Re: NIST NTP servers

["Gary E. Miller" <gem () rellim com>]

Yo Chuck!

On Tue, 10 May 2016 16:18:41 -0400
"Chuck Church" <chuckchurch () gmail com> wrote:

> Ok, annoyance might have been a little light on the severity wording.

Yup.

> Still, modifying all your incoming NTP packets from all your sources
> to actually get your NTP servers to agree on a bad time is tricky.
> That is assuming you've got multiple links, multiple sources from
> multiple organizations (more than 4), they're all authenticated,
> etc.

NTP Authentication (autokey) has been broken, and no one used it anyway.  

If I have a copy of your ntp.conf I can spoof all your chimers.  Not
hard at all.  This is UDP after all.

> Even if a criminal was to do all that damage you listed, it
> still probably doesn't result in obtaining sensitive data or money
> that would be the main motivators for such extreme hacking.

Correct, it would just get me fired due to the extended downtime.

Or maybe my company just decided to pay the ransom to get un-DoS'ed.
I still get fired.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
        gem () rellim com  Tel:+1 541 382 8588

Attachment: _bin
Description: OpenPGP digital signature