-------- In message <[email protected]>, Florian Teply writes:
>But if I read that article on ars technica correctly, it looks like it >is something inherent to the ntp protocol itself and the definitions it >makes. Correct. The article is basically about how you can change the time on a computer you are attacking by spoofing NTP replies. Apart from a little mitigation, all implementations will be vulnerable to this, because that is what happens when you get your time from an unauthenticated server somewhere on the net. The only real cure is to have your own NTP servers. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [email protected] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ time-nuts mailing list -- [email protected] To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
