Re: [time-nuts] Time security musing - attacking the clock itself
What is the 'thing' being secured? H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Very challenging phase noise measurement, does anyone have an idea??
Karen, I still have maybe another half an hour of work to do. If I can wake up to be on the call I will. I'd say there might be a 50% chance I'll make it... -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Does GPS time reception work everywhere all of the time?
You wrote: > Let me just add a bit of caution here: The NTP software gets confused > if it has too many servers to select from. > > I would _never_ advice configuring more than 5 ntp servers for any > machine, unless some of them deliberately are made unavailable and > only used for monitoring/sanity-check. Sounds like a bug to me. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Does GPS time reception work everywhere all of the time?
You wrote: > In message <201008310920.o7v9kzui025...@stenn.ntp.org>, Harlan Stenn writes: > >You wrote: > > >> I would _never_ advice configuring more than 5 ntp servers for any > >> machine, unless some of them deliberately are made unavailable and > >> only used for monitoring/sanity-check. > > > >Sounds like a bug to me. > > It is. > > The problem is that if multiple servers with roughly identical > performance survive the culling, the clock selection codes > commitment-anxiety makes i switch partner far too often. > > If you allow the automatic poll-rate tweaker into the game, instead > of sensibly clamping maxpoll, it gets even more interesting. Has this been brought to DLM's attention? And I assume this is not a problem with your code because you code is designed for S1 use as opposed to higher-stratum systems that are in a better "position" to have multiple servers, right? H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Leap second coming...
GPS units use the GPS timescale, not UTC. See http://leapsecond.com/java/gpsclock.htm But that's planes, etc. The ground-control radar folks use UTC as I recall, and they have dealt with leap seconds enough to know what to expect. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Leap second glitches on NTP using Z3801A
Scott wrote: > Yes, I noticed this as well and modified the refclock driver to filter > it as it does in the oncore refclock. > > Scott If you submitted this patch to the NTP Project I didn't see it. If you didn't submit it, I invite you to do so. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Leap second glitches on NTP using Z3801A
OK, so thanks for posting this, and I sitll invite you to submit a patch via http://bug.ntp.org . H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] PCI IRIG receiver card for AIX?
> Does anybody know of any PCI cards that will receive IRIG-B time > signals and come with an I/O driver for AIX (IBM's flavor of UNIX)? > Industrial-grade commercial products are preferred. In the past I have, on one occasion, been able to use a regular audio card for this, and I used the IRIG_AUDIO refclock with ntpd for this. I don't know if that is what you have in mind but it should be an option. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] GPS USB dongle for time server
Using USB serial introduces amusing amounts of jitter. This is usually not a problem for the NMEA sentences, but I wouldn't want to be detecting the PPS signal via USB1 or USB2 serial devices. I've heard that USB3 should be much better. I haven't touched any of these yet. -- Harlan Stenn http://ntpforum.isc.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Maintaining boatanchors
I hear that qemu will run OS-9, and there are also 6809 emulators out there. http://en.wikipedia.org/wiki/OS_9 has more information. But I suspect y'all already know this. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] My Garmin 18x, Ver 3.50, currently 1 second slow to UTC
> So, what is the final consensus as to which is the best firmware > version to use for NTP purposes? I don't know, but I trust y'all know about: http://support.ntp.org/bin/view/Support/ConfiguringGarminRefclocks H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] NTP IRIG config help
