[ntp:questions] Re: server's address in ntp payload?

Danny Mayer mayer at ntp.isc.org
Sun Nov 27 01:57:03 UTC 2005


David Schwartz wrote:
> 
>     Anyone who thinks you can use IP addresses to protect against MIM 
> attacks doesn't understand what a MIM attack is. The MIM can certainly spoof 
> each end's IP address to the other machine.
> 
>     DS

You need to understand it's usage within the autokey protocol to
understand that there's a lot more that goes into it than just the IP
addresses. IP addresses are easy to spoof, but the usage within autokey
is not. You are confusing the addresses for their usage within the protocol.

Danny




More information about the questions mailing list