May 21, 2017
Jan 1, 2017
There’s a new forum for discussion related to the NTP Pool at community.ntppool.org. Please come join us. There are a couple interesting threads about the recent leap second and lots of empty space for your questions or suggestions. :-)
Dec 19, 2016
Since last Tuesday some countries have seen an excessive number of queries to the NTP Pool.
Nov 29, 2016
Nov 4, 2016
The IETF has published a new version of NTP Best Current Practices documenting learned best practices on how to run NTP servers and clients.
If you know a little about the NTP protocol reading it will be a quick way to learn more about how it works “in the wild” (including on your own systems).
Aug 27, 2016
Most of the data is updated manually, so it won’t be any better than the busy humans can manage, but it’ll be a better system for giving system updates than posting here (or on the dicussion mailing list).
Apr 23, 2016
Jan 4, 2016
The beta site is a full installation of the system running with a separate database that gets new code before the regular site.
Dec 22, 2014
As you might have seen a few days ago several potentially critical security vulnerabilities in all versions of ntpd were announced.
Most OS’es have released back-ported fixes. Depending on your specific ntp and network configuration you might not be exposed, but the easiest way to make sure your systems aren’t vulnerable is to apply the software updates and make sure ntpd has restarted on the fixed version.
Alternatively you can read the announcement page linked above carefully and make configuration changes to mitigate the issues.
If you have built ntpd from source, the easiest fix is to update to 4.2.8. If you have trouble building that version, there’s a “4.2.8p1-beta1” version available now from support.ntp.org as well with some fixes.
Jan 12, 2014
If you are using the standard ntpd daemon to serve time to the public internet, it’s important that you make sure it is configured to not reply to “monlist” queries. Many routers and other equipment are included in this.
The configuration recommendations include the appropriate “restrict” lines to disallow any management queries to ntpd. Most Linux distributions will have an updated version by now that just disables the “monlist” queries, that will also solve the primary problem.
The NTP Support wiki has more information.
If you operate a network you can use the Open NTP Project to see if you have vulnerable devices on your network.