NTP Md5 or AutoKey?
Steven M. Bellovin
smb at cs.columbia.edu
Tue Nov 4 09:39:41 UTC 2008
On Tue, 04 Nov 2008 01:52:05 -0500
Valdis.Kletnieks at vt.edu wrote:
> On Mon, 03 Nov 2008 22:23:07 PST, Paul Ferguson said:
> > I'm just wondering -- in globak scheme of security issue, is NTP
> > security a major issue?
> The biggest problem is that you pretty much have to spoof a server
> that the client is already configured to be accepting NTP packets
> from. And *then* you have to remember that your packets can only lie
> about the time by a very small number of milliseconds or they get
> tossed out by the NTP packet filter that measures the apparent
> jitter. Remember, the *real* clock is also sending correct updates.
> At *best*, you lie like hell, and get the clock thrown out as an
> "insane" timesource. But at that point, a properly configured clock
> will go on autopilot till a quorum of sane clocks reappears, so you
> don't have much chance of wedging in a huge time slew (unless you
> *really* hit the jackpot, and the client reboots and does an ntpdate
> and you manage to cram in enough false packets to mis-set the clock
> So in most cases, you can only push the clock around by milliseconds
> - and that doesn't buy you very much room for a replay attack or
> similar, because that's under the retransmit timeout for a lost
> packet. It isn't like you can get away with replaying something from
> 5 minutes ago.
> Now, if you wanted to be *dastardly*, you'd figure out where a site's
> Stratum-1 server(s) have their GPS antennas, and you'd read the recent
> research on spoofing GPS signals - at *that* point you'd have a good
> chance of controlling the horizontal and vertical....
http://nob.cs.ucdavis.edu/bishop/papers/1990-acsac/ is old but does
have a good analysis of the problem.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 304 bytes
Desc: not available
More information about the NANOG