[ntp:questions] Secure NTP

Richard B. Gilbert rgilbert88 at comcast.net
Fri Mar 25 19:55:45 UTC 2011


On 3/25/2011 11:40 AM, jimp at specsol.spam.sux.com wrote:
> Uwe Klein<uwe_klein_habertwedt at t-online.de>  wrote:
>> jimp at specsol.spam.sux.com wrote:
>>
>>> If you specify the server by IP address, how does that happen and who
>>> would bother to do it?
>>
>> The $something trading solutions that require exact timematch
>> ( remember the recent rush of ntp users
>>    requiring u-second global time match )
>> over a set of widely distributed hosts allow fraud in
>> various ways if you can manipulate the time for some select host.
>
> One more time, if time is critical to your operation you do NOT have one
> and only one NTP server.
>
> You have serveral servers with local GPS and CDMA NTP boxes.
>
> Let's see you spoof the Internet, GPS, and CDMA all at the same time.
>
>

Any two would be sufficient!




More information about the questions mailing list