Security Basics mailing list archives

RE: NTP Best Practices

From: "Mohamed Farid" <mfarid () mscc com eg>
Date: Sun, 27 May 2007 09:16:07 +0300

I am using ntp.pool.org to synchronize my Time for my all Network Boxes
- I am using it from about 2 years - I don't know if it's really risky !

Mohamed Farid ,, 
Telecommunication & Security Department Manager ,,,
 
Mediterranean Smart Cards Company ,,
92 Tahreer Street. Dokki / Cairo / Egypt
Website    : www.mscc.com.eg
Email  : mfarid () mscc com eg
Phone : +2 02 3331439/+2 02 3331400
Fax      : +2 02 7621164
Mobile      : +2 0122258350
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of worldsmart02 () yahoo com
Sent: Tuesday, May 22, 2007 2:59 PM
To: security-basics () securityfocus com
Subject: NTP Best Practices

anyone has best practices for allowing NTP access to internal time
server from a external firewall, what are the security vulnerabilities
associated with this.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
This e-mail (including attachments) is classified as Mediterranean Smart Cards Company confidential and proprietary 
information 
The recipient hereby is committed to hold in strict confidence the contents of this (e-mail, document, and information) 
and not to disclose to any third party without the prior written consent of Mediterranean Smart Cards Company. 
Recipient will be held liable for any unauthorized disclosure.
It is intended solely for the addressee. Unless you are the addressee, you may not read, copy, use or store this e-mail 
in any way, or permit others to. 
If you have received it in error, please notify the sender by return e-mail and delete the message in its entirety, 
including any attachments
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Current thread:

NTP Best Practices worldsmart02 (May 23)
- Re: NTP Best Practices Nikhil Wagholikar (May 24)
- RE: NTP Best Practices Mohamed Farid (May 28)
  - Re: NTP Best Practices Saurabh Bathe (May 28)
- <Possible follow-ups>
- RE: NTP Best Practices Nhon Yeung (May 24)
- Re: NTP Best Practices visitnikhil (May 29)