On Fri, Apr 04, 2003 at 01:13:01AM +0200, Timo Boettcher wrote:
> Also I heard once that use of all r* programs should be carefully
> considered because of security reasons... does rdate count to this
> group?
No. rdate is a very simple command that uses the standard 'daytime'
TCP or UDP port to update the clock. It connects to the other machine,
reads the four byte system clock time, then optionally sets its clock
to that value. No real security risk, except possibly as a denial of
service to the machine that the time is being read from if too many
requests come in.
Of course, NTP has ways of compensating for communication delays on
the net, which rdate doesn't. So normal procedure would be to use NTP
on the gateway machine to the network, then rdate inside any internal
network. More due to latency concerns than security.
---------------------------+---------------------------------------------------
Bryan Feir VA3GBF|"A half-truth, like a half-brick, is more forcible
Home:[EMAIL PROTECTED] | in an argument than a whole one...
| it carries further." -- Stephen Leacock
---------------------------+---------------------------------------------------
--
[EMAIL PROTECTED] mailing list
