[time-nuts] When NTP goes wrong...
phk at phk.freebsd.dk
Sun Oct 25 13:06:36 EDT 2015
In message <20151025162731.7a4a7bd7 at aluminium.mobile.teply.info>, Florian Teply
>Of course proper authentication would make this kind of attack more
>difficult, but as far as I can see, I'd estimate the amount of
>authenticated NTP traffic on the internet to be negligible.
That's because the standardized way of doing it doesn't really work.
>> The only real cure is to have your own NTP servers.
>Which then of course must not rely on external sources for their time,
Obviously. There is no free lunch.
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the time-nuts