NIST NTP servers

George Herbert george.herbert at gmail.com
Fri May 13 04:38:16 UTC 2016



> On May 11, 2016, at 6:31 AM, Leo Bicknell <bicknell at ufp.org> wrote:
> ...
> You're replacing one single point of failure with another.
> 
> Personally, my network gets NTP from 14 stratum 1 sources right now.
> You, and the hacker, do not know which ones.  You have to guess at least
> 8 to get me to move to your "hacked" time.  Good luck.

...except for people who think that N internet only servers is enough redundancy.

Pretty much anything with unfiltered outbound could put out enough forged UDP to effectively jam ALL the Stratum 1 servers for a given endpoint.


George William Herbert
Sent from my iPhone


More information about the NANOG mailing list