Hi, On Fri, 30 Jul 2004 00:22:39 -0700 "jdow" <[EMAIL PROTECTED]> wrote:
> Nist.pl and ntp are not in any significant way comparable. I'd suggest > you drop futilities that use the "daytime" port and move over to ntp. > For one thing ntp will not drive your system several hours off nominal > time. It had preventative measures inside that will prevent that. If > you do see a huge change then it is in some other level of configuration > than ntp. > > Even Microslop does not attempt to use the daytime port for a time > reference for the encryption services that require the two systems > to be operating on reasonably well synchronized clocks. Nist.pl may > get you within several hundred milliseconds. Ntp will get you within > ten milliseconds or so. Here's NIST's document on setting up NTP on WinXP/Win2K http://www.boulder.nist.gov/timefreq/service/pdf/win2000xp.pdf Win2K machines have some difficulty using Windows' own NTP client if you aren't running a domain controller (not wanting to drink that Kool-Aid, our Win2K production servers are autonomous.) I use NetTime (http://nettime.sourceforge.net/) to keep them in sync; it works well enough. /etc/ntp.conf on the linux boxes looks mostly like: ---- driftfile /etc/ntp.drift # path for drift file logfile /var/log/ntp # alternate log file server ntp5.tamu.edu server time.nist.gov ---- If you're running more than a few hosts, set one or two to get time from offsite and have the remainder of your hosts sync with those two to reduce load on the public timeservers (see http://www.cs.wisc.edu/~plonka/netgear-sntp/) NTP is essential for good security. It's much easier to correlate log entries between hosts if both have accurate clocks. Also, Windows Update will fail due to SSL problems if the system clock is too far off (no, really.) hth, -- Bob
