Need trusted NTP Sources

• Previous message (by thread): Need trusted NTP Sources
• Next message (by thread): Need trusted NTP Sources
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We're a redhat shop, and we  use redhat auth which by default uses redhat
NTP sources. Sounds odd to me too. They claim this is what PCI DSS demands.
On Feb 6, 2014 11:43 AM, "Nick Hilliard" <nick at foobar.org> wrote:

> On 06/02/2014 10:03, Notify Me wrote:
> > I'm trying to help a company I work for to pass an audit, and we've
> > been told we need trusted NTP sources (RedHat doesn't cut it).
>
> So presuming that your company is using RH or Fedora or CentOS something,
> the auditors are claiming that Red Hat, Inc is trusted enough to provide a
> precompiled based operating system with no feasible means of proving its
> reliability, but that they're not trustworthy enough to provide a clock
> synchronisation service?
>
> My head spins.
>
> Get new auditors.  Your current ones are stupid.
>
> Nick
>
>

• Previous message (by thread): Need trusted NTP Sources
• Next message (by thread): Need trusted NTP Sources
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]