On 12/05/18 19:29, Axel Neumann wrote: > You want WG to secure your network. So the suggestion can not be to open > your network for a pretty insecure deamon in order to get WG working. > This would essentially allow attackers to a fake the ntp server and then > block WG forever.
Someone in a position to fake NTP (which needs bidirectional communication) is already in a position to block WG forever (by simply refusing to forward its packets). Additionally, there are a few very well-designed and secure NTP daemons out there (such as OpenNTPd). -- Aaron Jones
signature.asc
Description: OpenPGP digital signature
_______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
