- Previous message: Paul Ferguson: "Re: NTP Md5 or AutoKey?"
- Maybe in reply to: Glen Kent: "NTP Md5 or AutoKey?"
- Next in thread: Nathan Ward: "Re: NTP Md5 or AutoKey?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Kevin Oberman (no email)
Date: Tue Nov 04 2008 - 01:29:42 EST
> Date: Mon, 3 Nov 2008 22:23:07 -0800
> From: "Paul Ferguson" <>
>
> On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <> wrote:
>
> > Hi,
> >
> > I was wondering what most folks use for NTP security?
> >
> > Do they use the low cost, light weight symmetric key cryptographic
> > protection method using MD5 or do folks go in for full digital
> > signatures and X.509 certificates (AutoKey Security)?
> >
>
> I'm just wondering -- in globak scheme of security issue, is NTP
> security a major issue?
>
> Just curious.
It's probably not a "major issue", but forged NTP data can, in theory,
be used to allow the implementation of replay attacks. I'll admit I have
never heard of a real-world case.
-- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
|
|
|