Firewalls: Re: Secure-ID & NTP vulerabilities

Firewalls
(July 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Secure-ID & NTP vulerabilities
From:	"Thomas V. Myers" <tvmyers @ icdc . delcoelect . com>
Date:	Mon, 31 Jul 1995 20:15:50 -0400 (CDT)
To:	hal @ locus . com (Hal Lockhart)
Cc:	amoss @ cs . huji . ac . il, firewalls @ greatcircle . com
In-reply-to:	<"darkstar.b.929:31.06.95.02.43.43"@locus.com> from "Hal Lockhart" at Jul 30, 95 10:34:39 pm

> At 11:02 AM 7/28/95 +0300, Amos Shapira wrote:
> >In message Quentin Fennessy <Quentin .
 Fennessy @
 sematech .
 org> wrote:
> >|>But what if someone sets up a pirate broadcaster sending time signals?
> >|
> >|Then buy and install a cesium clock, and hope that no one
> >|alters the atomic properties of cesium.
> >
> >Are you aware that NTP provides authentication mechanisms, or am I
> >missing something?
> >
> Yes, you are.  In fact, I had the same initial reaction as you and was going
> to mention the Distributed Time Service of OSF DCE which provides a more
> robust and better authenticated time service than NTP.  
> 
> However, Quentin's point is that there is no way to detect an alteration in
> the time signal upstream of the time provider device.  The device reports
> the time it receives by radio and in principle, a local, bogus signal could
> mask the more distant, true signal.  Such a scenario seems far fetched
> outside of a combat situation.
> 
> Regards,
> Hal
> =================================================================
> Harold W. Lockhart Jr.            Locus Computing Corporation
> Chief Technical Architect         8 New England Executive Park
> Email: hal @
 locus .
 com              Burlington, MA 01803 USA
> Voice: (617)229-4980 X1202        Fax: (617)229-2969
> =================================================================

It would seem especially far fetched in light of the number of amateur radio
(HAM) operators who could pinpoint the location of the 'bogus' transmitter
in a few hours (or less) and would probably enjoy doing it!  The FCC could
do the same job, of course! ;-)  A transmitter strong enough to completely
mask the real signal would show up like a search light at midnight to any
reasonably competent triangulation team.

In either case, the denial of service should be limited to a few hours.
Also, most of these 'radio clocks' can be switched to different frequencies
if you decide that you're receiving bogus information.  A transmission site
spoofing all possible frequencies would be unreasonably large and easy to
find.

					IMHO, Tom
--
Tom Myers : tvmyers @
 icdc .
 delcoelect .
 com

References:

Re: Secure-ID & NTP vulerabilities
From: hal @ locus . com (Hal Lockhart)

Indexed By Date	Previous:	Re: Using miltilevel systems for firewalls From: mdr @ vodka . sse . att . com
Indexed By Date	Next:	Re: sidewinder challenge From: Craig Anderson <craiga @ Ipsilon . COM>
Indexed By Thread	Previous:	Re: Secure-ID & NTP vulerabilities From: hal @ locus . com (Hal Lockhart)
Indexed By Thread	Next:	proving secure From: Marcus J Ranum <mjr @ iwi . com>