Re: [time-nuts] When NTP goes wrong...

In message <20151024123614.7bbfe...@aluminium.mobile.teply.info>, Florian Teply writes: >But if I read that article on ars technica correctly, it looks like it >is something inherent to the ntp protocol itself and the definitions it >makes. Correct. The article is basically about how

Re: [time-nuts] When NTP goes wrong...

Neil Schroeder writes: > I would like to respond in a generic and sweeping way - having not read in > the detail Bob layed out for us required to fully analyze the situation - > to the notion that circuit level access or prior topological knowledge is > required to exploit this or any other

Re: [time-nuts] When NTP goes wrong...

In message

Re: [time-nuts] When NTP goes wrong...

Hi Well here’s one of their points in “Attacking The Network Time Protocol": They start off in the paper proposing the a KoD packet can be easily used to disconnect NTP from it’s upstream time sources. Thus forging KoD’s would appear to be the first step in their proposed attack. Can you

Re: [time-nuts] When NTP goes wrong...

Am Sun, 25 Oct 2015 13:34:43 + schrieb Wojciech Owczarek : > I think this is a classic case of confusing application security with > network security. The whole idea relies on spoofing packets. A > spoofing scenario is only realistic in a lab setting. Or in case of a

Re: [time-nuts] When NTP goes wrong...

Am Sun, 25 Oct 2015 07:14:24 + schrieb "Poul-Henning Kamp" : > > In message <20151024123614.7bbfe...@aluminium.mobile.teply.info>, > Florian Teply writes: > > >But if I read that article on ars technica correctly, it looks like > >it is something inherent to the

Re: [time-nuts] When NTP goes wrong...

[This is my final contribution to this topic since real time-nuts using NTP run their own S1 servers driven by their Thunderbolts (et.seq.) and don't need to worry about this] On Sun, Oct 25, 2015 at 11:27 AM, Florian Teply wrote: > > > > >But if I read that article on ars

Re: [time-nuts] When NTP goes wrong...

In message <20151025162731.7a4a7...@aluminium.mobile.teply.info>, Florian Teply writes: >Of course proper authentication would make this kind of attack more >difficult, but as far as I can see, I'd estimate the amount of >authenticated NTP traffic on the internet to be negligible.

Re: [time-nuts] When NTP goes wrong...

I would like to respond in a generic and sweeping way - having not read in the detail Bob layed out for us required to fully analyze the situation - to the notion that circuit level access or prior topological knowledge is required to exploit this or any other spoofing attack. On a corporation or

Re: [time-nuts] When NTP goes wrong...

I think this is a classic case of confusing application security with network security. The whole idea relies on spoofing packets. A spoofing scenario is only realistic in a lab setting. Or in case of a physical takeover of a circuit, which - well, then you have more important things to worry

Re: [time-nuts] When NTP goes wrong...

On Sat, Oct 24, 2015 at 6:36 AM, Florian Teply wrote: > Am Wed, 21 Oct 2015 22:54:15 -0700 > schrieb Rob Seaman : > > > The Network Time Foundation (through Harlan Stenn’s hard work) has > > already released a patch synchronized with the publication of the > >

Re: [time-nuts] When NTP goes wrong...

Hi Without the real paper(s) they are referencing, it’s impossible to evaluate what they are saying. In order to actually address their points, it will have to be done on a paper by paper basis. Bob > On Oct 24, 2015, at 6:36 AM, Florian Teply wrote: > > Am Wed, 21 Oct

Re: [time-nuts] When NTP goes wrong...

Bob, It was linked from the article. Some 18 pages of reading. Go and read it. I will when I get the time... can somebody skew my time by skew my NTP? Just read the article, it tells you how to pull it off. Cheers, Magnus On 10/24/2015 03:02 PM, Bob Camp wrote: Hi Without the real

Re: [time-nuts] When NTP goes wrong...

Hi …. and that paper references a whole raft of other papers. Until you dig down into each of them it’s not at all apparent what is being referred to in some sections. In some cases they are going back to things in the 1990’s. A lot has changed since then. Bob > On Oct 24, 2015, at 3:50

Re: [time-nuts] When NTP goes wrong...

Am Wed, 21 Oct 2015 22:54:15 -0700 schrieb Rob Seaman : > Mark Sims said: > > > Ars Technica just put up a piece on the effects of various attacks > > on NTP with a link to the original paper. > > > >

Re: [time-nuts] When NTP goes wrong...

Mark Sims said: > Ars Technica just put up a piece on the effects of various attacks on NTP > with a link to the original paper. > > http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/ The Network Time Foundation (through Harlan

Re: [time-nuts] When NTP goes wrong...

Hi, On 10/22/2015 07:54 AM, Rob Seaman wrote: Mark Sims said: Ars Technica just put up a piece on the effects of various attacks on NTP with a link to the original paper. http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/ The

[time-nuts] When NTP goes wrong...

One interesting thing in the paper was that they scanned the entire IPv4 internet address space and found around 13 million NTP servers. Around 3 million of them were serving up the incorrect time. ___