Re: NTP secure

To: debian-firewall@lists.debian.org
Subject: Re: NTP secure
From: eichin@thok.org (Mark W. Eichin)
Date: 09 Oct 2000 15:41:17 -0400
Message-id: <[🔎] xe14s2ldcpu.fsf@climb-a-tree.thok.org>
In-reply-to: "Vince Mulhollon"'s message of "Mon, 9 Oct 2000 09:42:45 -0500"
References: <[🔎] OF89B3D442.87D1EA48-ON86256973.004E5FCB@norlight.com>

> definition it doesn't matter anyway.  Noone sells NTP as a service (?) so 

Actually many ISP's include ntp service; look for a host named "time"
or "provider" in their .net domain, possibly after doing a traceroute
and trying the nearest router or two first (since many routers support
serving "broadcast" ntp, for the use of configuration-free clients.)

The "insane-clock" stuff is quite useful; one thing to watch out for
instead is that you don't peer with *inside* machines if you are
concerned with the "ntpdc -c peers <hostname>" function actually
finding out about them (this is more paranoia than security, but I
thought it was worth pointing out.)

Reply to:

References:
- Re: Re: NTP secure
  - From: "Vince Mulhollon" <vlm@norlight.com>

Prev by Date: Re: IP fw-in deny eth0 UDP
Next by Date: Re: NTP secure
Previous by thread: Re: Re: NTP secure
Next by thread: Re: NTP secure
Index(es):
- Date
- Thread