Hi, I'm currently sinking my teeth into NTP, to build a local time server. So far, configuring a local NTP server and getting the clients to connect to it works well. Now, I'm thinking about securing the whole thing. BTW, I made a copy of the original ntp.conf file and started my own from scratch. Right now, I have five printed books opened on the corresponding chapters (Carla Schroder's Linux Cookbook, RHEL 5 Unleashed, Foundations of CentOS, etc.) plus the same amount of online tutorials. Right now I'm having a bit of a hard time grasping the various access control options. Here's a few lines from ntp's default configuration in CentOS : --8<------ /etc/ntp.conf ----------------------------------------------- ... server 0.centos.pool.ntp.org server 1.centos.pool.ntp.org server 2.centos.pool.ntp.org ... restrict 0.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery restrict 1.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery restrict 2.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery ... --8<-------------------------------------------------------------------- This means roughly : "use these three public NTP servers to synchronize, but don't let them mess with your configuration". Now, here's something from NTP's official documentation : You may use either a hostname or IP address on the 'server' line. You *must* use an IP address on the 'restrict' line. Here's the according link to the documentation : http://support.ntp.org/bin/view/Support/AccessRestrictions Which leads me to the assumption that these three 'restrict' lines in the default ntp.conf configuration in CentOS are useless, since they specify hostnames, and not IP addresses. Correct me if I'm wrong. Cheers, Niki