Have you seen: http://support.ntp.org/bin/view/Support/ConfiguringIrigRefclocks Feel free to nose around on other ConfiguringRefclocks pages, and add questions or improve the content. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] MIT RADIATION LABORATORY SERIES 1940-1945 (28 VOLS) on eBay
Bill Hawkins wrote: > What does this have to do with time, you ask? Why, only that > the passage of time alters men's passions. Yeah, I've had dates like that. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Thunderbolt meets ntpd
I think Fer is still an active maintainer on the tbolt work he did... -- Harlan Stenn <[EMAIL PROTECTED]> http://ntpforum.isc.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Thunderbolt meets ntpd
Folks, Just in case anybody isn't aware of the following pages, I thought I'd mention it and invite folks to put whatever information they think would be useful there: http://support.ntp.org/bin/view/Support/ConfiguringRefclocks http://support.ntp.org/bin/view/Support/RefclockUsers I'm happy to help folks get more information there. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
[time-nuts] TrueTime A-468MS
An apparently no-longer used Truetime A-468MS antenna just came down from the roof. What might it be good for? I have found: http://www.leapsecond.com/museum/468-dc/theory.htm -- Harlan Stenn <[EMAIL PROTECTED]> http://ntpforum.isc.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] NIST time services
"Poul-Henning Kamp" writes: > In message m> > , Chris Albertson writes: > > >Yes. NTP calls it "root distance" [...] > > And it is generally useless, because people don't calibrate it. http://bugs.ntp.org/show_bug.cgi?id=2587 Because I've forgotten to open a ticket on this too often for too long. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] NIST time services
"Poul-Henning Kamp" writes: > In message , Harlan Stenn writes: >>"Poul-Henning Kamp" writes: >>> In message >>> >>> , Chris Albertson writes: >>> >>>> Yes. NTP calls it "root distance" [...] >>> >>> And it is generally useless, because people don't calibrate it. >> >> http://bugs.ntp.org/show_bug.cgi?id=2587 >> >> Because I've forgotten to open a ticket on this too often for too long. > > I'm actually not certain that it helps, even if you document it. > > It's sort of an "administrative" distance and it unfairly penalizes > any GNSS in favour of terrestial if you calibrate it according to the > original intent... I'm game to come up with a better plan. Original intent is good, and follow-on improvements are even better. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Opinions on OpenNTPD
The last time I looked openntp was really an SNTP implementation. If you are running it on a leaf node it might be fine for you. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] future NTP programs...
"Poul-Henning Kamp" writes: > > In message <0AA8645271A94DF3968C90FE6BF94276@Alta>, "David J Taylor" writes: > > >- that there is (eventually) a Windows implementation. > > I'm writing the code to be as portable as I can make it, but I have > neither Windows machines nor clue how to program for their kernel-time-api. We should talk about it - there are some options and opportunities there. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] future NTP programs...
"Poul-Henning Kamp" writes:
>
> In message <546152ac.8090...@rubidium.dyndns.org>, Magnus Danielson writes:
>
> >Monitoring as such is an important task, and some of the NTP clients
> >might be servers in other contexts, and then it makes sense to monitor
> >that they got their NTP time into shape.
>
> For which there has existed a system call for 20 years now:
>
> ntp_gettime() has as argument a struct ntptimeval * with the following
> members:
>
> struct ntptimeval {
> struct timeval time;/* current time (ro) */
> long maxerror; /* maximum error (us) (ro) */
> long esterror; /* estimated error (us) (ro) */
> };
>
> These have the following meaning:
> time Current time (read-only).
> maxerror Maximum error in microseconds (read-only).
> esterror Estimated error in microseconds (read-only).
And those fields have value, and they are not "enough". The aim of
NTF's General Timestamp API is to have a timestamp with "enough" values
in it.
--
Harlan Stenn
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.
[time-nuts] Please help Network Time Foundation...
