I use Little Snitch on Mac OS X 10.6.8 and noticed a connection that seemed suspicious to me.
The snitch reported ntpd trying to connect to:
"$host 94.23.243.53
53.243.23.94.in-addr.arpa domain name pointer asgard.syari.net."
Why would NTPD try to connect to this host instead of time.apple.com? Is this something to be concerned about or is this an expected event?
Best Answer
NTPd can be configured to get time from any host. Notably many use http://www.pool.ntp.org
That IP is running a ntp server with accurate time; and a http server, the page is mostly invalid HTML with Google Ads. It doesn't look terribly nefarious, so I'd guess that something else is going on here. Check your configuration and see if it's set to use that IP (or a hostname other than time.apple.com).
Update:
Checked pool.ntp.org, and ntp.syari.net (94.23.243.53) is a member. Your computer must be set to use the pool. You should update your configuration to use pool members from the US (use
0.us.pool.ntp.orgfor example).