Re: [fw-wiz] Acqusition of time

From: Charles W. Swiger (
Date: 01/29/03

From: "Charles W. Swiger" <>
Date: Wed Jan 29 10:43:03 2003

On Wednesday, January 29, 2003, at 09:55 AM, Brian Monkman wrote:
[ ... ]
> Are there any situations where a firewall's acqusition of time
> could/should be from a network time source? Not necessarily a public
> source, it could be an "internal" time source.

It's a good idea to have the timestamps on logfiles consistant, so running
ntpdate or some such upon system boot is a pretty good idea. Running ntpd
against internal NTP servers is a greater risk; so if your systems keep
adequate time, don't; if your systems drift noticably, then NTP will
probably be worth the tradeoff.


        Chuck Swiger | | All your packets are belong to
        "The human race's favorite method for being in control of the facts
         is to ignore them." -Celia Green