Re: What package contains the time daemon?

To: debian-user@lists.debian.org
Subject: Re: What package contains the time daemon?
From: John Hasler <jhasler@newsguy.com>
Date: Sun, 26 Jul 2015 10:06:05 -0500
Message-id: <[🔎] 87oaizhsbm.fsf@thumper.dhh.gt.org>
Reply-to: jhasler@newsguy.com (John Hasler)
In-reply-to: <[🔎] 20150726130733.GA21667@zira.vinc17.org> (Vincent Lefevre's message of "Sun, 26 Jul 2015 15:07:33 +0200")
References: <[🔎] 20150725185228.GA14831@debian.abilitiessoft.org> <[🔎] 55B3DC90.5070804@torfree.net> <[🔎] nycvar.QRO.7.75.3.1507251907200.6744@arjgebyy.ybpnyqbznva> <[🔎] 55B41A31.6020406@thargoid.co.uk> <[🔎] nycvar.QRO.7.75.3.1507251956040.1569@arjgebyy.ybpnyqbznva> <[🔎] 55B4286C.20207@fastmail.fm> <[🔎] 55B42A71.7080802@debian.org> <[🔎] 20150726120922.GA16716@zira.vinc17.org> <[🔎] 871tfvjd0m.fsf@thumper.dhh.gt.org> <[🔎] 20150726130733.GA21667@zira.vinc17.org>

I wrote:
> http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm
> 
> See section 6.6.2, Authentication

Vincent Lefevre writes:
> I don't see how this can work with public NTP servers!

If you need authentication you need to use trusted servers.

http://www.nist.gov/pml/div688/grp40/auth-ntp.cfm
http://www.nist.gov/pml/div688/grp40/upload/-Instructions-for-using-the-NIST-authenticated-Network-Time-Protocol-NTP-server.pdf
http://support.ntp.org/bin/view/Servers/WebHome

Look through the list for servers that say that they support
authentication and follow instructions.

> Even without it, though, sucessfully spoofing all four of the servers
> you use would be challenging.

> I don't see why this would be difficult for someone who controls the
> local network (e.g. the wifi hotspot).

If your laptop needs precise time and you are a target for such attacks
take the time daemon offline when use such unreliable connections.

The attacker would not be able to change your clock very fast, though.
Unless your laptop needs millisecond accuracy for some reason it's hard
to see what such an attack would accomplish.
-- 
John Hasler 
jhasler@newsguy.com
Elmwood, WI USA

Reply to:

Follow-Ups:
- Re: What package contains the time daemon?
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- What package contains the time daemon?
  - From: "John J. Boyer" <john.boyer@abilitiessoft.org>
- Re: What package contains the time daemon?
  - From: Gary Dale <garydale@torfree.net>
- Re: What package contains the time daemon?
  - From: Bob Bernstein <poobah@ruptured-duck.com>
- Re: What package contains the time daemon?
  - From: Iain M Conochie <iain@thargoid.co.uk>
- Re: What package contains the time daemon?
  - From: Bob Bernstein <poobah@ruptured-duck.com>
- Re: What package contains the time daemon?
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: What package contains the time daemon?
  - From: Michael Biebl <biebl@debian.org>
- Re: What package contains the time daemon?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: What package contains the time daemon?
  - From: John Hasler <jhasler@newsguy.com>
- Re: What package contains the time daemon?
  - From: Vincent Lefevre <vincent@vinc17.net>

Prev by Date: Re: What package contains the time daemon?
Next by Date: Re: What package contains the time daemon? (approx vs ntp)
Previous by thread: Re: What package contains the time daemon?
Next by thread: Re: What package contains the time daemon?
Index(es):
- Date
- Thread