Educause Security Discussion mailing list archives
Re: NTP servers and sources
From: Gary Dobbins <dobbins () ND EDU>
Date: Tue, 30 Sep 2008 13:29:29 -0400
If you can't just sit a strata down from one of the NIST servers, WWVB Radio receivers are relatively cheap and can feed accurate time over RS-232 to a host in your net.
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Flynn Sent: Tuesday, September 30, 2008 1:18 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] NTP servers and sources John Kristoff wrote:On Mon, 29 Sep 2008 17:32:31 -0400 Gary Flynn <flynngn () JMU EDU> wrote:Is there any consensus about best practices for university time sources?Perhaps this would be helpful? <https://puck.nether.net/pipermail/ednog/2005-June/000048.html>What I was really wondering about was whether there was any consensus or commonalities in high level design decisions and current practices. Our network and systems folks are telling me our routers are not reliable time servers and I'm looking at alternatives. Given the price of reference clocks and pizza box servers these days, it seems like it would be *relatively* simple and cheap to implement our own time sources and stratum 1 servers. So I was wondering about things like: - How common are internal reference clocks and stratum 1 servers at universities? Should they be encouraged? - How many people are using their routers as the primary NTP distribution source? - What practices are in place regarding the minimum number of peering with internal and external sources and MD5 security? - What method of client distribution is most often used ( e.g. broadcast, multicast, unicast ) - What is being used to configure clients ( e.g. DHCP, group policy ) - If and how you allow outside access to your NTP servers -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Attachment:
smime.p7s
Description:
Current thread:
- NTP servers and sources Gary Flynn (Sep 29)
- <Possible follow-ups>
- Re: NTP servers and sources John Kristoff (Sep 30)
- Re: NTP servers and sources Derek Ethier (Sep 30)
- Re: NTP servers and sources Michael Costello (Sep 30)
- Re: NTP servers and sources Gene Spafford (Sep 30)
- Re: NTP servers and sources Gary Flynn (Sep 30)
- Re: NTP servers and sources Gary Dobbins (Sep 30)
- Re: NTP servers and sources Michael Sinatra (Sep 30)