[time-nuts] Time security musing - attacking the clock itself
Hal Murray
hmurray at megapathdsl.net
Tue Dec 4 02:53:26 UTC 2012
albertson.chris at gmail.com said:
> Is NTP not secure. I know it can be secured but I think in practice people
> disable passwords.
The default in most distributions and most servers is no crypto. So it's not
that anybody disables authentication but doesn't go through all the work to
enable it.
NIST has an experimental program to use crypto.
http://www.nist.gov/pml/div688/grp40/auth-ntp.cfm
--
These are my opinions. I hate spam.
More information about the time-nuts
mailing list