ntpd vulnerabilities
Jamie Landeg-Jones
jamie at dyslexicfish.net
Tue Dec 23 04:38:57 UTC 2014
Brett Glass <brett at lariat.org> wrote:
> Within my own network, I have used cron and ntpdate (even though it's
> officially deprecated) on most of the clients, querying a couple of
I think ntpdate is only deprecated because it's functionality is provided
by 'ntpd -q'
> on them. But it obviously has some drawbacks; in particular, it doesn't
> continuously correct the clocks but makes them jump at particular
> times of day.
Until recently, I'd been using this too, however, using the '-B' option to
ntpdate ('-x' to nptd) to slew the clock instead. A couple of these a day in
cron causes neglegable drift, unless your clock ain't too good!
Cheers, Jamie
More information about the freebsd-security
mailing list