On Wed, 24 May 2000 [EMAIL PROTECTED] wrote:
> I want to synchronize time on the servers behind the firewall via the
> internet. Is it ok to allow ntp via the firewall into the internet for
> time synchronization.
you really need to perform a risk assessment for your environment.
since ntp uses udp/123, it makes it much easier to spoof time messages.
the attack would be to spoof a time message to make forensic analysis
harder. although, if the attacker makes the time change too large and too
fast, the ntp client will disregard it.
if you can afford it, get an internal time source that can use md5 for
authentication.
no simple answers.
- brett
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
