A security review of three NTP implementations
The Core Infrastructure Initiative commissioned security audits of threenetwork time protocol (NTP) implementations (ntpd, NTPSec, and Chrony) andhas releasedthe results. "From a security standpoint (and here at the CII weare security people), Chrony was the clear winner between these three NTPimplementations. Chrony does not have all of the bells and whistles thatntpd does, and it doesn't implement every single option listed in the NTPspecification, but for the vast majority of users this will not matter. Ifall you need is an NTP client or server (with or without reference clock),which is all that most people need, then its security benefits most likelyoutweigh any missing features."