ntp config tech note

• Previous message (by thread): ntp config tech note
• Next message (by thread): ntp config tech note
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> My personal feeling was that for most systems its better to not have the
> daemon running - i.e. the benefit of smaller more frequent clock
> adjustments does not outweigh the cost of another service running,
> especially as root or even as a jailed non-root user.


Well, present NTP drops to a nonroot user after it sets the time &
proprer use of the very flexable ACL lists in your ntp.conf should help
midigate
non-local NTP exploits, ie, don't offer NTP service to the world or anyone
else
for that matter.

I need better than one second resolution for syslog and other loging info to
be useful
in debugging problems across multiple hosts.

-- 
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh at cybermesa.com
noc at cybermesa.com
(505) 795-7101

• Previous message (by thread): ntp config tech note
• Next message (by thread): ntp config tech note
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]