Scott Haneda wrote: > On Jun 15, 2009, at 8:59 AM, Todd Glassey CISM CIFI wrote: > >>> You should be running ntpd as a daemon. That will keep the clock in >>> synch and you never have to touch it. >> >> Which creates an audit issue and security profile which always needs >> to be watched. NTPD is not the answer for everyone Danny. > > > Can you elaborate on this? Sure > I see that ntpdate and ntpd can both be made to do the same thing in > my case, which is a non daemonized single instance setting of time. The question is whether you need to run a time daemon or whether you can make do with a periodic resynchronization from a CRON type process, and what the difference in the evidence models is and whether it makes any difference. > > If I do not plan on making a daemon, and just running it once a hour > on schedule, as well as in a reboot of the machine after the > interfaces are up, what would my concerns be? How those devices initialization process was managed, how any deviation from UTC is tracked and how the records are reconciled at the close of that business segment to insure proper monotic incremental values in the logging worlkflow. > > If I do decide to run ntpd as a daemon, what audit/secuirty issues > should I be looking into? the liability that having those ports open all the time opens you to and whether your time providers meet the audit any outsourcing vendors you use must (if any), > > Thank you Todd. > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.339 / Virus Database: 270.12.70/2177 - Release Date: 06/15/09 > 05:54:00 > >
_______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
