Does anybody really care (about time)?
This Chicago song came to mind for today’s blog post about NTP.
I was walking down the street one day. ok, I’ll stop. I was reviewing my firewall logs and I noticed systems going to external services for NTP.
It is best practice (and company policy) for all systems to be using the same time source. It is very difficult to match up logs from different systems when they may have different times.
It turns out there were two problems at play. The first is default configurations. People setting up specific equipment didn’t update NTP or assumed because it was set on one system it would replicate to other appliances part of that “group”. The other thing that happened was an issue with the internal NTP server caused the Unix admin to point his servers elsewhere for time.
Your internal NTP server needs to be rock solid.
Another item that still needs to be addressed here, is secondary NTP. People are going to the same primary NTP server and then using whatever was default on the device as the backup NTP. Yeah, not such a good idea.