NIST NTP servers

Gary E. Miller gem at rellim.com
Tue May 10 20:24:24 UTC 2016


Yo Chuck!

On Tue, 10 May 2016 16:18:41 -0400
"Chuck Church" <chuckchurch at gmail.com> wrote:

> Ok, annoyance might have been a little light on the severity wording.

Yup.

> Still, modifying all your incoming NTP packets from all your sources
> to actually get your NTP servers to agree on a bad time is tricky.
> That is assuming you've got multiple links, multiple sources from
> multiple organizations (more than 4), they're all authenticated,
> etc.

NTP Authentication (autokey) has been broken, and no one used it anyway.  

If I have a copy of your ntp.conf I can spoof all your chimers.  Not
hard at all.  This is UDP after all.

> Even if a criminal was to do all that damage you listed, it
> still probably doesn't result in obtaining sensitive data or money
> that would be the main motivators for such extreme hacking.

Correct, it would just get me fired due to the extended downtime.

Or maybe my company just decided to pay the ransom to get un-DoS'ed.
I still get fired.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20160510/11eed406/attachment.pgp>


More information about the NANOG mailing list