Re: Network time protocol

[SL Baur <steve@example.com>]

s-luppescu  <s-luppescu@example.com> writes in tlug@example.com:

> Here's what I was told, when I asked about the safety of opening up a port on
> my firewall to permit ntp:

> -----------------------------------------------------------
>         Theorically there is a problem when opening the NTP server. Many
> of the cryptographic systems use the system time to generate random
> numbers, ...


That's not what I would have guessed.  Systems with /dev/random have a
better source of random numbers than a timer and on systems without it
or the equivalent, you're better off not assuming you can get really
random numbers at all.

Personally, I would be more worried about denial of service attacks. The
very first time I ever crashed a Unix system (early System V) was when I
misset the system time on installation (typed the year wrong) and reset
the time while multiuser.  Cron promptly decided to run a year's worth
of accounting cron jobs and down she went ...