[time-nuts] When NTP goes wrong...
Poul-Henning Kamp
phk at phk.freebsd.dk
Sun Oct 25 17:06:36 UTC 2015
--------
In message <20151025162731.7a4a7bd7 at aluminium.mobile.teply.info>, Florian Teply
writes:
>Of course proper authentication would make this kind of attack more
>difficult, but as far as I can see, I'd estimate the amount of
>authenticated NTP traffic on the internet to be negligible.
That's because the standardized way of doing it doesn't really work.
>> The only real cure is to have your own NTP servers.
>>
>Which then of course must not rely on external sources for their time,
Obviously. There is no free lunch.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the Time-nuts_lists.febo.com
mailing list