标签:efi 保存 alt 技术分享 blog start nop cve effect
1.首先安装NTP
[root@localhost /]# yum install ntp -y
2.修改NTP配置文件,添加NTP服务器的网络位置 /etc/ntp.conf
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project.Please consider joining the pool (http://www.pool.ntp.org/join.html). server 192.168.1.1 iburst #目标服务器网络位置 #server 1.centos.pool.ntp.org iburst #一下三个是CentOS官方的NTP服务器,我们注释掉 #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor
保存退出
3.启动服务并设置开启自启
[root@localhost /]# systemctl start ntpd.service #启动服务
[root@localhost /]# systemctl enable ntpd.service #设置为开机启动
4.查看运行状态
[root@localhost /]# systemctl status ntpd.service
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2016-10-11 13:34:11 CST; 8min ago
Main PID: 6497 (ntpd)
CGroup: /system.slice/ntpd.servicess
└─6497 /usr/sbin/ntpd -u ntp:ntp -g
10月 11 13:34:11 localhost.localdomain ntpd[6497]: Listen and drop on 1 v6wildcard :: UDP 123
10月 11 13:34:11 localhost.localdomain ntpd[6497]: Listen normally on 2 lo 127.0.0.1 UDP 123
10月 11 13:34:11 localhost.localdomain ntpd[6497]: Listen normally on 3 eno16777736 192.168.100.100 UDP 123
标签:efi 保存 alt 技术分享 blog start nop cve effect
原文地址:http://www.cnblogs.com/linjiahao/p/5994089.html