[ntp:questions] Re: Correcting my time servers clock drift on Alpha ES40s / Tru64

Brad Knowles brad at stop.mail-abuse.org
Sun Oct 23 17:19:01 UTC 2005


At 5:27 PM +0000 2005-10-23, Tom Smith wrote:

>  Brad, perhaps you are not familiar with the format of system logs and/or
>  did not understand the point.

	Excuse me?!?

	I've been doing Unix for over twenty years.  I've been a 
professional Unix systems administrator for over sixteen.  You might 
want to bother checking my credentials before you go spouting off 
garbage like that.

>  20 Jul 17:40:44 xntpd[764]: ntpd 4.0.98a Wed Oct 16 17:36:24 EDT 2002
>
>  Oct 23 00:34:02 seeaxp xntpd[56499]: ntpd 4.2.0 at 1.1161-r Tue Feb  8 
>16:04:28 EST 2005 (1)

	[ ... deletia ... ]

>  The portion of the log entry after that is the actual message that issued
>  by the application. Note that in both cases above, the version message issued
>  by the application identifies itself as "ntpd", as you would like, and
>  identifies
>  its specific version. The second example above, shown to emphasize the point,
>  is from the released V4.2.0 downloaded from the project site, built from
>  source,
>  installed as /usr/local/bin/ntpd, and started via a symbolic link to it
>  named "xntpd".
>  There has been NO modification to the code, and the messages, as well as all
>  of the others shown, DO come from "your" source code.

	The two lines above merely show that the code claims to be a 
program that calls itself ntpd, and that is executed via a link that 
calls the binary xntpd.  Of course, that's assuming that they 
actually came from a syslog file -- you could just as easily have 
created whatever you want without referring to any real log file.


	Even if these two lines are accurate, there is no proof here one 
way or the other that the underlying code has or has not been 
modified.  Moreover, you cannot possibly prove such a claim based 
solely on log data.

	To make any attempt to prove such a claim, you have to take our 
tarball (with MD5 and SHA-1 hashes shown to match the tarball we make 
available), build the code yourself, provide the MD5 and SHA-1 hashes 
of that binary, then show that they match the MD5 and SHA-1 hashes of 
the binary that was actually executing.

	Even that wouldn't be enough, because you could have lied and 
provided whatever MD5 or SHA-1 hashes you wanted at any point along 
that process.


	Getting back to the original lines which were logged which 
demonstrated the particular problem the user was having, Dr. Mills 
has said that you do not find those lines anywhere in our source 
code.  I trust him on that statement.  If you can prove otherwise, 
feel free to do so.

	But until then, stop calling me a liar, and you should stop 
calling him a liar was well.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.



More information about the questions mailing list