nanog mailing list archives

Re: NIST NTP servers

From: Jared Mauch <jared () puck nether net>
Date: Tue, 10 May 2016 16:18:01 -0400

On May 10, 2016, at 3:58 PM, Gary E. Miller <gem () rellim com> wrote:

I'm sure there are many more examples, but likely you can no longer log
in, via SSH or HTTPS, and your iPhone is dead.  I think any of those
would qualify as more than an annoyance.


An unnamed vendor has code where if the clock on their router is not
set SSH won’t work as the crypto package signature says the
package isn’t valid.

Many of the not-before and not-after certificate systems have some fairly
serious issues.

https://www.cs.bu.edu/~goldbe/pub-index.html#NTP

is one place to start when it comes to on-path and off-path
NTP attacks that can skew clocks.

- jared

Current thread:

Re: NIST NTP servers, (continued)
- - - Re: NIST NTP servers Valdis . Kletnieks (May 10)
    - Re: NIST NTP servers Stephane Bortzmeyer (May 10)
    - Re: NIST NTP servers Josh Reynolds (May 10)
    - Message not available
    - Re: NIST NTP servers Valdis . Kletnieks (May 10)
    - Re: NIST NTP servers Eygene Ryabinkin (May 11)
    - Re: NIST NTP servers Jean-Francois Mezei (May 12)
    - Re: NIST NTP servers Tony Finch (May 13)
    - Re: NIST NTP servers Ryan Harden (May 11)
    - RE: NIST NTP servers Chuck Church (May 10)
    - Re: NIST NTP servers Gary E. Miller (May 10)
    - Re: NIST NTP servers Jared Mauch (May 10)
    - RE: NIST NTP servers Chuck Church (May 10)
    - Re: NIST NTP servers Gary E. Miller (May 10)
    - Re: NIST NTP servers Mel Beckman (May 10)
    - Re: NIST NTP servers Leo Bicknell (May 11)
    - Re: NIST NTP servers Josh Reynolds (May 11)
    - Re: NIST NTP servers Mel Beckman (May 11)
    - Re: NIST NTP servers Jay R. Ashworth (May 11)
    - Re: NIST NTP servers Valdis . Kletnieks (May 11)
    - Re: NIST NTP servers Mel Beckman (May 11)
    - Re: NIST NTP servers Eric Kuhnke (May 11)

(Thread continues...)