30.04.2016 7:44, Roger Marquis пишет:
Are you seriously proposing that most FreeBSD installations need to
serve as timeservers?
Absolutely. Every LAN router should be capable in supplying NTP service
for its LAN clients, it just needs a way to differentiate its LAN/WAN interfaces
(security zon
Who needs millisecond accuracy anyway?
Cell phones, cell phone towers, computers handling financial transactions, etc.
I manage security for several dozen FreeBSD computers handling financial
transactions and they all run openntpd in client-only mode. It was the
only way we could avoid an abs
Sent from my iPhone 7.1
On Apr 29, 2016 5:09 PM, "Charles Swiger" wrote:
>
> On Apr 29, 2016, at 4:43 PM, Roger Marquis wrote:
>
> > Who needs millisecond accuracy anyway?
>
> Cell phones, cell phone towers, computers handling financial
transactions, etc.
>
And these use cases actually use FreeB
On Apr 29, 2016, at 4:43 PM, Roger Marquis wrote:
>>> What are the reasons FreeBSD has not deprecated ntpd in favor of
>>> openntpd?
>>
>> While I cannot speak for anyone other than myself, the two simply aren't
>> equivalent. As a conscious design choice, OpenNTPD trades off accuracy
>> for cod
What are the reasons FreeBSD has not deprecated ntpd in favor of
openntpd?
While I cannot speak for anyone other than myself, the two simply aren't
equivalent. As a conscious design choice, OpenNTPD trades off accuracy
for code simplicity.
IIRC openntpd is accurate down to ~100ms. Ntpd does
On Fri, Apr 29, 2016 at 01:13:21PM +0200, ga...@zahemszky.hu wrote:
> >2) To update your vulnerable system via a binary patch:
> >
> >Systems running a RELEASE version of FreeBSD on the i386 or amd64
> >platforms can be updated via the freebsd-update(8) utility:
> >
> ># freebsd-update fetch
> ># f
Roger Marquis writes:
>
> What are the reasons FreeBSD has not deprecated ntpd in favor of
> openntpd?
While I cannot speak for anyone other than myself, the two simply aren't
equivalent. As a conscious design choice, OpenNTPD trades off accuracy
for code simplicity. It lacks support for NTP au
Despite the risk of beating a dead horse (apologies to non-native
english speakers for the acronym), as I cannot recall discussion of
migrating base, and since replacing ntpd with openntpd has been standard
practice in security-oriented environments for a few years now, perhaps
someone on the sec
On Fri, 2016-04-29 at 13:13 +0200, ga...@zahemszky.hu wrote:
> >
> > 2) To update your vulnerable system via a binary patch:
> >
> > Systems running a RELEASE version of FreeBSD on the i386 or amd64
> > platforms can be updated via the freebsd-update(8) utility:
> >
> > # freebsd-update fetch
>
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Both on an i386 and on an amd64 machine, I got:
Fetch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-16:16.ntpSecurity Advisory
The FreeBSD Project
Topic:
11 matches
Mail list logo
