[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Fri Mar 25 15:40:53 UTC 2011


Uwe Klein <uwe_klein_habertwedt at t-online.de> wrote:
> jimp at specsol.spam.sux.com wrote:
> 
>> If you specify the server by IP address, how does that happen and who
>> would bother to do it?
> 
> The $something trading solutions that require exact timematch
> ( remember the recent rush of ntp users
>   requiring u-second global time match )
> over a set of widely distributed hosts allow fraud in
> various ways if you can manipulate the time for some select host.

One more time, if time is critical to your operation you do NOT have one
and only one NTP server.

You have serveral servers with local GPS and CDMA NTP boxes.

Let's see you spoof the Internet, GPS, and CDMA all at the same time.


-- 
Jim Pennino

Remove .spam.sux to reply.




More information about the questions mailing list