Re: [fw-wiz] Acqusition of time

From: Ben Nagy (ben@iagu.net)
Date: 01/30/03

• Next message: Ben Nagy: "Re: [fw-wiz] Content Switch as security device?"
• Previous message: Reckhard, Tobias: "RE: [fw-wiz] terminal services"
• In reply to: Brian Ford: "Re: [fw-wiz] Acqusition of time"
• Next in thread: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Reply: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Reply: Kevin Steves: "Re: [fw-wiz] Acqusition of time"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Ben Nagy" <ben@iagu.net>
To: <firewall-wizards@honor.icsalabs.com>, "Brian Ford" <brford@cisco.com>
Date: Thu Jan 30 03:09:51 2003

I'm all confused.

If a firewall can't reach an NTP server because of some transient network
condition the clock doesn't automatically go haywire - it will just start
drifting as per the normal accuracy of the hardware clock, no?

Or are we talking about some imaginary firewall that doesn't actually have a
hardware clock with a CMOS battery?

I could maybe be convinced that the "best" behaviour would be to start
marking log entries somehow as soon as NTP sync got lost or the correction
was larger than a few seconds, but I'm not sure it's anywhere near as
serious as losing logging ability. (That said, how many people use PIXes
that log via standard, lossy, syslog ? ;)

Cheers,

ben
----- Original Message -----
From: "Brian Ford" <brford@cisco.com>
To: <firewall-wizards@honor.icsalabs.com>
Sent: Thursday, January 30, 2003 1:01 AM
Subject: Re: [fw-wiz] Acqusition of time

> Paul,
>
> You make a couple of good points.
>
> If a security device uses network time and can't set the clock there needs
> to be a capability to drop the Firewall into a blocking mode[...]

• Next message: Ben Nagy: "Re: [fw-wiz] Content Switch as security device?"
• Previous message: Reckhard, Tobias: "RE: [fw-wiz] terminal services"
• In reply to: Brian Ford: "Re: [fw-wiz] Acqusition of time"
• Next in thread: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Reply: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Reply: Kevin Steves: "Re: [fw-wiz] Acqusition of time"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [fw-wiz] Acqusition of time ... > If a firewall can't reach an NTP server because of some transient network ... > condition the clock doesn't automatically go haywire - it will just start ... So, if a firewall can't reach an NTP server a longer time, I would think ... (Firewall-Wizards) Re: Need Help Security issue ... >> material leaving hundreds of temporary internet files and cookies on the ... >> the clock was changed while those porn sites were accessed. ... Does the company in question have a firewall? ... think that ME logs that info. ... (comp.security.misc) Re: Disabling Windows XP Firewall? ... >I am trying to access a forum but after I press ... > temporarily disable the firewall or the clock is not set at the ... especially with Windows Firewall. ... (microsoft.public.windowsxp.general) Re: 08 MSRP ... i wonder how this 'puter clock gets off like that in a month or so. ... Working Time Servers: ... I've never had problems with windows firewall or mcafee's firewall blocking the time service. ... (rec.motorcycles.harley) Re: msmsgs.exe--what is it? ... Look for green or red man next to clock. ... > I got my new Dell XP Home computer going over the weekend:) Installed ... > firewall, ms updates, adaware, antivirus, no problems so far. ... (microsoft.public.windowsxp.general)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint