Hello bugtraq, I published whitepaper called "Security aspects of time synchronization infrastructure". It describes some observations on very common security flaws in time synchronization infrastructure design, including (but not limited to) MS Windows Active Directory.
http://www.security.nnov.ru/advisories/timesync.asp Any comments are very appreciated. -- /3APA3A _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
