[This is my final contribution to this topic since real time-nuts using NTP run their own S1 servers driven by their Thunderbolts (et.seq.) and don't need to worry about this]
On Sun, Oct 25, 2015 at 11:27 AM, Florian Teply <use...@teply.info> wrote: > > > > >But if I read that article on ars technica correctly, it looks like > > >it is something inherent to the ntp protocol itself and the > > >definitions it makes. > Only loosely. It might appear that RFC5095 admits certain attacks using the 'debug' interface however the 'source'* document says (referring to the 'nonce' check) "While it seems reasonable to expect this check to be performed on the KoD packet as well, RFC 5905 [41, Sec. 7.4] does not seem to explicitly require this." I believe this is an incorrect interpretation but in any case I think it's clear the RFC is ambiguous and the published "fix" is to explicitly validate the nonce. Other fixes include completely disabling the 'debug' interface. Implicit in this is the need to update the NTPv4 RFC. I advise those concerned to read RFC5095, the BU paper* (don't worry about the 68 references) and check the NTP security notice** to draw your own conclusions about this problem keeping in mind Wojciech's recent comments. *http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf **http://support.ntp.org/bin/view/Main/SecurityNotice _______________________________________________ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
