Could anyone tell me their configuration or recommend a> "good" configuration for company time servers?
A couple points that haven't been mentioned:
1) learn the "restrict" line in the configuration file. Your main time servers can be locked down tightly.
2) learn the standard authentication tools. These aren't strong, but are enough to prevent casual access by curious employees or hostile attackers.
3) consider using the public key authentication scheme as well. It's not well documented, or probably even compiled in most releases, but you can run "ntp-genkeys" on your servers to generate public keys, then add
"autokey publickey ntpkey_hostname"
to your "server" and "peer" lines to turn it on. (You also need to provide some standard "crypto" lines above, or just put the files in the expected places.)
------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1
