentication-key <key_id> md5 <authentication_key>

Default Value:

Disabled by default

See Also

https://workbench.cisecurity.org/files/3246

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-3

Plugin: Cisco

Control ID: 472f0a0621cb7b3cce859b8cda20ecfca61ac07c83ed8b9cf811749d6e47cd7d