nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NIST NTP servers

From: Josh Reynolds <josh () kyneticwifi com>
Date: Wed, 11 May 2016 09:00:54 -0500
I hope your receivers aren't all from a single source.

I was in Iraq when this (
http://dailycaller.com/2010/06/01/glitch-shows-how-much-us-military-relies-on-gps/
) happened, which meant I had no GPS guided indirect fire assets for 2
weeks.

On Wed, May 11, 2016 at 8:31 AM, Leo Bicknell <bicknell () ufp org> wrote:

In a message written on Tue, May 10, 2016 at 08:23:04PM +0000, Mel Beckman wrote:

All because of misplaced trust in a tiny UDP packet that can worm its way into your network from anywhere on the 
Internet.

I say you’re crazy if you don’t run a GPS-based NTP server, especially given that they cost as little as $300 for 
very solid gear. Heck, get two or three!


You're replacing one single point of failure with another.

Personally, my network gets NTP from 14 stratum 1 sources right now.
You, and the hacker, do not know which ones.  You have to guess at least
8 to get me to move to your "hacked" time.  Good luck.

Redundancy is the solution, not a new single point of failure.  GPS
can be part of the redundancy, not a sole solution.

--
Leo Bicknell - bicknell () ufp org
PGP keys at http://www.ufp.org/~bicknell/
Previous By Date Next
Previous By Thread Next

Current thread: