Major Clock Drift
Timothy M. Lyons
lyons at digitalvoodoo.org
Thu Aug 26 20:18:00 EDT 2004
Actually, unless something has changed, you should insert the proper
connection rules in your firewall
iptables -I $FWCHAIN -m udp -p udp -s $server/32 --sport 123 -d $local/32 (or
0/0) --dport 123 -j ACCEPT
--Tim
----- Original Message -----
From: "miah" <jjohnson at sunrise-linux.com>
To: <discuss at blu.org>
Sent: Thursday, August 26, 2004 17:38
Subject: Re: Major Clock Drift
> uhoh top post.
>
> Not to mention, you could add a firewall rule via iptables or ipchains
> to block incoming connections out port 123.
>
> -miah
>
> On Thu, Aug 26, 2004 at 04:53:54PM -0400, Richard Chonak wrote:
>> Josh Pollak wrote:
>> I think ntp.conf can include directives to make the server daemon (ntpd)
>> ignore requests from other machines, so it is possible to run it and be
>> confident about its safety.
>>
>> For your purposes, though, it's probably easier to just run ntpdate in a
>> cron job once an hour or a few times/day. That'll keep your machine's time
>> consistent enough for practical use.
>>
>> --RC
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list