Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NTp config - for the databases :}

From: Bret Watson <lists () bwa net>
Date: Fri, 13 Mar 1998 16:18:13
I'm sure your right - so we have all our stratum 3's peered to each other
and to one stratum 2 - unless your spoofed source is stable and represents
a gentle shift from the real ref then I think it will still ignore it - of
course if you use a stable spoofed source it will most certainly work. 

But if the asset is worth enough to go to this effort the site really
should have its own clock.


I'm sorry, but you're wrong. 
You are left with only *one* stratum-2 system; the others will drop to
stratum-3 or lower by lack of a stratum-1 reference. These stratum-3
systems peer to each other and use your only stratum-2 left as there
single point of reference. 

Try it. Block all incoming ntp-traffic except the traffic from one of the
external servers. You might be surprised as to how quickly ntp adapts. 



Cheers,

bret

Technical Incursion Countermeasures 
consulting () bwa net                      http://www.ticm.com/
ph: (+61)(08) 9454 2487(UTC+8 hrs)      fax: (+61)(08) 9454 6042

The Insider - a e'zine on Computer security
http://www.ticm.com/about/insider.html
Previous By Date Next
Previous By Thread Next

Current thread: