[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Sun Mar 27 21:50:08 UTC 2011


unruh <unruh at wormhole.physics.ubc.ca> wrote:
> On 2011-03-25, jimp at specsol.spam.sux.com <jimp at specsol.spam.sux.com> wrote:
>> Miroslav Lichvar <mlichvar at redhat.com> wrote:
>>> On Thu, Mar 24, 2011 at 05:01:07PM -0700, Chris Albertson wrote:
>>>> Security is so that you know you are not being spoofed.  Or if you are
>>>> providing the time so that you can prove to your users that you are
>>>> who you claim to be and are not spoofing them.
>>>> 
>>>> There is the chance that someone might "impersonate" one of your
>>>> servers or a server you use. and then make a computer's clock be set
>>>> to the wrong time.   Again "who cares" if you only use your computer
>>>> to serf the web and read emails but what if you were a bank processing
>>>> ATM or visa card transactions or worse a computer routing trans or
>>>> airplanes or controlling stop lights.
>>> 
>>> There is one important thing I haven't seen mentioned here. A MITM
>>> doesn't need to modify the NTP packets to seriously degrade your
>>> timekeeping. He can exploit the PLL instability when undersampled and
>>> by dropping and delaying the packets (up to maxdist, 1.5s by default)
>>> he can fairly quickly throw your clock off and let you drift away.
>>> 
>>> In addition to the authentication, it's important to monitor
>>> reachability of the peers.
>>
>> One more time, if time is critical to your operation you have several
>> sources to include local GPS and CDMA NTP boxes.
> 
> I do not understand. If you do not want to use the authentication, don't.
> Noone is forcing you to. We really do not care if you have thought
> through your security or not. But at this point it sounds like you are
> on a crusade against having the authentication in ntpd, and that
> is bizarre. If you think it adds nothing, do not use it. Or if it
> offends you to have something in a program you do not use, then rewrite
> ntpd to remove the sections that are offensive to you and use that. 
> And learn once again that you may not completely understand everyone
> else in the world. 

You must really have your panties in a bunch if asking what good is NTP
authentication becomes a "crusade" in your mind.

As far as I can see, given the way NTP works and the number of available
and independant sources, authentication may make you feel good about it,
but has no added value.
 

-- 
Jim Pennino

Remove .spam.sux to reply.




More information about the questions mailing list