nanog mailing list archives
Re: ntp config tech note
From: Mike Leber <mleber () he net>
Date: Mon, 24 May 2004 02:40:23 -0700 (PDT)
On Thu, 20 May 2004, Randy Bush wrote:
you ask do folk run ntpd on every server. i wonder if folk run ntpd on every router. i did and do.
We use ntp on every router for setting time. We don't run ntpd on every server due to security concerns based on the idea that you can't have a hole in a daemon you aren't running. This is relatively unnecessary I suppose since ntpd is probably most commonly configured nowdays not to listen on an exposed port by default. Just out of curiosity... do you run bind on every server? Mike. ps. We run dedicated ntp boxes that don't have hard drives (thanx for the recommendation a few years ago), again with the idea somebody can't install a rootkit on box that doesn't have a hard drive. It's not perfect or even necessary, just an optional precaution. +----------------- H U R R I C A N E - E L E C T R I C -----------------+ | Mike Leber Direct Internet Connections Voice 510 580 4100 | | Hurricane Electric Web Hosting Colocation Fax 510 580 4151 | | mleber () he net http://www.he.net | +-----------------------------------------------------------------------+
Current thread:
- Re: ntp config tech note, (continued)
- Re: ntp config tech note James Edwards (May 20)
- Re: ntp config tech note C. Jon Larsen (May 20)
- Re: ntp config tech note Jared Mauch (May 20)
- Re: ntp config tech note Adrian Chadd (May 20)
- Re: ntp config tech note C. Jon Larsen (May 20)
- Re: ntp config tech note Adrian Chadd (May 20)
- Re: ntp config tech note Randy Bush (May 20)
- Re: ntp config tech note sthaug (May 21)
- Re: ntp config tech note C. Jon Larsen (May 21)
- Re: ntp config tech note Eric A. Hall (May 21)
- Re: ntp config tech note Mike Leber (May 24)
- Re: ntp config tech note Crist Clark (May 21)
- Re: ntp config tech note james edwards (May 21)
- Re: ntp config tech note Charles Sprickman (May 20)
- Re: ntp config tech note Pekka Savola (May 21)
- Re: ntp config tech note John Kristoff (May 20)
- Re: ntp config tech note Michael Sinatra (May 20)
- Re: ntp config tech note John Kristoff (May 21)
- Re: ntp config tech note Michael Sinatra (May 21)
- Re: ntp config tech note Stephen J. Wilcox (May 23)
- Re: ntp config tech note Tony Li (May 23)