On 2014 Dec 20 (Sat) at 12:42:52 +0100 (+0100), Hanno B??ck wrote: :On Fri, 19 Dec 2014 18:22:47 -0700 :Theo de Raadt <dera...@cvs.openbsd.org> wrote: : :> openntpd is not vulnerable. : :Depends on which vulnerability you mean. : :It is probably vulnerable to this one: :http://zero-entropy.de/autokey_analysis.pdf :(tl;dr ntp authentication is not secure) :
OpenNTPd does not do auth at all. :And it is probably vulnerable to this: :https://github.com/PentesterES/Delorean :(tl;dr Man-in-the-Middle) : OpenNTPd embeds random cookies into several fields of the ntp packet, the server is required to copy them back into the reply, and the client checks them upon receiving it. Not as vulnerable as you think. :ntp is not secure. openntpd is a more secure implementation of a :protocol that is not secure by design. : :-- :Hanno B??ck :http://hboeck.de/ : :mail/jabber: ha...@hboeck.de :GPG: BBB51E42 -- If a President doesn't do it to his wife, he'll do it to his country.
