[ntp:questions] NTP internal server?

Hal Murray hmurray at suespammers.org
Mon Oct 30 18:27:51 UTC 2006


>Old vulnerabilities that have been fixed are not a problem of much 
>concern to me.  I run a recent version of ntpd that does not exhibit 
>these vulnerabilities.  If people chose, for whatever reason, to run a 
>ten year old version of ntpd they must accept the associated risks and 
>inferior performance.  Since the modern, improved and fixed version is 
>freely available to all I don't see any reason why anyone who needs NTP 
>and is concerned about security should not run it.

How about:
  If it ain't broke, don't fix it.

Lots of people get their version of (x)ntp from their hardware
vendor.  Most of them are not time geeks, they just need something
that's good enough.  They depend on their vendor to fix security
problems in packages like ntp.

-- 
The suespammers.org mail server is located in California.  So are all my
other mailboxes.  Please do not send unsolicited bulk e-mail or unsolicited
commercial e-mail to my suespammers.org address or any of my other addresses.
These are my opinions, not necessarily my employer's.  I hate spam.




More information about the questions mailing list