[ntp:hackers] Protocol specification modification for MS-SNTP

Dave Hart davehart at gmail.com
Thu Jul 9 06:22:53 UTC 2009

On Tue, Jul 7, 2009 at 9:23 PM, David Mills<mills at udel.edu> wrote:
> What I would worry about is a terrorist tossing zero digest packets with
> randomly chosen key ID at speed. Like a SYN-flood attack, sooner or
> later he will get lucky.

For an ntpd configured with Samba4 on the same host to emulate a
Windows DC, it's true that you can computationally clog the server by
requesting signed replies as fast as possible to a bunch of different
keyids.  You don't even have to be clever to guess the key IDs to
target, as in MS-SNTP the lower 31 bits map directly to the relative
ID or RID, which is the user/group object number within the domain,
assigned sequentially from a well-known starting point like 512.  It
would have been nice if Microsoft required the client to sign the
request as well as expecting a signed response, but even if so  there
would be work verifying the digest doesn't match.

I'm not sure there's any luck to be had, though.  Guessing a keyid
that maps to a machine account is easy, but what do you do with the
signed reply, not knowing the secret used to sign it?

Dave Hart

More information about the hackers mailing list