[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: Secure-ID & NTP vulerabilities
From:       "Thomas V. Myers" <tvmyers () icdc ! delcoelect ! com>
Date:       1995-07-31 20:15:50
[Download RAW message or body]

> At 11:02 AM 7/28/95 +0300, Amos Shapira wrote:
> >In message Quentin Fennessy <Quentin.Fennessy@sematech.org> wrote:
> >|>But what if someone sets up a pirate broadcaster sending time signals?
> >|
> >|Then buy and install a cesium clock, and hope that no one
> >|alters the atomic properties of cesium.
> >
> >Are you aware that NTP provides authentication mechanisms, or am I
> >missing something?
> >
> Yes, you are.  In fact, I had the same initial reaction as you and was going
> to mention the Distributed Time Service of OSF DCE which provides a more
> robust and better authenticated time service than NTP.  
> 
> However, Quentin's point is that there is no way to detect an alteration in
> the time signal upstream of the time provider device.  The device reports
> the time it receives by radio and in principle, a local, bogus signal could
> mask the more distant, true signal.  Such a scenario seems far fetched
> outside of a combat situation.
> 
> Regards,
> Hal
> =================================================================
> Harold W. Lockhart Jr.            Locus Computing Corporation
> Chief Technical Architect         8 New England Executive Park
> Email: hal@locus.com              Burlington, MA 01803 USA
> Voice: (617)229-4980 X1202        Fax: (617)229-2969
> =================================================================

It would seem especially far fetched in light of the number of amateur radio
(HAM) operators who could pinpoint the location of the 'bogus' transmitter
in a few hours (or less) and would probably enjoy doing it!  The FCC could
do the same job, of course! ;-)  A transmitter strong enough to completely
mask the real signal would show up like a search light at midnight to any
reasonably competent triangulation team.

In either case, the denial of service should be limited to a few hours.
Also, most of these 'radio clocks' can be switched to different frequencies
if you decide that you're receiving bogus information.  A transmission site
spoofing all possible frequencies would be unreasonably large and easy to
find.

					IMHO, Tom
--
Tom Myers : tvmyers@icdc.delcoelect.com

[prev in list] [next in list] [prev in thread] [next in thread]