Dave Evans offers the following royalty-free article for you to publish online or in print. Feel free to use this article in your newsletter, website, ezine, blog, or forum. ----------- PUBLICATION GUIDELINES - You have permission to publish this article for free providing the "About the Author" box is included in its entirety. - Do not post/reprint this article in any site or publication that contains hate, violence, porn, warez, or supports illegal activity. - Do not use this article in violation of the US CAN-SPAM Act. If sent by email, this article must be delivered to opt-in subscribers only. - If you publish this article in a format that supports linking, please ensure that all URLs and email addresses are active links. - Please send a copy of the publication, or an email indicating the URL to [email protected] - Article Marketer (www.ArticleMarketer.com) has distributed this article on behalf of the author. Article Marketer does not own this article, please respect the author's copyright and publication guidelines. If you do not agree to these terms, please do not use this article. ----------- Article Title: Securing the NTP Protocol Author: Dave Evans Category: Networks, Security, Intra-net Word Count: 532 Keywords: NTP Time Server, NTP Server, Time Server, Time Synchronisation, NTP Clock Author's Email Address: [email protected] Article Source: http://www.articlemarketer.com ------------------ ARTICLE START ------------------
The NTP protocol is a standard communications protocol for the distribution of accurate time around a computer network. NTP stands for Network Time Protocol. It is a UDP over TCP/IP based protocol and is used to synchronise time critical applications on network time clients. This article discusses how to use authentication to secure communications between a network time server and client machines. NTP is widely used to provide precise synchronisation to time critical computer applications and processes. As such, it can pose a potential security risk for many organisations. Criminal or malicious users could potentially attempt to provide false timestamps to networked devices in order to modify the system time of the devices. This could have serious repercussions where transactions need to have a traceable time reference. Authentication is a system designed to overcome communication interception security risks by allowing a client to prove that a response has indeed come from the intended source. The client sends a request to a server, the server responds with the required information along with one of a pre-agreed set of keys. The server encrypts the key to ensure that it cannot be easily decoded. On receipt of a response the client un-encrypts the supplied key and verifies it against its stored set of pre-agreed keys. In this manner, the client can be sure that the response was generated by the expected source. Any malicious messages can then be filtered out. NTP overcomes communication interception security risks by utilising authentication techniques. The NTP client sends a request for time to a server. The server responds to the client with a timestamp packet along with one of a number of agreed encrypted keys. On receipt of the timestamp, the client un-encrypts the key and verifies it against a list of trusted keys. The client can then be sure that the received timestamp was indeed transmitted from the intended NTP time server. MD5 (Message Digest Encryption 5) encryption is used to encrypt keys. MD5 is a 128-bit cryptographic hash function, which outputs a fingerprint of the key. It is a highly secure encryption, widely used on internet forums and by online communities. NTP keys are generally stored in a file called 'ntp.keys'. Each key consists of a key number, an encryption code and the key itself. The key number acts as a reference to the specified key. The encryption code specifies the type of encryption to be utilised, e.g. 'M' for MD5 encryption. The keys are agreed keywords, which are case sensitive and must be identical on both client and server. Each client often utilises a sub-set of 'trusted keys'. These are specified in the NTP configuration file, 'ntp.conf'. Trusted keys specify which subset of keys are currently active and can be used by the server and client. This allows a sub-set of keys to be selected from a potentially large keys file. Trusted keys are selected using the 'trusted-keys' configuration command. To summarise, the NTP protocol utilises authentication techniques to overcome communication interception security risks when a client synchronises with a server. Using this method, a client can be sure that a time stamp has been generated by a trusted source, eliminating the possibility of receiving fake or maliciously generated time messages. David Evans is a technical author in the field on computer network time synchronisation systems. David has written many white papers on NTP and network timing solutions. Please visit our web site for more information on NTP Time Servers: http://www.timetools.co.uk/ ------------------ ARTICLE END ------------------ [Non-text portions of this message have been removed]
