[ntp:questions] Secure NTP

Chris Albertson albertson.chris at gmail.com
Fri Mar 25 01:36:17 UTC 2011


On Thu, Mar 24, 2011 at 4:18 PM,  <jimp at specsol.spam.sux.com> wrote:
> Hal Murray <hal-usenet at ip-64-139-1-69.sjc.megapath.net> wrote:
>> In article <ghps58-1a.ln1 at mail.specsol.com>,
>> jimp at specsol.spam.sux.com writes:
>>
>>>When I see questions like this my first response is "Why all the bother?".
>>>
>>>There is nothing secret or proprietary about the time of day.
>>>
>>>Since all NTP servers provide UTC, the service reveals nothing about the
>>>machine other than the fact that the clock is correct.
>>>
>>>If you don't want your resources utilized by outsiders, you just block
>>>access to the NTP port for everyone but your own clients as a blocked
>>>port uses less resources than denying an unsucessful authorization does.
>>>
>>>Am I missing something??
>>
>> Yes.  The encryption also verifies that you are talking to the
>> server you think you are talking to rather than an imposter.
>
> If you specify the server by IP address, how does that happen and who
> would bother to do it?

The most obvious and easy way is that I cut the wire that goes from
your house to your ISP and place a computer (and modems)  at the cut
point.  It can change any bit in any packet.  I would not bother with
your house but a bank, maybe.

If I could make transactions that were backdated I could make a lot of
money even if only slightly back dated by 10 seconds.

>
> IP hijacking will disrupt a lot more than just NTP.

It can but,  that is up to the hijacker.   A "man in the middle"
attack can filter network packets and change only the bits he wants
changed
>
> If your server and its clients are on a corporate network, which is the
> usual case for having one's own server, how does this happen?

Outsider has taken control of a computer that lives inside your network

In general your arguments follows a common mistake.  It is equivalent
to  "I can't figure it out so therefor it can't happen".   It is never
valid to argue "it's imposable because I can't figure any way to....".
   To claim something is imposable you need something that is very
much like a mathematical proof.


-- 
=====
Chris Albertson
Redondo Beach, California



More information about the questions mailing list