[ntp:questions] Secure NTP
Richard B. Gilbert
rgilbert88 at comcast.net
Fri Mar 25 19:55:45 UTC 2011
On 3/25/2011 11:40 AM, jimp at specsol.spam.sux.com wrote:
> Uwe Klein<uwe_klein_habertwedt at t-online.de> wrote:
>> jimp at specsol.spam.sux.com wrote:
>>> If you specify the server by IP address, how does that happen and who
>>> would bother to do it?
>> The $something trading solutions that require exact timematch
>> ( remember the recent rush of ntp users
>> requiring u-second global time match )
>> over a set of widely distributed hosts allow fraud in
>> various ways if you can manipulate the time for some select host.
> One more time, if time is critical to your operation you do NOT have one
> and only one NTP server.
> You have serveral servers with local GPS and CDMA NTP boxes.
> Let's see you spoof the Internet, GPS, and CDMA all at the same time.
Any two would be sufficient!
More information about the questions