[ntp:security] [Bug 3012] Sybil vulnerability: ephemeral association attack

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Mon May 2 14:50:38 UTC 2016


Miroslav Lichvar <mlichvar at redhat.com> changed:

           What    |Removed                     |Added
                 CC|                            |mlichvar at redhat.com

--- Comment #4 from Miroslav Lichvar <mlichvar at redhat.com> 2016-05-02 14:50:38 UTC ---
As a possible fix for configurations that don't need any ephemeral
associations, I'd propose to modify the nopeer option to apply to both
authenticated and unauthenticated packets. The auth option, which is enabled by
default, already requires authenticated packets for mobilizing ephemeral
associations, so nopeer would be orthogonal to that and could be used on the
"default" restrict line. I think that's what most users expect from ntpd, not
accept time from any sources unless they are specified in ntp.conf.

Alternatively, a new restrict option (e.g. noauthpeer) could be added to not
allow ephemeral associations mobilized specifically by authenticated packets.
If it was used together with the nopeer option, ephemeral associations would be
disabled completely and this would be useful for the default restrict line. 

I can prepare a patch if there is any interest.

Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list