With the permission of TVB and JRA, here's the short version. Network Time Foundation is now old enough (3 years) to qualify to be listed with the Combined Federal Campaign, and we'd love to be listed there. As I understand it, there's another qualification hurdle - we need to have at least $100,000 in revenue to qualify. In the first 11 months of our 3rd and best year so far, we've raised over $93,000. Two days ago I mentioned our goal on the questi...@ntp.org list and since then we've received 6 donations and 3 joins, for nearly $1,000 more. Please help NTF deliver on its mission to improve Network Time! (And as probably all of you know, $100,000 doesn't go very far at all - we need to raise much more than that to start hiring developers, sysadmins, research folks, Q/A folks, documentation folks, Standards wranglers, and many others. But before we can get there, we need to just keep raising more money than we've raised before...) Visit http://nwtime.org and Join a Consortium or make a Donation - any amount helps! If "time" is important to your company, please see about having them join a consortium, too! The blog post about the above is: http://nwtime.org/help-ntf-join-combined-federal-campaign/ Thanks... -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Time in a cave
"Tucek, Joseph" writes: > I do need time sync intra-cluster to be tight (sub millisecond, 100 > nano as a stretch goal). UTC sync can comparatively be terrible; 10-1 > ms is fine, and I can live with "bad NTP, 100 ms" if I must. From > specs, */really/* good quartz is my limit and /good/ quartz is > acceptable, so long as it doesn't mess with the intra-node PTP > tightness. I'm mostly looking at TCXO options. OCXO isn't out of the > question, but rubidium doesn't seem to give $/value. If you want intra-cluster at sub-millisecond, NTP is possible, and that should be trivial with PTP. I've been attending the ISPCS plugfests for the past few years' time and I've been making sure that we can "take time" from upstream NTP or PTP, and distribute that time via NTP or PTP. >> Yes, the master will have a fairly low phase noise local oscillator >> as it's internal reference. Everything will synch to that. If all >> you are doing is syncing the local cluster you don't even care about >> time outside. This is true for most industrial applications that are >> just syncing machinery. > > Thanks for the info. PTP isn't as well understood/documented as NTP, > so I've not been as certain about my decisions. Of course, that is > fair for a relatively new standard. Network Time Foundation "includes" the NTP Project, Ntimed (and PHK plans to at least look at PTP support sometime), and 2 PTP projects - PTPd, which is designed to be portable and generally useful, and Linux PTP, which is designed to be optimized for the latest Linux kernels. > Currently, I think my two best options are: 1) CDMA enabled PTP > appliance (set and forget), or 2) PTP appliance running as stratum 2 > from good NTP. Either should be fine. I saw you can't run an antenna wire from where you'll be, but perhaps a lan cable? That might go to either a GPS device or to a small NTP or PTP device. NTF is working to improve the products under its umbrella all the time, and we're seriously resource-constrained. OK, we're disturbingly resource-constrained. While the PTPd folks seem to have enough developer resources and Richard Cochran has not complained about the developer resources for Linux PTP, none of the projects have adequate documentation writers. Guess what I think would be a Swell Idea? -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Time in a cave
Paul writes: > On Tue, May 12, 2015 at 7:00 PM, Tucek, Joseph wrote: > > > > I'm looking for information on non-GPS time sources. > > > > For background, I need to provide PTP > > > I believe this was "recently" discussed on ntp:questions. People often > forget dial-up (ACTS) which is supported by the PTP capable Microsemi > SyncServer 3NN models which also have OCXO/TCXO/Rb hold-over options. One problem is that while ACTS used to be a very good way to keep time, now that modems no longer have constant processing time and phone lines are no longer end-to-end copper and the signal likely goes thru a number of "domain" changes (Audio/Digital, Frame Relay, ATM, ...), I'm told that ACTS is nowhere near as good as it used to be. H ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Time in a cave
Hi Magnus, I suspect you thought this was going only to me, but I'll use it for what I hope is a short burst of illumination. Magnus Danielson writes: > Harlan, > > On 05/14/2015 01:34 AM, Harlan Stenn wrote: > > NTF is working to improve the products under its umbrella all the time, > > and we're seriously resource-constrained. OK, we're disturbingly > > resource-constrained. While the PTPd folks seem to have enough > > developer resources and Richard Cochran has not complained about the > > developer resources for Linux PTP, none of the projects have adequate > > documentation writers. > > Work is silently being made to ensure that NTP vendors become NTF > members, and that way start to pay back for the code they use and at > least somewhat help solving the resource issues. Hope that you seen that > in your end. Yes, I'm hearing about this, and if it happens it will be *most* helpful. And while it will be genuinely helpful and a start, it won't be enough. It is necessary, and not yet sufficient. If 10 NTP vendors join NTF at the $50k/year level (as opposed to whatever number at lower levels) NTF will *almost* have enough to cover a partial combination of core staff, operating expenses, and equipment. Core staff is just that - minimum core staff. Throw documentation writers, developers, Q/A test folks, sysadmin, a testing lab with a scientist, testing gear, and sysadmin support, standards wrangling (Each IETF meeting costs about $4k per person *just to attend*, and there is ongoing work outside of the meetings. There are IEEE and ITU meetings, and others.), and things I'm forgetting to mention, and one discovers... To really do the job that needs to be done we'll need a budget that is closer to $3m/year, and we're working on ways to get there. NTF's revenue stream has been steadily growing. Last year NTF had revenues of about $103k, and expenses of $104k (yes, we lost about $1,000 last year). This year we're continuing to grow (and NTF is still not paying me). Put another way, the ntp tarball is just a bit smaller than a bind-9 tarball. NTF does not have even 5% of the resources to support NTP that ISC has to support BIND. So yes, growing the membership at NTF is exactly what needs to happen, and every new member noticeably helps. And we need to do this and other revenue-producing things even more. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] When NTP goes wrong...
