top | item 8783052

(no title)

Ricapar | 11 years ago

It's just good security practice.

Even if the code path is never intended to be executed, there are bugs in code that could lead to it.

Yes, it's a P2P protocol, but when you're managing a bunch of servers, you don't use it as such.

You set up one server in your environment (time.example.com) and have all your boxes sync to that.

Why would appserv.example.com EVER need to be able to accept NTP connections from anyone else?

discuss

mkhpalm|11 years ago

You are looking for ntpdate executed regularly from a scheduled task. Its a sawtooth drift/snap pattern but it seems to be good enough for MS.

That said, a slightly configured ntp doesn't ever accept ntp connections from anyone else. Thats not like a requirement or anything.

easytiger|11 years ago

Run it in client only mode and it won't