ntpd replacement (Was: Re: Import of DragonFly Mail Agent)

Poul-Henning Kamp phk at phk.freebsd.dk
Mon Feb 24 13:52:30 UTC 2014


In message <530B2DEE.3030808 at rewt.org.uk>, Joe Holden writes:

>The other point I should make here is that if you care that much about 
>time security you shouldn't be contacting ntp servers over 3rd party 
>networks anyway, at least not without some IP-level 
>encryption/authentication, or use a source that can't easily be used as 
>an attack surface, such as GPS/MSF etc.

Please check how NTP is authenticated before giving bad advice,
it's all in the RFC.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.


More information about the freebsd-current mailing list