Hal Murray via devel <devel@ntpsec.org>:
>
> > It is important to specify -g on the command line to allow NTP to correct
> > the clock on boot. However, if Restart=yes is set, a malicious (or broken)
> > server could send the incorrect time, trip the panic threshold, and when
> > ntpd restarts, serve it the incorrect time (which would be accepted).
>
> Should we collect a list of configuration issues that admins (and distros)
> should think about?
Yes. I'm not competent to do it, though - my grasp of ntpd operations
is still relatively weak, at leasr compared to you and Gary.
Perhaps you could collect notes on this?
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