Neil Schroeder writes: > I would like to respond in a generic and sweeping way - having not read in > the detail Bob layed out for us required to fully analyze the situation - > to the notion that circuit level access or prior topological knowledge is > required to exploit this or any other spoofing attack. On a corporation or > education network, I could generate such malformed packets with almost no > effort as long as i had my Mac or a similarly not-windows device, or access > to one. I estimate it'd take less than 5 minutes for me to do for the > majority of targets - which means any motivated party could within an hour > or two. I'm not warranting I would succeed - hopefully there would be a > real firewall SOMEWHERE in the path from the open internet to a real > physical host. I invite you to take 5-15 minutes' time and find out. I won't ask you to (and I hope you don't) publish too much information on what you find out, because that initial hurdle is "big enough" to keep the majority of miscreants at bay. However, give a tool to a script-kiddie... But please do take a bit of time and try to implement this attack. Once you are there, I'd appreciate any suggestions hou might have regarding mitigation. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Network Time Foundation
You're almost funny, Gary. H -- "Gary E. Miller" writes: > Yo Azelio! > > On Sat, 13 May 2017 16:10:03 +0200 > Azelio Boriani wrote: > > > Is the Network Time foundation the only one to have the NTP source > > code? Is the Meinberg code (for example) a different one? > > There is a fork of NTP Classic, called NTPsec. It is being more activly > worked on than NTP Classic and has many new features like ntpmon and > ntpviz. It is readily available over git: > > https://www.ntpsec.org/ > https://github.com/ntpsec/ntpsec > > > RGDS > GARY > -= > -- > Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 > g...@rellim.com Tel:+1 541 382 8588 > > Veritas liberabit vos. -- Quid est veritas? > "If you can=E2=80=99t measure it, you can=E2=80=99t improve it." - Lo= > rd Kelvin > ___ > time-nuts mailing list -- time-nuts@febo.com > To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-= > nuts > and follow the instructions there. > ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Anyone still running a Soekris net45XX for NTP?
Mine are running FreeBSD-11. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] Typical NTP performance? Monitoring multiple NTP servers?
Anders, It's possible to discipline the local clock with PTP and have NTP serve that time to other hosts if that's what you want to do. It's easy to have a single local NTP instance track multiple remote NTP instances. Preferred, even. I routinely see LAN machines running NTP that track time to 1ms or better using just the network - no PPS. Others here will likely have better information for you. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] ***SPAM*** Serial cables with thin connectors
Can you find D2700s? It's been a while, but I thought the D2700s were "better enough" than the D2500s. Having said that, I also sometimes still use D525s, and pull the 2nd serial header out on a PCI slot header: http://www.supermicro.com/products/motherboard/ATOM/ICH9/X7SPA-HF-D525.cfm but I really like IPMI. These can be had for much less without IPMI. I'm also sometimes using S1260 Atoms: http://www.supermicro.com/products/motherboard/ATOM/X9/X9SBAA-F.cfm but these motherboards have very few USB ports. One of these days I'll get one of these that have an audio port and play with IRIG and stuff... H -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
Re: [time-nuts] NTP as vector for DDOS attacks?
This amplification attack vector is really easy to stop. The procedure is documented in the CERT advisory, which was released with almost no forewarning to me or my team. While we knew about it and drafted the mitigation information and tweaked other portions of the announcement, we were expecting a bit more time to prepare information for the NTP and NTF websites. If there are vulnerable systems out there that cannot be configured to behave well, then the vendors of those systems will receive a wakeup call and get a fair amount of bad press. A silver lining is that this situation may induce folks to donate to NTF, join NTF's NTP Consortium, and/or become inaugural members of NTF's Certification and Compliance Program, which will make sure that default configurations don't have these or similar problems. It's great to talk about all of these things. I submit it's even better for people and institutions who care about network time to financially support Network Time Foundation. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
