On 2020-05-08 00:17, Theo de Raadt wrote:
Theo de Raadt <dera...@openbsd.org> wrote:
(...)
Stuart Henderson <s...@spacehopper.org> wrote:
(...)
Dear Stuart, Theo,
thank you for insightful answers.
I admit my understanding of intricacies of ntp protocol equals zero -
same as my current motivation to learn more about it. My need for
accurate timekeeping on my OpenBSD firewalls is best described by the
fact that I occasionally log into branch routers where I routinely
discover their clock is off by >2 years because I forget to either start
ntpd with default ntpd.conf in appropriate rdomain with Internet access,
or to edit default ntpd.conf to point them to internal ntp server, also
running on OpenBSD with default ntpd.conf. To my great joy, this never
affects their main functionality of pushing packets between branch
office and HQ in a way I consider secure enough.
My main motivation for asking this question on @misc was political, and
went along the lines of "why send these ad-peddling,
private-data-slurping clowns any packets?"
Thanks to your answers, I understand now there is more to it than "let's
just put some website that is most likely to be there when we query it
for constraints, and also promote it a bit while there".
Stay fresh,
--
Before enlightenment - chop wood, draw water.
After enlightenment - chop wood, draw water.
Marko Cupać
https://www.mimar.rs/
