|
||||||||
On 6/17/2003, "Manuel Kasper" <mk at neon1 dot net> wrote: >On Tue, 17 Jun 2003, Fred Wright wrote: >> I don't think including a default server is a good idea. The admin might >> get annoyed if everyone on the planet started using that one particular >> server because nobody bothered to change the setting. :-) Not to mention pool.ntp.org has been setup for this purpose as I understand it...basically a round robin of a lot of public stratum2/3 NTP servers, meant for use where you just want "good enough" time sync. >Alright. I think it'd be better to disable the NTP server by default and >have the user explicitly enable it (and specify a server) when he/she >needs it. Not running any unnecessary services is always a good idea on a >firewall... But yes, a firewall should have a very minimal set of default services. The commercial firewalls I have used (Netscreens mainly) all have NTP disabled by default. They display a banner when you start them up the first time that reminds you to set the clock though. - James |