[time-nuts] When NTP goes wrong...

Magnus Danielson magnus at rubidium.dyndns.org
Thu Oct 22 16:09:18 EDT 2015


On 10/22/2015 07:54 AM, Rob Seaman wrote:
> Mark Sims said:
>> Ars Technica just put up a piece on the effects of various attacks on NTP with a link to the original paper.
>> http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/
> The Network Time Foundation (through Harlan Stenn’s hard work) has already released a patch synchronized with the publication of the referenced paper from Boston University:
> 	http://nwtime.org/ntf-releases-ntp-security-patches-ntp-4-2-8p4/
> Many of the comments on the Ars Technica piece are quite naive regarding timekeeping issues. This reflects an ongoing need for public education that Time-nuts as well as NTF can help supply.

Vendors such as Meinberg has released updates too. Patch your systems.

We expected as much. I really wonder what took so long. Ah well.


More information about the time-nuts mailing list