[ntp:hackers] Using authentication

Miroslav Lichvar mlichvar at redhat.com
Fri Nov 6 08:13:09 UTC 2015

On Thu, Nov 05, 2015 at 11:26:01AM -0800, Hal Murray wrote:
> > - use enough NTP servers
> > - monitor your ntpd instances 
> How many is enough?  As far as I can see, adding more servers just makes the 
> window smaller.  You might have an interesting point, but you haven't 
> provided any numbers to show that it's practical to add enough servers to 
> make the window small enough.

Yeah, I'm not sure if increasing the number of servers really helps
here either. If the MITM attacker controls all NTP traffic to the
client, s/he can discard or modify replies from all servers.

Miroslav Lichvar

More information about the hackers mailing list