[ntp:questions] Secure NTP

Uwe Klein uwe_klein_habertwedt at t-online.de
Mon Mar 28 16:51:07 UTC 2011


jimp at specsol.spam.sux.com wrote:
> At that point they start slowly changing the time to something else.
> 
> Meanwhile, inside the building where NTP was set up by someone with a clue
if you go by the questions placed here on occasion that assumption is not a given ;-)

> that bothered to read the documentation, the target client computers notice
> that the GPS source is different than all the other sources and decide the
> GPS source has failed and ignore the GPS data.
> 
> Drat that NTP voting alogorithm.

engineering is a management of negatives ( positives is for weenies )

If I had that clocker job (not likely)
I would disable all but one source and spoof the remaining in advance.
my guess is that even most high profile setups won't complain
about being reduced to a single source for time.

Manipulating trading systems probably is high risk, high gain so "some" expenditure
would be acceptable.

The thing that saves us here is the same that saves us from hideously effective
terrorist bombs. Criminal and ideological baddies tend to lack real engineering talent.

But I wouldn't bet on that in all cases.

uwe




More information about the questions mailing list