In message <20151024123614.7bbfe...@aluminium.mobile.teply.info>, Florian Teply
writes:
>But if I read that article on ars technica correctly, it looks like it
>is something inherent to the ntp protocol itself and the definitions it
>makes.
Correct.
The article is basically about how
Neil Schroeder writes:
> I would like to respond in a generic and sweeping way - having not read in
> the detail Bob layed out for us required to fully analyze the situation -
> to the notion that circuit level access or prior topological knowledge is
> required to exploit this or any other
In message
Hi
Well here’s one of their points in “Attacking The Network Time Protocol":
They start off in the paper proposing the a KoD packet can be easily
used to disconnect NTP from it’s upstream time sources. Thus forging
KoD’s would appear to be the first step in their proposed attack.
Can you
Am Sun, 25 Oct 2015 13:34:43 +
schrieb Wojciech Owczarek :
> I think this is a classic case of confusing application security with
> network security. The whole idea relies on spoofing packets. A
> spoofing scenario is only realistic in a lab setting. Or in case of a
Am Sun, 25 Oct 2015 07:14:24 +
schrieb "Poul-Henning Kamp" :
>
> In message <20151024123614.7bbfe...@aluminium.mobile.teply.info>,
> Florian Teply writes:
>
> >But if I read that article on ars technica correctly, it looks like
> >it is something inherent to the
[This is my final contribution to this topic since real time-nuts using NTP
run their own S1 servers driven by their Thunderbolts (et.seq.) and don't
need to worry about this]
On Sun, Oct 25, 2015 at 11:27 AM, Florian Teply wrote:
> >
> > >But if I read that article on ars
In message <20151025162731.7a4a7...@aluminium.mobile.teply.info>, Florian Teply
writes:
>Of course proper authentication would make this kind of attack more
>difficult, but as far as I can see, I'd estimate the amount of
>authenticated NTP traffic on the internet to be negligible.
I would like to respond in a generic and sweeping way - having not read in
the detail Bob layed out for us required to fully analyze the situation -
to the notion that circuit level access or prior topological knowledge is
required to exploit this or any other spoofing attack. On a corporation or
I think this is a classic case of confusing application security with
network security. The whole idea relies on spoofing packets. A spoofing
scenario is only realistic in a lab setting. Or in case of a physical
takeover of a circuit, which - well, then you have more important things to
worry
On Sat, Oct 24, 2015 at 6:36 AM, Florian Teply wrote:
> Am Wed, 21 Oct 2015 22:54:15 -0700
> schrieb Rob Seaman :
>
> > The Network Time Foundation (through Harlan Stenn’s hard work) has
> > already released a patch synchronized with the publication of the
> >
Hi
Without the real paper(s) they are referencing, it’s impossible to evaluate
what they
are saying. In order to actually address their points, it will have to be done
on a paper
by paper basis.
Bob
> On Oct 24, 2015, at 6:36 AM, Florian Teply wrote:
>
> Am Wed, 21 Oct
Bob,
It was linked from the article. Some 18 pages of reading. Go and read
it. I will when I get the time... can somebody skew my time by skew my
NTP? Just read the article, it tells you how to pull it off.
Cheers,
Magnus
On 10/24/2015 03:02 PM, Bob Camp wrote:
Hi
Without the real
Hi
…. and that paper references a whole raft of other papers. Until you dig down
into each of them
it’s not at all apparent what is being referred to in some sections. In some
cases they are going back
to things in the 1990’s. A lot has changed since then.
Bob
> On Oct 24, 2015, at 3:50
Am Wed, 21 Oct 2015 22:54:15 -0700
schrieb Rob Seaman :
> Mark Sims said:
>
> > Ars Technica just put up a piece on the effects of various attacks
> > on NTP with a link to the original paper.
> >
> >
Mark Sims said:
> Ars Technica just put up a piece on the effects of various attacks on NTP
> with a link to the original paper.
>
> http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/
The Network Time Foundation (through Harlan
Hi,
On 10/22/2015 07:54 AM, Rob Seaman wrote:
Mark Sims said:
Ars Technica just put up a piece on the effects of various attacks on NTP with
a link to the original paper.
http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/
The
One interesting thing in the paper was that they scanned the entire IPv4
internet address space and found around 13 million NTP servers. Around 3
million of them were serving up the incorrect time.
___
18 matches
Mail list logo