Time Server - synching with an external source

  • Thread starter Thread starter Microsoft NewsGroups
  • Start date Start date
M

Microsoft NewsGroups

Seems like I remember reading somewhere that there was a "security risk"
involved when synching with an external time server source such as a atomic
time service on the Internet. Is this true, and what is the risk?

What do others do to keep their internal time server accurate?
Thanks
 
There is no real risk doing this. Since you are initiating the call you
can manage it using a pinhole rule on your router for the NTP port
(TCP/123) just don't allow outbound initiated connections to that server
for NTP.

- Stefan
 
i use a hardened freebsd box - it syncs to the internet atomic clock(s),
then my MS boxes sync with it.

Rick
 
Microsoft NewsGroups said:
Seems like I remember reading somewhere that there was a "security risk"
involved when synching with an external time server source such as a atomic
time service on the Internet. Is this true, and what is the risk?

NTP is not authenticated, and you are accessing an external source, the NTP
traffic could be spoofed.
What do others do to keep their internal time server accurate?

We use a Spectracom WWVB Radio Clock and a Trimble Navigation GPS Clock
connected to our Stratum 1 servers.
 
Thanks.


Eric Chamberlain said:
NTP is not authenticated, and you are accessing an external source, the NTP
traffic could be spoofed.


We use a Spectracom WWVB Radio Clock and a Trimble Navigation GPS Clock
connected to our Stratum 1 servers.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top