PCI DSS only requires that all clocks be synchronized; It doesn't /require/ "how". If you have servers getting time from external sources (authenticated always a plus) and peering with each other internally, then you comply with PCI DSS 2.0 (3.0 has no changes to this that I'm aware of). OTOH, I'm surprised nobody has mentioned http://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html -j On Thu, Feb 6, 2014 at 6:53 AM, Notify Me <notify.sina@gmail.com> wrote:
Raspberries! Not common currency here either, but let's see! grateful for all the input and responses, this list is amazing as usual.
On Thu, Feb 6, 2014 at 1:41 PM, Aled Morris <aledm@qix.co.uk> wrote:
On 6 February 2014 12:30, Martin Hotze <m.hotze@hotze.com> wrote:
I'm trying to help a company I work for to pass an audit, and we've been told we need trusted NTP sources (RedHat doesn't cut it). Being located in Nigeria, Africa,
[...]
So build your own stratum 1 server (maybe a second one with DCF77 or whatever you can use for redundancy),
I don't think DCF77 is going to reach Nigeria.
Aled
-- jamie rishaw // .com.arpa@j <- reverse it. ish. "Reality defeats prejudice." - Rep. Barney Frank