On Tue, Dec 16, 2014 at 10:13:43AM +0000, Rob wrote: > In the NTP pool the servers are only put in the DNS when the monitoring > system considers the time returned from that server sufficiently reliable. > But the server can easily separate the queries from the monitoring system > from the queries by the clients they want to mislead, so it is trivial > to keep the servers in the pool while returning wrong time to others.
Agreed. The assumption is that most servers in the pool are not doing that and it's much less likely that a client gets three malicious servers from the pool than someone on the network path to the internet running a tool like this: https://github.com/PentesterES/Delorean/ -- Miroslav Lichvar _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions