nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

'Malicious time source' can poison Network Time Protocol

Think of this as an evil TARDIS dropping servers into a time rift

By Richard Chirgwin, 22 Oct 2015

Get busy, sysadmins, there's a bunch of network time protocol (NTP) bugs to squash.

The bugs were turned up in a code audit by Cisco's Talos business (which can surely feel the coals of hell being heaped upon its head for working in a Back to the Future joke in the bug-branding).

Talos has been working on the code base of the venerable time-synch daemon, the "speaking clock" of the Internet, as Cisco's contribution to the Internet Foundation's Core Infrastructure Initiative.

The BttF reference is in the lead vulnerability, NAK to the Future: NTP symmetric association authentication bypass vulnerability.

An error in NTP's crypto-NAK packet handling means an attacker can force someone's ntpd process to peer with a "malicious time source" and fool around with their system clocks.

The company also turned up:

The NTP Project says users should immediately install ntp-4.2.8p4 to get the fix, and implement BCP 38 ingress and egress filtering. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing