[189209] in North American Network Operators' Group
Re: NIST NTP servers
daemon@ATHENA.MIT.EDU (Josh Reynolds)
Wed May 11 10:14:58 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <20160511133127.GA75456@ussenterprise.ufp.org>
Date: Wed, 11 May 2016 09:00:54 -0500
From: Josh Reynolds <josh@kyneticwifi.com>
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I hope your receivers aren't all from a single source.
I was in Iraq when this (
http://dailycaller.com/2010/06/01/glitch-shows-how-much-us-military-relies-=
on-gps/
) happened, which meant I had no GPS guided indirect fire assets for 2
weeks.
On Wed, May 11, 2016 at 8:31 AM, Leo Bicknell <bicknell@ufp.org> wrote:
> In a message written on Tue, May 10, 2016 at 08:23:04PM +0000, Mel Beckma=
n wrote:
>> All because of misplaced trust in a tiny UDP packet that can worm its wa=
y into your network from anywhere on the Internet.
>>
>> I say you=E2=80=99re crazy if you don=E2=80=99t run a GPS-based NTP serv=
er, especially given that they cost as little as $300 for very solid gear. =
Heck, get two or three!
>
> You're replacing one single point of failure with another.
>
> Personally, my network gets NTP from 14 stratum 1 sources right now.
> You, and the hacker, do not know which ones. You have to guess at least
> 8 to get me to move to your "hacked" time. Good luck.
>
> Redundancy is the solution, not a new single point of failure. GPS
> can be part of the redundancy, not a sole solution.
>
> --
> Leo Bicknell - bicknell@ufp.org
> PGP keys at http://www.ufp.org/~bicknell/
