[ntp:questions] ntpdate
Danny Mayer
mayer at ntp.org
Tue Jun 16 11:43:33 UTC 2009
Todd Glassey CISM CIFI wrote:
> Danny Mayer wrote:
>> tglassey wrote:
>>
>>> Danny Mayer wrote:
>>>
>>>> Scott Haneda wrote:
>>>>
>>>>
>>>>> On Jun 15, 2009, at 8:59 AM, Todd Glassey CISM CIFI wrote:
>>>>>
>>>>>
>>>>>>> You should be running ntpd as a daemon. That will keep the clock in
>>>>>>> synch and you never have to touch it.
>>>>>>>
>>>>>> Which creates an audit issue and security profile which always needs
>>>>>> to be watched. NTPD is not the answer for everyone Danny.
>>>>>>
>>>>> Can you elaborate on this? I see that ntpdate and ntpd can both be
>>>>> made
>>>>> to do the same thing in my case, which is a non daemonized single
>>>>> instance setting of time.
>>>>>
>>>>> If I do not plan on making a daemon, and just running it once a
>>>>> hour on
>>>>> schedule, as well as in a reboot of the machine after the
>>>>> interfaces are
>>>>> up, what would my concerns be?
>>>>>
>>>>> If I do decide to run ntpd as a daemon, what audit/secuirty issues
>>>>> should I be looking into?
>>>>>
>>>>> Thank you Todd.
>>>>>
>>>> He's just blowing fud.
>>>>
>>>> Danny
>>>>
>>> No Danny I was speaking from an audit perspective. No FUD here - just
>>> reality.
>>>
>>
>> There are no audit requirements here. That's the reality.
>>
> No Danny that is your reality - the commercial users of NTP are the ones
> who need the audit process.
>
He's not a commercial user and most commercial users don't need audit in
the way you assert.
Danny
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the questions
mailing list