Security issues with NTPD

I want to sync some two dozen Linux servers which are spread all over the world. I was thinking about using NTPD, but I want to know the security implications of using it: Is there a possible vulnerability? Should I sync them to a local server and sync it manually?

Thanks,

Udi

any piece of network software is a potential vulnerability, especially if it runs as root as ntpd does. That said, ntpd has a very good security record, so I would have little problem running it, as long as my servers were not listening as ntp servers, merely connecting to them to update the time.

Check more discussion of this question.

Bookmark on Delicious
Digg this post
Recommend on Facebook
share via Reddit
Share with Stumblers
Tweet about it
Print for later
Bookmark in Browser
Tell a friend

Problem synchronizing server time with ntpd
Do I need to run ntpd in my EC2 instance?
How do i smoothly update ntpd’s peer list?
ntpd Stratum Zero when nptd is started
NTPD on RedHat ES4 not synching to Win2K3 domain controler

Security issues with NTPD

Related posts:

Leave a comment

Recent Posts

Tags