[168877] in North American Network Operators' Group
Re: Need trusted NTP Sources
daemon@ATHENA.MIT.EDU (Notify Me)
Thu Feb 6 06:46:31 2014
In-Reply-To: <52F3675E.9080609@foobar.org>
Date: Thu, 6 Feb 2014 12:46:06 +0100
From: Notify Me <notify.sina@gmail.com>
To: Nick Hilliard <nick@foobar.org>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
We're a redhat shop, and we use redhat auth which by default uses redhat
NTP sources. Sounds odd to me too. They claim this is what PCI DSS demands.
On Feb 6, 2014 11:43 AM, "Nick Hilliard" <nick@foobar.org> wrote:
> On 06/02/2014 10:03, Notify Me wrote:
> > I'm trying to help a company I work for to pass an audit, and we've
> > been told we need trusted NTP sources (RedHat doesn't cut it).
>
> So presuming that your company is using RH or Fedora or CentOS something,
> the auditors are claiming that Red Hat, Inc is trusted enough to provide a
> precompiled based operating system with no feasible means of proving its
> reliability, but that they're not trustworthy enough to provide a clock
> synchronisation service?
>
> My head spins.
>
> Get new auditors. Your current ones are stupid.
>
> Nick
>
>
