[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntp-hackers
Subject:    [ntp:hackers] On jevil thermostats and dirty bombs
From:       "David L. Mills" <mills () udel ! edu>
Date:       2008-04-12 3:42:56
Message-ID: 48002FC0.3000405 () udel ! edu
[Download RAW message or body]

Guys,

One of my ongoing assessments is my office server synchronized to NIST 
via ACTS telephone. When things go well, the poll/calling interval ramps 
to 36 h, which is fairly extreme. As I am on sabbitcal, I normally am 
out of the office and at home. Well, my monitoring programs noticed a 
significant degradation in performance and I thought the hardware might 
be on the fritz. When I got to the office I found that somebody, 
probably a custodian, had jammed the roomm thermostat to the highest 
setting and the room was at the mercy of the hot air available. Fixed 
that, fixed the problem. Moral is, take seriously the side benefit of 
NTP as evil thermometer watcher.

News ntp-dev.

1. The flake experiments have turned up a number of refinements. The 
most revealing experiment was running Autokey in a broadcast client with 
three secondary (stratum 2) server synchronized to a GPS primary server. 
The broadcast client saw very small jitter, but clockhopped all over the 
place, especially with a ten percent packet lost. I revamped the 
anticlockhop code, which now avoids hop even with flake turned on.

2. Experiments using a combination of cryptotypes exposed 
bait-and-switch vulnerablities should a perp initially synchronize with 
symmetric key and then switch to Autokey. Several minor inconsistencies 
were found and fixed.

3. The occasional Autokey resets when the AUTO message is lost was 
embarassing. That has been fixed and the protocol can happily thrive for 
days as these and other rascals are lost.

4. Repeated abuse when multiple Autokey servers and clients are killed 
and restarted in evil ways exposed a bizarre deadlock involving a crypto 
error message. Fixed.

As you might imagine, I have spent hundreds of hours beating this puppy 
to submission. While more devious nasties might yet exist, the puppy 
might now be ready for adoption.

Dave
_______________________________________________
hackers mailing list
hackers@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/hackers
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic