[ntp:questions] ntpdate

Danny Mayer mayer at ntp.org
Tue Jun 16 16:57:28 UTC 2009

Todd Glassey CISM CIFI wrote:
> Danny Mayer wrote:
>> Todd Glassey CISM CIFI wrote:
>>> Danny Mayer wrote:
>>>> tglassey wrote:
>>>>> Danny Mayer wrote:
>>>>>> Scott Haneda wrote:
>>>>>>> On Jun 15, 2009, at 8:59 AM, Todd Glassey CISM CIFI wrote:
>>>>>>>>> You should be running ntpd as a daemon. That will keep the
>>>>>>>>> clock in
>>>>>>>>> synch and you never have to touch it.
>>>>>>>> Which creates an audit issue and security profile which always
>>>>>>>> needs
>>>>>>>> to be watched. NTPD is not the answer for everyone Danny.
>>>>>>> Can you elaborate on this?  I see that ntpdate and ntpd can both be
>>>>>>> made
>>>>>>> to do the same thing in my case, which is a non daemonized single
>>>>>>> instance setting of time.
>>>>>>> If I do not plan on making a daemon, and just running it once a
>>>>>>> hour on
>>>>>>> schedule, as well as in a reboot of the machine after the
>>>>>>> interfaces are
>>>>>>> up, what would my concerns be?
>>>>>>> If I do decide to run ntpd as a daemon, what audit/secuirty issues
>>>>>>> should I be looking into?
>>>>>>> Thank you Todd.
>>>>>> He's just blowing fud.
>>>>>> Danny
>>>>> No Danny I was speaking from an audit perspective. No FUD here - just
>>>>> reality.
>>>> There are no audit requirements here. That's the reality.
>>> No Danny that is your reality - the commercial users of NTP are the ones
>>> who need the audit process.
>> He's not a commercial user and most commercial users don't need audit in
>> the way you assert.
> Danny  ALL commercial users do need to apply evidence grade reality to
> their time management practices. That this bothers you is understandable
> - being accountable is a pain in the arse eh?

Not at all. We have SOX processes everywhere at work. None of them
require accurate time since they are not needed. What is needed is a
clear audit trail of what did what.

Don't try to read into something that I didn't say.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the questions mailing list