nanog mailing list archives

Re: NIST NTP servers

From: George Herbert <george.herbert () gmail com>
Date: Thu, 12 May 2016 21:38:16 -0700

On May 11, 2016, at 6:31 AM, Leo Bicknell <bicknell () ufp org> wrote:
...
You're replacing one single point of failure with another.

Personally, my network gets NTP from 14 stratum 1 sources right now.
You, and the hacker, do not know which ones.  You have to guess at least
8 to get me to move to your "hacked" time.  Good luck.


...except for people who think that N internet only servers is enough redundancy.

Pretty much anything with unfiltered outbound could put out enough forged UDP to effectively jam ALL the Stratum 1 
servers for a given endpoint.


George William Herbert
Sent from my iPhone

Current thread:

Re: NIST NTP servers, (continued)
- - - Re: NIST NTP servers Mel Beckman (May 13)
    - Re: NIST NTP servers Mel Beckman (May 13)
    - Re: NIST NTP servers Lamar Owen (May 14)
    - Re: NIST NTP servers Laszlo Hanyecz (May 13)
    - Re: NIST NTP servers Chuck Anderson (May 13)
    - Re: NIST NTP servers Sharon Goldberg (May 13)
    - RE: NIST NTP servers John Souvestre (May 12)
    - Re: NIST NTP servers Chris Adams (May 12)
    - RE: NIST NTP servers John Souvestre (May 12)
    - RE: NIST NTP servers Chuck Church (May 11)
    - Re: NIST NTP servers George Herbert (May 12)
    - RE: NIST NTP servers Allan Liska (May 11)
    - RE: NIST NTP servers Chuck Church (May 10)
- Re: NIST NTP servers David Hubbard (May 10)
- Re: NIST NTP servers Leo Bicknell (May 10)
  - Re: NIST NTP servers Mike (May 10)
    - Re: NIST NTP servers Laszlo Hanyecz (May 10)
  - Re: NIST NTP servers Harlan Stenn (May 10)
    - Re: NIST NTP servers Jared Mauch (May 10)
    - Re: NIST NTP servers Gary E. Miller (May 10)
    - Re: NIST NTP servers Jared Mauch (May 10)

(Thread continues...)