[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Sun Mar 27 21:50:08 UTC 2011

unruh <unruh at wormhole.physics.ubc.ca> wrote:
> On 2011-03-25, jimp at specsol.spam.sux.com <jimp at specsol.spam.sux.com> wrote:
>> Miroslav Lichvar <mlichvar at redhat.com> wrote:
>>> On Thu, Mar 24, 2011 at 05:01:07PM -0700, Chris Albertson wrote:
>>>> Security is so that you know you are not being spoofed.  Or if you are
>>>> providing the time so that you can prove to your users that you are
>>>> who you claim to be and are not spoofing them.
>>>> There is the chance that someone might "impersonate" one of your
>>>> servers or a server you use. and then make a computer's clock be set
>>>> to the wrong time.   Again "who cares" if you only use your computer
>>>> to serf the web and read emails but what if you were a bank processing
>>>> ATM or visa card transactions or worse a computer routing trans or
>>>> airplanes or controlling stop lights.
>>> There is one important thing I haven't seen mentioned here. A MITM
>>> doesn't need to modify the NTP packets to seriously degrade your
>>> timekeeping. He can exploit the PLL instability when undersampled and
>>> by dropping and delaying the packets (up to maxdist, 1.5s by default)
>>> he can fairly quickly throw your clock off and let you drift away.
>>> In addition to the authentication, it's important to monitor
>>> reachability of the peers.
>> One more time, if time is critical to your operation you have several
>> sources to include local GPS and CDMA NTP boxes.
> I do not understand. If you do not want to use the authentication, don't.
> Noone is forcing you to. We really do not care if you have thought
> through your security or not. But at this point it sounds like you are
> on a crusade against having the authentication in ntpd, and that
> is bizarre. If you think it adds nothing, do not use it. Or if it
> offends you to have something in a program you do not use, then rewrite
> ntpd to remove the sections that are offensive to you and use that. 
> And learn once again that you may not completely understand everyone
> else in the world. 

You must really have your panties in a bunch if asking what good is NTP
authentication becomes a "crusade" in your mind.

As far as I can see, given the way NTP works and the number of available
and independant sources, authentication may make you feel good about it,
but has no added value.

Jim Pennino

Remove .spam.sux to reply.

More information about the questions mailing list