Re: Netatalk and NFS


Subject: Re: Netatalk and NFS
From: Matthew Keller (kellermg@potsdam.edu)
Date: Mon Jan 08 2001 - 12:03:39 EST


Tim Carlson wrote:
> <preach>
>
> IMHO that is a horrible method
> Please please please look at using ntp. It will save you much pain esp if
> the machine you are syncing has bad clock skew. Even after you do your
> "rdate -s machinename" you are still out of sync.
>
> </preach>

        *lol* You're not the first person to get all bunched up about that. The
problem with NTP is that it is a security hole. It's very easy for any
random person to spoof NTP packets and REALLY mess things up. The
precision needed for file-sharing over FTP only has to be down to the
second (~3 seconds if you do the long math) which an hourly rdate will
accomplish just fine, with only a trivial security risk. (and cuts down
on network traffic too).

-- 

Matthew Keller WebMaster, Interim Network Manager & Host Systems Analyst Computing & Technology Services Information Services Division State University of New York at Potsdam Website: http://mattwork.potsdam.edu/ PGP: http://mattwork.potsdam.edu/crypto/



This archive was generated by hypermail 2b28 : Sun Oct 14 2001 - 03:04:30 EDT