IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ntp]

Network Time Protocol, or NTP, is a protocol for synchronizing time across a network.

Network Time Protocol, or NTP, is a protocol for synchronizing time across a network.

Related reading

28 questions
61
votes
9 answers

How important is local time for security?

I recently wanted to see what happens when I change my local time to something obviously wrong. I tried the year 2218, so 200 years in the future. The result: I couldn't access any website anymore (I didn't try too many, though). I got this…
Martin Thoma
  • 3,902
  • 6
  • 30
  • 42
18
votes
3 answers

NTP DDoS Attack on Home Servers

After some half-good script kiddies found out about this exploit or DDoS method, they have been doing it like crazy to websites, game servers, and now my home servers which allows me to work on some of my client's websites and different projects for…
user42740
12
votes
4 answers

Is NTP vulnerable to DNS poisoning or spoofing attacks?

Scenario: Attacker somehow compromises the DNS lookup for the NTP server used by the victim (a web application) Victim sends DNS request for e.g. ntp.pool.org, which is responded to by attacker to direct the victim to another computer under their…
Robin Green
  • 640
  • 6
  • 11
12
votes
4 answers

How to safely synchronize time over Internet?

All modern OS now keep accurate time by regularly synchronizing time over an untrusted network - Internet. Could an attacker conducting a MITM attack, influence or change the time of a computer while it is synchronizing time? If the answer is yes to…
Matrix
  • 3,988
  • 14
  • 25
12
votes
1 answer

What was/is the purpose of the 'MONLIST' command in NTP?

Having looked through multiple RFC documents about NTP without success (of finding an answer), and a ton of blog posts stating how dangerous, evil and useless this command is, but do not explain why it exist or what the real purpose is, I started to…
Gizmo
  • 233
  • 1
  • 2
  • 7
6
votes
2 answers

Is altering time on a server a risk?

What is the risk of altering time in a system via an NTP exploit or any other mean in a network? Could it be a step to a higher severity risk and how exactly can it be exploited?
user228062
  • 79
  • 3
5
votes
1 answer

Is ntpd running purely as a client vulnerable to the recent ntp vulnerabilities?

There's been 3 recent vulnerabilities in the NTP reference implementation. Namely: CVE-2014-9296 CVE-2014-9295 CVE-2014-9294 Is ntpd, or ntpdate, running as a client vulnerable to any of these exploit if the server it's connected to can't be…
Steve Sether
  • 21,480
  • 8
  • 50
  • 76
5
votes
0 answers

How did ntpd get patched to prevent NTP time synchronization attacks?

I recently tested the NTP Time Synchronization Attack as described and demonstrated by Jose Selvi in 2015. Basically, the attack was mostly used to send the victim's clock in the future, so the already cached HTTP Strict Transport Security entry…
programings
  • 751
  • 1
  • 8
  • 14
5
votes
1 answer

Overall Security of Network Time Protocol

I am doing some research in order to get an understanding of the security of the Network Time Protocol. In particular, my goal was/is to understand how the protocol is secured and what the issues are. So far, I understood that there are basically 2…
Mark
  • 159
  • 1
5
votes
3 answers

Industry-accepted time sources

PCI DSS requirement 10.4.3 asks to: Examine systems configurations to verify that the time server(s) accept time updates from specific, industry-accepted external sources (to prevent a malicious individual from changing the clock)... Why are only…
BokerTov
  • 539
  • 4
  • 10
5
votes
1 answer

What's happening on my wifi? NTP and ACK STORM attacks.

I'm wondering if these attacks are something to worry about, or just my router being a router. [DoS attack: ACK Scan] attack packets in last 20 sec from ip [60.221.254.230], Friday, May 06,2016 21:12:13 [DoS attack: ACK Scan] attack packets in last…
Policks
  • 51
  • 1
5
votes
1 answer

Spoofing an NTP server to allow bruteforce on any smartphone

We all know that smartphones (i'll take iPhone as an example) rely on SNTP/NTP servers to update a device's time and date. So, by creating an SNTP server that mimics Apple's server, we can actually change a device's date and time over WIFI in order…
Med Abida
  • 211
  • 1
  • 7
5
votes
2 answers

Can CVE-2015-7704 - ntpd kiss-of-death affect NTP time servers or just clients?

As the ntp.conf file on a linux server can be setup to allow the system to act as both a client to the public servers and a time server source for local systems am I correct in assuming that it (the "server") also needs the updated ntpd package? All…
user53029
  • 2,657
  • 5
  • 24
  • 35
4
votes
2 answers

Time server security error

Today at work, we brought out some PCs that were not used for a long time (were not in use when I joined this company so I have no idea about their history). After booting one of them (Windows XP Professional), I found that the system time is not…
amyassin
  • 475
  • 2
  • 10
4
votes
1 answer

Man in the Middle Attack against NTP

So, lately I've been really into penetration testing and learning the nitty-gritty of tech. I'm dong courses on computer architecture, cryptography, surveillance law, and computer networks. I never realized how much I love this stuff. So, I have an…
Michaelslec
  • 159
  • 3
1
2