[prev in list] [next in list] [prev in thread] [next in thread]
List: ntp-hackers
Subject: [ntp:hackers] On jevil thermostats and dirty bombs
From: "David L. Mills" <mills () udel ! edu>
Date: 2008-04-12 3:42:56
Message-ID: 48002FC0.3000405 () udel ! edu
[Download RAW message or body]
Guys,
One of my ongoing assessments is my office server synchronized to NIST
via ACTS telephone. When things go well, the poll/calling interval ramps
to 36 h, which is fairly extreme. As I am on sabbitcal, I normally am
out of the office and at home. Well, my monitoring programs noticed a
significant degradation in performance and I thought the hardware might
be on the fritz. When I got to the office I found that somebody,
probably a custodian, had jammed the roomm thermostat to the highest
setting and the room was at the mercy of the hot air available. Fixed
that, fixed the problem. Moral is, take seriously the side benefit of
NTP as evil thermometer watcher.
News ntp-dev.
1. The flake experiments have turned up a number of refinements. The
most revealing experiment was running Autokey in a broadcast client with
three secondary (stratum 2) server synchronized to a GPS primary server.
The broadcast client saw very small jitter, but clockhopped all over the
place, especially with a ten percent packet lost. I revamped the
anticlockhop code, which now avoids hop even with flake turned on.
2. Experiments using a combination of cryptotypes exposed
bait-and-switch vulnerablities should a perp initially synchronize with
symmetric key and then switch to Autokey. Several minor inconsistencies
were found and fixed.
3. The occasional Autokey resets when the AUTO message is lost was
embarassing. That has been fixed and the protocol can happily thrive for
days as these and other rascals are lost.
4. Repeated abuse when multiple Autokey servers and clients are killed
and restarted in evil ways exposed a bizarre deadlock involving a crypto
error message. Fixed.
As you might imagine, I have spent hundreds of hours beating this puppy
to submission. While more devious nasties might yet exist, the puppy
might now be ready for adoption.
Dave
_______________________________________________
hackers mailing list
hackers@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/hackers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic