Hello everyone! Below you will find my generic howto on how to add NTP service to your Cisco IDS. Obviously Cisco doesn't "support" this configuration but it is very simple so it shouldn't cause any problems. The NTP update service is already installed on the OS so this process is very simple.
1.) SSH/Telnet into your IDS and login as root.
2.) Unless you are familiar with the ed editor, excute these commands so that you don't frustrate yourself. "EDITOR=/usr/bin/vi" then "export EDITOR". Now vi will be your default editor.
3.) Type "crontab -l". This will list your current crontab, I suggest you make a backup of this unless you are good with vi. :)
4.) Tyco "crontab -e". This will allow you to edit your crontab entries within the vi editor. The statement I added is "30 11 * * * /usr/sbin/ntpdate 126.96.36.199 > /dev/null 2>&1"
This will run the ntpdate program every day at 11:30am, pulling the time from the 188.8.131.52 NTP server.
Thanks for the information - excellent instructions. How would you recommend someone "confirm" their sensor is being properly updated via NTP? I have limited experience with Solaris. I presume there might be something from the command prompt which would indicate the system's source of time?
Yes, I agree that editing the ntp.conf file will probably achieve the same task. The only problem I see is that the xntpd daemon is ALWAYS running and using up system resources, in addition to whatever security risks associated with keeping this process going. I still believe a simple cronjob running the ntp update is a better all around solution, I guess the point could be argued either way. :)
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...