[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What package contains the time daemon?



On 2015-07-26 07:53:45 -0500, John Hasler wrote:
> Vincent Lefevre writes:
> > Unfortunately none of them is secure, I mean: some attacker won't tend
> > to make the date on your machine incorrect because of lack of
> > authentication.
> 
> http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm
> 
> See section 6.6.2, Authentication

No, this is completely ridiculous: "The keys residing in /etc/ntp.keys
typically are unencrypted and thus should be hidden from public."

I don't see how this can work with public NTP servers!

> Even without it, though, sucessfully spoofing all four of the servers
> you use would be challenging.

I don't see why this would be difficult for someone who controls the
local network (e.g. the wifi hotspot).

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


Reply to: