[ntp:questions] Secure NTP
albertson.chris at gmail.com
Fri Mar 25 00:01:07 UTC 2011
On Thu, Mar 24, 2011 at 2:26 PM, <jimp at specsol.spam.sux.com> wrote:
> When I see questions like this my first response is "Why all the bother?".
> There is nothing secret or proprietary about the time of day.
Security is so that you know you are not being spoofed. Or if you are
providing the time so that you can prove to your users that you are
who you claim to be and are not spoofing them.
There is the chance that someone might "impersonate" one of your
servers or a server you use. and then make a computer's clock be set
to the wrong time. Again "who cares" if you only use your computer
to serf the web and read emails but what if you were a bank processing
ATM or visa card transactions or worse a computer routing trans or
airplanes or controlling stop lights.
If I were smart enough to remotely control a computer's time, then I
could maybe make stock trades with an effective trade date of four
hours ago. I could make a fortune.
Redondo Beach, California
More information about the questions