NTP stands for Network Time Protocol, which is a protocoal built into many operating systems and which allows accurate clock synchronization even over a WAN. Often pre-configured by default and otherwise ignored, in recent years various flaws and vulnerabilities have been used in DDOS attacks and newer, more interesting theoretical attacks are being described in the popular press.
Topics to be covered include a short history of time keeping, basics on the NTP protocol itself, and the NTP server pool project, as well as a look at current vulnerabilities in NTP and current version and configuration recommendations.
For hobbyists or the very small enterprise there will be a demonstration of a Stratum 1 time server using a Raspberry Pi/GPS combination that can be built for considerably less than a commercial, rack based unit.
- Default configurations of NTP can be improved.
- Default configurations of NTP may allow DDOS attacks.
- Problems with NTP can impact Confidentiality, Availability and Integrity.
About Shaun Kelly
When most kids were playing with Apple II microcomputers, Shaun Kelly was building computer terminals and dialing into the state educational system’s CDC Cyber series time share system, so she may be one of the few people who doesn’t think “cybersecurity” sounds odd. Her career has run the gamut from programming to system and database administration. She is presently working to protect data in databases and applications using a variety of encryption tools and technologies. Securing NTP at Secure 360, 2016. Securing NTP at SEC.MN, 2016 You can’t outrun the automated, self-replicating bear, (Using language and humor to build a security culture) at the Security Culture Conference, 2016. An earlier, somewhat ad-hoc presentation on this topic at a recent DC612 meeting.