[time-nuts] Time security musing - attacking the clock itself
Hal Murray
hmurray at megapathdsl.net
Tue Dec 4 23:22:32 UTC 2012
scmcgrath at gmail.com said:
> NTP servers. A way to hack them is to connect to one with a hostile server
> with higher stratum as NTP servers are configured as 'peers' Without the
> md5 you can steer a server with md5 the servers just ignore the attacking
> server
It's more complicated than that.
When I set up a NTP server, I tell it what servers to use. If you just send
my server a packet telling it a bogus time, your packet will get ignored.
If you control the network, you could intercept the packets I send to the
servers I'm using and return forged packets. You still have to get past
various heuristics. For example, ntpd won't step the clock by more than 1000
seconds.
--
These are my opinions. I hate spam.
More information about the time-nuts
mailing list