nanog mailing list archives
Re: NIST NTP servers
From: Sharon Goldberg <goldbe () cs bu edu>
Date: Wed, 11 May 2016 15:15:37 -0400
Well, if you really want to learn about the NTP servers a target is using you can always just sent them a regular NTP timing query (mode 3) and just read off the IP address in the reference ID field of the response (mode 4). Reference ID reveals the target that the client is sync'd to. If you do this over and over as the client changes the servers it sync's to, you learn all the servers. Or if you are really keen you can use our "kiss-of-death" attack to learn all the servers a client is willing to take time from. See sections V.B-V.C of our paper. https://eprint.iacr.org/2015/1020.pdf Sharon On Wed, May 11, 2016 at 3:07 PM, Florian Weimer <fw () deneb enyo de> wrote:
* Chris Adams:First, out of the box, if you use the public pool servers (default config), you'll typically get 4 random (more or less) servers from the pool. There are a bunch, so Joe Random Hacker isn't going to have a high chance of guessing the servers your system is using.A determined attacker will just run servers in the official pool.
-- Sharon Goldberg Computer Science, Boston University http://www.cs.bu.edu/~goldbe
Current thread:
- Re: NIST NTP servers, (continued)
- Re: NIST NTP servers Mel Beckman (May 11)
- Re: NIST NTP servers Baldur Norddahl (May 11)
- Re: NIST NTP servers Lamar Owen (May 11)
- Re: NIST NTP servers Mel Beckman (May 11)
- Re: NIST NTP servers Scott Whyte (May 11)
- Re: NIST NTP servers Lamar Owen (May 11)
- Re: NIST NTP servers Florian Weimer (May 11)
- Re: NIST NTP servers Valdis . Kletnieks (May 11)
- Re: NIST NTP servers Eric Kuhnke (May 11)
- Re: NIST NTP servers Valdis . Kletnieks (May 11)
- Re: NIST NTP servers Sharon Goldberg (May 11)
- Re: NIST NTP servers Sharon Goldberg (May 11)
- Re: NIST NTP servers Harlan Stenn (May 11)
- Re: NIST NTP servers Harlan Stenn (May 11)
- Re: NIST NTP servers Andreas Ott (May 11)
- Re: NIST NTP servers Mel Beckman (May 11)
- Re: NIST NTP servers Jay R. Ashworth (May 11)
- Re: NIST NTP servers Majdi S. Abbas (May 11)
- Re: NIST NTP servers Jared Mauch (May 12)
- Re: NIST NTP servers Mike (May 12)