Ensure ‘NTP authentication key’ is configured correctly

Details

Sets the key used to authenticate NTP servers

Rationale:

When authentication is not enabled, attackers can disguise as NTP servers and broadcast wrong time and it will be difficult to correlate events upon an incident. In some other cases, attackers can perform NTP DDoS attacks such as NTP Amplification.

Solution

* Step 1: Run the following to set the authentication key ID

HOSTNAME(CONFIG)# NTP TRUSTED-KEY __

* Step 2: Run the following to configure the authentication key

HOSTNAME(CONFIG)# NTP AUTHENTICATION-KEY __ MD5 _ _

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/1903

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.

References

800-53|IA-5
800-53|IA-5(1)
CSCv7|16.4

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles