[ntp:questions] ntpd, boot time, and hot plugging

[Brad Knowles]

At 4:40 PM -0200 2005-02-02, Alain wrote:

>  1) I am not saying of using ntpdate to *keep* a good sync but just
>  to guarantee a cold start, maybe just a little better then my whrist
>  watch, specially if I am not there.

	But that's not true.  The problem is that ntpdate doesn't do any 
calculations to figure out if the server it's talking to is a 
truechimer or a falseticker -- it just does the query, takes the time 
it's given, and sets the clock.  If the server you're connecting to 
has bogus time, then you have bogus time.

	Using "ntpd -g" at least makes an attempt to avoid this issue.

>  2) When you say "It does *not* give you good time sync" how bad is that?
>  does it test all the servers in the list using the NTP algorithm to
>  eliminate the bad ones? How much off can it get?

	See above.  It can be off as much as they are off.  Since UDP 
doesn't have any inherent security, it's trivially easy to spoof UDP 
packets, and trivially easy to do a man-in-the-middle attack.  Heck, 
you can just continually spew garbage NTP packets with a bogus 
address, and if any clients come up in that timeframe, you've got a 
decent chance of getting them to believe you instead of the real 
server.

	With ntpd, you can at least require some sort of authentication 
key before you believe the server.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.