[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Fri Mar 25 15:42:59 UTC 2011

Miroslav Lichvar <mlichvar at redhat.com> wrote:
> On Thu, Mar 24, 2011 at 05:01:07PM -0700, Chris Albertson wrote:
>> Security is so that you know you are not being spoofed.  Or if you are
>> providing the time so that you can prove to your users that you are
>> who you claim to be and are not spoofing them.
>> There is the chance that someone might "impersonate" one of your
>> servers or a server you use. and then make a computer's clock be set
>> to the wrong time.   Again "who cares" if you only use your computer
>> to serf the web and read emails but what if you were a bank processing
>> ATM or visa card transactions or worse a computer routing trans or
>> airplanes or controlling stop lights.
> There is one important thing I haven't seen mentioned here. A MITM
> doesn't need to modify the NTP packets to seriously degrade your
> timekeeping. He can exploit the PLL instability when undersampled and
> by dropping and delaying the packets (up to maxdist, 1.5s by default)
> he can fairly quickly throw your clock off and let you drift away.
> In addition to the authentication, it's important to monitor
> reachability of the peers.

One more time, if time is critical to your operation you have several
sources to include local GPS and CDMA NTP boxes.


Jim Pennino

Remove .spam.sux to reply.

More information about the questions mailing list