Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ntp config tech note

  • From: james edwards
  • Date: Fri May 21 13:28:34 2004

> My personal feeling was that for most systems its better to not have the
> daemon running - i.e. the benefit of smaller more frequent clock
> adjustments does not outweigh the cost of another service running,
> especially as root or even as a jailed non-root user.


Well, present NTP drops to a nonroot user after it sets the time &
proprer use of the very flexable ACL lists in your ntp.conf should help
midigate
non-local NTP exploits, ie, don't offer NTP service to the world or anyone
else
for that matter.

I need better than one second resolution for syslog and other loging info to
be useful
in debugging problems across multiple hosts.

-- 
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh@cybermesa.com
noc@cybermesa.com
(505) 795-7101





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.