[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Fri Mar 25 15:42:59 UTC 2011


Miroslav Lichvar <mlichvar at redhat.com> wrote:
> On Thu, Mar 24, 2011 at 05:01:07PM -0700, Chris Albertson wrote:
>> Security is so that you know you are not being spoofed.  Or if you are
>> providing the time so that you can prove to your users that you are
>> who you claim to be and are not spoofing them.
>> 
>> There is the chance that someone might "impersonate" one of your
>> servers or a server you use. and then make a computer's clock be set
>> to the wrong time.   Again "who cares" if you only use your computer
>> to serf the web and read emails but what if you were a bank processing
>> ATM or visa card transactions or worse a computer routing trans or
>> airplanes or controlling stop lights.
> 
> There is one important thing I haven't seen mentioned here. A MITM
> doesn't need to modify the NTP packets to seriously degrade your
> timekeeping. He can exploit the PLL instability when undersampled and
> by dropping and delaying the packets (up to maxdist, 1.5s by default)
> he can fairly quickly throw your clock off and let you drift away.
> 
> In addition to the authentication, it's important to monitor
> reachability of the peers.

One more time, if time is critical to your operation you have several
sources to include local GPS and CDMA NTP boxes.

 

-- 
Jim Pennino

Remove .spam.sux to reply.




More information about the questions mailing list