On Mon, 25 Sep 2000, HUNGRY PIRANHA wrote:
> BLOCK NTP FRPOM THE NET...
> INSTALL YOUR OWN GPS GETUP...
> USE YOUR ROUTER TO BCAST DOWN STRATUM.
>
> ALL SET...AND MUCH MORE SECURE THAN TRUSTING ANY SOURCE FROM THE NET.
>
> ITS NOT TERRIBLY HARD TO CORRUPT NTP PACKETS AND RE-INJECT THEM ..
>
> BESIDES DOING IT THIS WAY INTRODUCES LATENCY WHICH AT TIMES COULD IN ITSELF
> CORRUPT THE NNTP FEED IN TERMS OF ACCURACY.
>
> PIRANHA...
Hi,
yes, getting a ntp feed from your provider is usually the best. xntpd
works with a very smart set of algorithms, which will not trust a server
that is sending time which is off by N number of minutes. if you are
worried about getting false ntp messages, you should synch with multiple
ntp servers on the net. you can do this in addition to running your own
hardware clock.
for a list of hardware clocks to run your own check out:
http://www.eecis.udel.edu/~ntp/hardware.html
you may also employ filtering of udp port 123 from select ntp servers to
your network. be also advised that it is common coutesy to ask to use ntp
server, before you do.
cheers,
.truman.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
