[ntp:questions] ntpdate

Danny Mayer mayer at ntp.org
Tue Jun 16 11:43:33 UTC 2009


Todd Glassey CISM CIFI wrote:
> Danny Mayer wrote:
>> tglassey wrote:
>>  
>>> Danny Mayer wrote:
>>>    
>>>> Scott Haneda wrote:
>>>>  
>>>>      
>>>>> On Jun 15, 2009, at 8:59 AM, Todd Glassey CISM CIFI wrote:
>>>>>
>>>>>           
>>>>>>> You should be running ntpd as a daemon. That will keep the clock in
>>>>>>> synch and you never have to touch it.
>>>>>>>                     
>>>>>> Which creates an audit issue and security profile which always needs
>>>>>> to be watched. NTPD is not the answer for everyone Danny.
>>>>>>                 
>>>>> Can you elaborate on this?  I see that ntpdate and ntpd can both be
>>>>> made
>>>>> to do the same thing in my case, which is a non daemonized single
>>>>> instance setting of time.
>>>>>
>>>>> If I do not plan on making a daemon, and just running it once a
>>>>> hour on
>>>>> schedule, as well as in a reboot of the machine after the
>>>>> interfaces are
>>>>> up, what would my concerns be?
>>>>>
>>>>> If I do decide to run ntpd as a daemon, what audit/secuirty issues
>>>>> should I be looking into?
>>>>>
>>>>> Thank you Todd.
>>>>>             
>>>> He's just blowing fud.
>>>>
>>>> Danny
>>>>         
>>> No Danny I was speaking from an audit perspective. No FUD here - just
>>> reality.
>>>     
>>
>> There are no audit requirements here. That's the reality.
>>   
> No Danny that is your reality - the commercial users of NTP are the ones
> who need the audit process.
> 

He's not a commercial user and most commercial users don't need audit in
the way you assert.

Danny

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the questions mailing list