On Wed, May 4, 2016, at 04:25, Ian Smith wrote:
> On Sat, 30 Apr 2016 14:27:17 +, Poul-Henning Kamp wrote:
>
> [..]
>
> > The best explanation of all this is John R. Vig's Quartz Tutorial
> > which is freely available on the web - highly recommended:
> >
> >
On Sat, 30 Apr 2016 14:27:17 +, Poul-Henning Kamp wrote:
[..]
> The best explanation of all this is John R. Vig's Quartz Tutorial
> which is freely available on the web - highly recommended:
>
> http://www.am1.us/Local_Papers/U11625%20VIG-TUTORIAL.pdf
This is one of the best
On 4/29/16 04:13, ga...@zahemszky.hu wrote:
>> 2) To update your vulnerable system via a binary patch:
>>
>> Systems running a RELEASE version of FreeBSD on the i386 or amd64
>> platforms can be updated via the freebsd-update(8) utility:
>>
>> # freebsd-update fetch
>> # freebsd-update install
>
Large builds over NFS filesystems, particularly secure NFS (i.e.,
Kerberos) are one the best tests of time synchronization. Clients with
bad clocks can further exercise this not uncommon infrastructure. The
reason you don't typically see build errors even here, IME, is because
the timehosts tend
In message , Christian Weisgerber w
rites:
>On 2016-04-29, Roger Marquis wrote:
>
>>> While I cannot speak for anyone other than myself, the two simply aren't
>>> equivalent. As a conscious design choice, OpenNTPD trades off
On 2016-04-29, Roger Marquis wrote:
>> While I cannot speak for anyone other than myself, the two simply aren't
>> equivalent. As a conscious design choice, OpenNTPD trades off accuracy
>> for code simplicity.
>
> IIRC openntpd is accurate down to ~100ms.
I have no idea
On 2016-04-29, "Matthew X. Economou" wrote:
>> What are the reasons FreeBSD has not deprecated ntpd in favor of
>> openntpd?
>
> While I cannot speak for anyone other than myself, the two simply aren't
> equivalent.
OpenNTPD is intended to cover the most common usage
Roger Marquis wrote:
> >> What are the reasons FreeBSD has not deprecated ntpd in favor of
> >> openntpd?
> >
> > While I cannot speak for anyone other than myself, the two simply aren't
> > equivalent. As a conscious design choice, OpenNTPD trades off accuracy
> > for code simplicity.
>
> IIRC
30.04.2016 7:44, Roger Marquis пишет:
Are you seriously proposing that most FreeBSD installations need to
serve as timeservers?
Absolutely. Every LAN router should be capable in supplying NTP service
for its LAN clients, it just needs a way to differentiate its LAN/WAN interfaces
(security
Who needs millisecond accuracy anyway?
Cell phones, cell phone towers, computers handling financial transactions, etc.
I manage security for several dozen FreeBSD computers handling financial
transactions and they all run openntpd in client-only mode. It was the
only way we could avoid an
Sent from my iPhone 7.1
On Apr 29, 2016 5:09 PM, "Charles Swiger" wrote:
>
> On Apr 29, 2016, at 4:43 PM, Roger Marquis wrote:
>
> > Who needs millisecond accuracy anyway?
>
> Cell phones, cell phone towers, computers handling financial
transactions, etc.
>
On Apr 29, 2016, at 4:43 PM, Roger Marquis wrote:
>>> What are the reasons FreeBSD has not deprecated ntpd in favor of
>>> openntpd?
>>
>> While I cannot speak for anyone other than myself, the two simply aren't
>> equivalent. As a conscious design choice, OpenNTPD trades off
On Fri, Apr 29, 2016 at 01:13:21PM +0200, ga...@zahemszky.hu wrote:
> >2) To update your vulnerable system via a binary patch:
> >
> >Systems running a RELEASE version of FreeBSD on the i386 or amd64
> >platforms can be updated via the freebsd-update(8) utility:
> >
> ># freebsd-update fetch
> >#
Roger Marquis writes:
>
> What are the reasons FreeBSD has not deprecated ntpd in favor of
> openntpd?
While I cannot speak for anyone other than myself, the two simply aren't
equivalent. As a conscious design choice, OpenNTPD trades off accuracy
for code simplicity. It lacks support for NTP
Despite the risk of beating a dead horse (apologies to non-native
english speakers for the acronym), as I cannot recall discussion of
migrating base, and since replacing ntpd with openntpd has been standard
practice in security-oriented environments for a few years now, perhaps
someone on the sec
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Both on an i386 and on an amd64 machine, I got:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-16:16.ntpSecurity Advisory
The FreeBSD Project
Topic:
17 matches
Mail list logo