nanog mailing list archives
Re: NIST NTP servers
From: Leo Bicknell <bicknell () ufp org>
Date: Wed, 11 May 2016 06:31:27 -0700
In a message written on Tue, May 10, 2016 at 08:23:04PM +0000, Mel Beckman wrote:
All because of misplaced trust in a tiny UDP packet that can worm its way into your network from anywhere on the Internet. I say you’re crazy if you don’t run a GPS-based NTP server, especially given that they cost as little as $300 for very solid gear. Heck, get two or three!
You're replacing one single point of failure with another. Personally, my network gets NTP from 14 stratum 1 sources right now. You, and the hacker, do not know which ones. You have to guess at least 8 to get me to move to your "hacked" time. Good luck. Redundancy is the solution, not a new single point of failure. GPS can be part of the redundancy, not a sole solution. -- Leo Bicknell - bicknell () ufp org PGP keys at http://www.ufp.org/~bicknell/
Attachment:
_bin
Description:
Current thread:
- Re: NIST NTP servers, (continued)
- Re: NIST NTP servers Eygene Ryabinkin (May 11)
- Re: NIST NTP servers Jean-Francois Mezei (May 12)
- Re: NIST NTP servers Tony Finch (May 13)
- Re: NIST NTP servers Ryan Harden (May 11)
- RE: NIST NTP servers Chuck Church (May 10)
- Re: NIST NTP servers Gary E. Miller (May 10)
- Re: NIST NTP servers Jared Mauch (May 10)
- RE: NIST NTP servers Chuck Church (May 10)
- Re: NIST NTP servers Gary E. Miller (May 10)
- Re: NIST NTP servers Mel Beckman (May 10)
- Re: NIST NTP servers Leo Bicknell (May 11)
- Re: NIST NTP servers Josh Reynolds (May 11)
- Re: NIST NTP servers Mel Beckman (May 11)
- Re: NIST NTP servers Jay R. Ashworth (May 11)
- Re: NIST NTP servers Valdis . Kletnieks (May 11)
- Re: NIST NTP servers Mel Beckman (May 11)
- Re: NIST NTP servers Eric Kuhnke (May 11)
- Re: NIST NTP servers Jean-Francois Mezei (May 12)
- Re: NIST NTP servers Mel Beckman (May 12)
- Re: NIST NTP servers Leo Bicknell (May 11)
- Re: NIST NTP servers Brandon Vincent (May 11)