time and date

JD jd1008 at gmail.com
Wed Jan 16 18:05:26 UTC 2013 

On 01/16/2013 10:45 AM, Tom H wrote:
> On Wed, Jan 16, 2013 at 12:30 PM, JD <jd1008 at gmail.com> wrote:
>> On 01/16/2013 09:12 AM, Tom H wrote:
>>> On Wed, Jan 16, 2013 at 10:45 AM, Oliver Grawert <ogra at ubuntu.com> wrote:
>>>> Am Mittwoch, den 16.01.2013, 08:29 -0600 schrieb Cybe R. Wizard:
>>>>> On Wed, 16 Jan 2013 15:04:22 +0100
>>>>> Oliver Grawert <ogra at ubuntu.com> wrote:
>>>>>
>>>>> I think ntp is a daemon and set of utilities, not a server:
>>>>>
>>>>> (ntp)
>>>>> "This package contains the NTP daemon and utility programs.  An NTP
>>>>> daemon needs to be running on each host that is to have its clock
>>>>> accuracy controlled by NTP. ...  An NTP
>>>>> daemon needs to be running on each host that is to have its clock
>>>>> accuracy controlled by NTP."
>>>>>
>>>>> One would run it in order to have the correct time set on their
>>>>> computer.  Why would one /not/ want it on a default installation?
>>>>>
>>>>> that said, there /is/ ntpdate, but it says, "ntpdate by itself is
>>>>> useful for occasionally setting the time on machines that do not have
>>>>> full-time network access, such as laptops," so, unless the b ox is
>>>>> connected full time, ntp.
>>>> ntpd runs constantly, occupying constant resources, it opens a listening
>>>> port to the outside world by default which opens a possible attack
>>>> vector ...
>>>>
>>>> ntpdate simply syncs with ntp.ubuntu.com once you establish a network
>>>> connection, unless you have a bad BIOS battery i doubt you will ever
>>>> need ntp installed on a laptop/desktop to keep your clock correct.
>>>>
>>>> note that ntp is installed by default on ubuntu-server installs ...
>>> ntpdate has been deprecated. It's better to use "ntpd -q" (without
>>> running ntpd as a daemon).
>> What's the use if it is not run as a daemon?
>> If it dies and never gets auto restarted, then heavy system load
>> will make the clock lag behind.
> I prefer that ntpd runs as a daemon. I wasn't arguing one way or
> another; I was just pointing out that ntpd can be substituted for
> ntpdate. AFAIR ntpdate has been deprecated because development effort
> was/is focused on ntpd and ntpdate hasn't been maintained.
>
> I don't think that running ntpd is such a strain on resources that it
> shouldn't be installed by default on both desktops and servers. The
> problem with ntp is that, on Debian and Ubuntu, it's both a client and
> a server by default.
>
>
Fine!
It is a no big deal to shut down INCOMING time and date requests
via the firewall. The issue of security is extremely minimal and also
trivial to handle via firewall.

More information about the ubuntu-users mailing list