Zyxel RGS200-12P
Accepted Solution
-
To disable NTP, you may try using ACL (Configuration -> Security -> Network -> ACL) to deny NTP packets.
You can refer to the official user guide for ACL config details.
ftp://ftp.zyxel.com/RGS200-12P/user_guide/RGS200-12P_V1_Ed2.pdf
Here is my result with ACL criteria: UDP source port 123 (officially assigned for NTP)
Cheers5
All Replies
-
Hi
Not quite get your idea.
For NTP setting: Web interface -> Configuration -> System -> NTP
Cheers
0 -
Hello
I know where i can setting for NTP. When i permit only one NTP server and deny all i will restrict NTP mode 6 queries.
Or different question - how can i restrict NTP mode 6 queries in RGS200-12P ?
Or how to disable ntp protocol ? when i disable in Web interface -> Configuration -> System -> NTP i still got ntp queries from scanner (nessus) in this switch,
I'm preparing my network for security audit - and i got this problem.
Cheers0 -
Thank you mate for answer. I didn't catch this user guide - thank you !.
But... i still got a problem that i don't have clue how to resolve.
In my network i got some cisco switches, when i create acl for ntp like
ntp access-group serve-only 1999 (acl number)
and i permit in this acl my ntp server everything is ok - i don't have an answer from nessus about my ntp server.
When i made ACL like you show in post - i still have a answer from nessus about my ntp server - even if it's blocked...
Got any clue ? i finished my idea's at this moment.0 -
Hi @ArturSW
We've forwarded this vulnerability issue to the internal for analysis and will have a conclusion for you.
Meanwhile, we locally had some test on our RGS200-12P regarding Nessus NTP Mode 6 Scanner (https://www.tenable.com/plugins/nessus/97861) according to your description.
But unfortunately we've not seen similar issue in our lab.
So, if possible, could you provide your test method/procedure as detailed as you can (such as configuration, topology, software version, etc.)?
It'd be better to have some screenshots as well about Nessus scanner results.
Thank you for your patience and support.
Sincerely,
Zyxel_Lucious
0
Categories
- All Categories
- 188 Beta Program
- 1.7K Nebula
- 91 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 51 Switch Ideas
- 917 WirelessLAN
- 27 WLAN Ideas
- 5.4K Consumer Product
- 173 Service & License
- 296 News and Release
- 65 Security Advisories
- 14 Education Center
- 1K FAQ
- 452 Nebula FAQ
- 258 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 22 Consumer Product FAQ
- 67 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 52 Security Highlight