DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st October 2015
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,167
Default New attacks on Network Time Protocol can defeat HTTPS and create chaos

From http://arstechnica.com/security/2015...-create-chaos/

Quote:
Serious weaknesses in the Internet's time-synchronization mechanism can be exploited to cause debilitating outages, snoop on encrypted communications, or tamper with Bitcoin transactions, computer scientists warned Wednesday.

The vulnerabilities reside in the Network Time Protocol, the widely used specification computers use to ensure their internal clocks are accurate. Surprisingly, connections between computers and NTP servers are rarely encrypted, making it possible for hackers to perform man-in-the-middle attacks that reset clocks to times that are months or even years in the past. In a paper published Wednesday titled Attacking the Network Time Protocol, the researchers described several techniques to bypass measures designed to prevent such drastic time shifts. The paper also described ways to prevent large numbers of computers from successfully connecting to synchronization servers.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 21st October 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

http://www.undeadly.org/cgi?action=a...20150210103656

This is a feature that was included with OpenBSD 5.7. Provisioning is described in the CONSTRAINTS section of the ntpd.conf(5) man page.
Reply With Quote
  #3   (View Single Post)  
Old 28th December 2015
Monti Monti is offline
Port Guard
 
Join Date: Apr 2015
Location: In'Da House
Posts: 10
Default

Thanks a lot @jggimi

Last edited by Monti; 1st January 2016 at 02:09 AM.
Reply With Quote
  #4   (View Single Post)  
Old 28th December 2015
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin Tournoij
Tcpdump Spy
 
Join Date: Apr 2008
Location: Ireland
Posts: 2,245
Default

Reply With Quote
Reply

Tags
ntp

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DoS attacks that took down big game sites abused Web’s time-sync protocol J65nko News 0 9th January 2014 07:34 PM
snownews to support https daemonfowl OpenBSD Packages and Ports 9 26th October 2013 06:13 PM
US and UK spy agencies defeat privacy and security on the internet J65nko News 3 9th September 2013 04:08 PM
Chaos feared after Unix time-zone database is nuked comet--berkeley News 2 16th October 2011 10:50 PM
https ports on PF mug23 OpenBSD Security 5 4th March 2011 10:11 PM


All times are GMT. The time now is 09:24 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick