[ntp:questions] pool.ntp.org and authentication

Miroslav Lichvar mlichvar at redhat.com
Tue Dec 16 13:06:36 UTC 2014


On Tue, Dec 16, 2014 at 10:13:43AM +0000, Rob wrote:
> In the NTP pool the servers are only put in the DNS when the monitoring
> system considers the time returned from that server sufficiently reliable.
> But the server can easily separate the queries from the monitoring system
> from the queries by the clients they want to mislead, so it is trivial
> to keep the servers in the pool while returning wrong time to others.

Agreed. The assumption is that most servers in the pool are not doing
that and it's much less likely that a client gets three malicious
servers from the pool than someone on the network path to the internet
running a tool like this:

https://github.com/PentesterES/Delorean/

-- 
Miroslav Lichvar


More information about the questions mailing list