Prenard wrote: > Dear all, > > Is their a possibility in Windows XP or 2003 to make a secure > connection to one of the public pool time servers? > If a secure connection to my Windows and to the a public server is > possible, what kind of authentication method should i configure on my > 2003 server? Windows can communicate with different security methods: > - Ecryption and integrity > - Integrity only > - Custom: AH and/or ESP (ntegrity with SHA1 or MD5 and Encryption > algorithm with 3DES or DES) > > I want to pay more attention on the security leaks from my server to > the public connection. >
You have a lot of basic misunderstandings on how to secure a server. If you want to deal with w32time you should be asking in a Microsoft news group as noone in this newsgroup can give you much in the way of advice on dealing with w32time. In any case w32time violates the requirements of the sntp protocol and it is certainly not ntp protocol compliant. NTP uses UDP and you cannot realistically encrypt any UDP packets since it is a connectless protocol. You really need TCP for that. It is even worse when you deal with time itself since you need to worry about the time taken to encrypt and decrypt packets, how encryption depends on a good accurate time source, and a whole variety of other issues. The best that NTP can do is authenticate the server sending the NTP packets, but you need the reference implementation of ntp or another protocol compliant implementation for that since w32time cannot do that. Ignoring all of these issues what has this got to do with security leaks from your server? Windows is full of security problems. If you want to secure your server you need to spent time learning how to do it, worry about the services you are running and how secure they are, viruses, worms, spyware, etc. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
