[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: Secure-ID & NTP vulerabilities
From: "Thomas V. Myers" <tvmyers () icdc ! delcoelect ! com>
Date: 1995-07-31 20:15:50
[Download RAW message or body]
> At 11:02 AM 7/28/95 +0300, Amos Shapira wrote:
> >In message Quentin Fennessy <Quentin.Fennessy@sematech.org> wrote:
> >|>But what if someone sets up a pirate broadcaster sending time signals?
> >|
> >|Then buy and install a cesium clock, and hope that no one
> >|alters the atomic properties of cesium.
> >
> >Are you aware that NTP provides authentication mechanisms, or am I
> >missing something?
> >
> Yes, you are. In fact, I had the same initial reaction as you and was going
> to mention the Distributed Time Service of OSF DCE which provides a more
> robust and better authenticated time service than NTP.
>
> However, Quentin's point is that there is no way to detect an alteration in
> the time signal upstream of the time provider device. The device reports
> the time it receives by radio and in principle, a local, bogus signal could
> mask the more distant, true signal. Such a scenario seems far fetched
> outside of a combat situation.
>
> Regards,
> Hal
> =================================================================
> Harold W. Lockhart Jr. Locus Computing Corporation
> Chief Technical Architect 8 New England Executive Park
> Email: hal@locus.com Burlington, MA 01803 USA
> Voice: (617)229-4980 X1202 Fax: (617)229-2969
> =================================================================
It would seem especially far fetched in light of the number of amateur radio
(HAM) operators who could pinpoint the location of the 'bogus' transmitter
in a few hours (or less) and would probably enjoy doing it! The FCC could
do the same job, of course! ;-) A transmitter strong enough to completely
mask the real signal would show up like a search light at midnight to any
reasonably competent triangulation team.
In either case, the denial of service should be limited to a few hours.
Also, most of these 'radio clocks' can be switched to different frequencies
if you decide that you're receiving bogus information. A transmission site
spoofing all possible frequencies would be unreasonably large and easy to
find.
IMHO, Tom
--
Tom Myers : tvmyers@icdc.delcoelect.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic