[time-nuts] When NTP goes wrong...

Bob Camp kb8tq at n1k.org
Sat Oct 24 18:11:01 EDT 2015


Hi

…. and that paper references a whole raft of other papers. Until you dig down into each of them
it’s not at all apparent what is being referred to in some sections. In some cases they are going back
to things in the 1990’s. A lot has changed since then. 

Bob



> On Oct 24, 2015, at 3:50 PM, Magnus Danielson <magnus at rubidium.dyndns.org> wrote:
> 
> Bob,
> 
> It was linked from the article. Some 18 pages of reading. Go and read it. I will when I get the time... can somebody skew my time by skew my NTP? Just read the article, it tells you how to pull it off.
> 
> Cheers,
> Magnus
> 
> On 10/24/2015 03:02 PM, Bob Camp wrote:
>> Hi
>> 
>> Without the real paper(s) they are referencing, it’s impossible to evaluate what they
>> are saying. In order to actually address their points, it will have to be done on a paper
>> by paper basis.
>> 
>> Bob
>> 
>>> On Oct 24, 2015, at 6:36 AM, Florian Teply <usenet at teply.info> wrote:
>>> 
>>> Am Wed, 21 Oct 2015 22:54:15 -0700
>>> schrieb Rob Seaman <seaman at noao.edu>:
>>> 
>>>> Mark Sims said:
>>>> 
>>>>> Ars Technica just put up a piece on the effects of various attacks
>>>>> on NTP with a link to the original paper.
>>>>> 
>>>>> http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/
>>>> 
>>>> 
>>>> The Network Time Foundation (through Harlan Stenn’s hard work) has
>>>> already released a patch synchronized with the publication of the
>>>> referenced paper from Boston University:
>>>> 
>>>> 	http://nwtime.org/ntf-releases-ntp-security-patches-ntp-4-2-8p4/
>>>> 
>>>> Many of the comments on the Ars Technica piece are quite naive
>>>> regarding timekeeping issues. This reflects an ongoing need for
>>>> public education that Time-nuts as well as NTF can help supply.
>>>> 
>>> In my opinion, it would be interesting to know if other implementations
>>> are affected as well.
>>> Until now, I've come across the ntp mentioned above, maintained by
>>> the network time foundation.
>>> But there's also openntpd, maintained by the OpenBSD guys, and ntimed
>>> by PHK, which IIRC both claim to address security. Likely there afre
>>> even more out there...
>>> 
>>> But if I read that article on ars technica correctly, it looks like it
>>> is something inherent to the ntp protocol itself and the definitions it
>>> makes.
>>> 
>>> Poul-Henning, would you care to comment on that for ntimed?
>>> 
>>> Best regards,
>>> Florian
>>> _______________________________________________
>>> time-nuts mailing list -- time-nuts at febo.com
>>> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
>>> and follow the instructions there.
>> 
>> _______________________________________________
>> time-nuts mailing list -- time-nuts at febo.com
>> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
>> and follow the instructions there.
>> 
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.



More information about the time-nuts mailing list