[ntp:questions] Secure NTP
hal-usenet at ip-64-139-1-69.sjc.megapath.net
Thu Mar 24 22:36:41 UTC 2011
In article <ghps58-1a.ln1 at mail.specsol.com>,
jimp at specsol.spam.sux.com writes:
>When I see questions like this my first response is "Why all the bother?".
>There is nothing secret or proprietary about the time of day.
>Since all NTP servers provide UTC, the service reveals nothing about the
>machine other than the fact that the clock is correct.
>If you don't want your resources utilized by outsiders, you just block
>access to the NTP port for everyone but your own clients as a blocked
>port uses less resources than denying an unsucessful authorization does.
>Am I missing something??
Yes. The encryption also verifies that you are talking to the
server you think you are talking to rather than an imposter.
These are my opinions, not necessarily my employer's. I hate spam.
More information about the questions