North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: ntp config tech note
- From: james edwards
- Date: Fri May 21 13:28:34 2004
> My personal feeling was that for most systems its better to not have the
> daemon running - i.e. the benefit of smaller more frequent clock
> adjustments does not outweigh the cost of another service running,
> especially as root or even as a jailed non-root user.
Well, present NTP drops to a nonroot user after it sets the time &
proprer use of the very flexable ACL lists in your ntp.conf should help
non-local NTP exploits, ie, don't offer NTP service to the world or anyone
for that matter.
I need better than one second resolution for syslog and other loging info to
in debugging problems across multiple hosts.
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa