Olaf van der Spek wrote:
It's more secure to provide a default install with no services running than an install with a variety of services; if a user wants a service, he or she can install it. (The rationale is that if a user knows a service is wanted, he or she also knows its security risks.) If there were a remote exploit available for ntp, users not knowing ntpd is installed will be less likely to update the package in an expediated manner than users that willingly installed ntp. Why create such a potential problem? (I believe the user must also choose to install apache, mysql, samba, ssh, etc. for the same reason.)Hi, I installed Debian Sarge system with a Samba server and that went great.But I was just wondering, why is an NTP client not installed by default during such an install to make sure the time is in sync?