[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NTP secure

Well, yes, but its usually "unsupported", much like the quake servers and 
IRC servers.

Customers pay us for webhosting and nameserving, but I'm not aware of any 
company that provides NTP for money.

Could be an interesting niche market for a company, use authenticated NTP 
for paying clients only, the end user would get a service level agreement 
that says that will be connecting to a network of very accurate and very 
precise high quality ntp servers.  Problem with that business model is the 
semi-mythical $400 GPS clocks, and the fact that "free" NTP works 
extremely well anyway.

----- Forwarded by Vince Mulhollon/Norlight on 10/09/2000 03:16 PM -----

eichin@thok.org (Mark W. Eichin)
Sent by: eichin@climb-a-tree.thok.org
10/09/2000 02:41 PM

        To:     debian-firewall@lists.debian.org
        cc:     (bcc: Vince Mulhollon/Norlight)
        Fax to: 
        Subject:        Re: NTP secure

> definition it doesn't matter anyway.  Noone sells NTP as a service (?) 

Actually many ISP's include ntp service; look for a host named "time"
or "provider" in their .net domain, possibly after doing a traceroute
and trying the nearest router or two first (since many routers support
serving "broadcast" ntp, for the use of configuration-free clients.)

The "insane-clock" stuff is quite useful; one thing to watch out for
instead is that you don't peer with *inside* machines if you are
concerned with the "ntpdc -c peers <hostname>" function actually
finding out about them (this is more paranoia than security, but I
thought it was worth pointing out.)

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact 

Reply to: