Potentially serious security flaw in fundamental Internet SW

markem · 12-20-2014, 10:27 AM

If you have a computer

the odds are really good that you have a clock that uses the NTP (network time protocol). While the problem is about the part of the server that is on the time server, the security flaw can be used to create all sorts of security havoc.

Here is a pointer to the article.

http://support.ntp.org/bin/view/Main/SecurityNotice

For those is Internet facing servers, make sure that you either upgrade as soon as possible or ensure that NTP is disabled. This may create some issues for those who only get their network time from a single source.

Use this Google string if you want to find out more: ntp security issues

8zeros · 12-20-2014, 07:36 PM

It may take a while for firmware devices like routers to get an update. Do you think NTP should be disabled on these boxes until then?

markem · 12-20-2014, 08:19 PM

Quote:

Originally Posted by 8zeros

It may take a while for firmware devices like routers to get an update. Do you think NTP should be disabled on these boxes until then?

The flaw is mostly a serious issues for servers running 'ntpd'. I would encourage people to contact their router vendor. I have no opinion on whether or not NTP should be silenced. Lots of bad things can happen if you lose clock synchronization. Very bad things.

The Poet · 12-20-2014, 08:42 PM

I'm pretty sure I have a computer, but I have no idea what any of this means.

icehog3 · 12-20-2014, 10:52 PM

Quote:

Originally Posted by The Poet

I'm pretty sure I have a computer, but I have no idea what any of this means.

Unplug your clock radio and you should be fine.

The Poet · 12-21-2014, 06:39 AM

Quote:

Originally Posted by icehog3

Unplug your clock radio and you should be fine.

Thanks, man. That I can do.

Porch Dweller · 12-21-2014, 07:21 AM

Quote:

Originally Posted by icehog3

Unplug your clock radio and you should be fine.

I stopped the pendulum on my Grandfather clock just to be on the safe side.

markem · 12-21-2014, 09:49 AM

Quote:

Originally Posted by Porch Dweller

I stopped the pendulum on my Grandfather clock just to be on the safe side.

wrong, wrong, wrong! You need to readjust it so that it only swings to the right.

icehog3 · 12-21-2014, 10:49 AM

It don't mean a thing, if it don't have that swing, do da da do da

The Poet · 12-21-2014, 10:53 AM

Quote:

Originally Posted by markem

wrong, wrong, wrong! You need to readjust it so that it only swings to the right.

Or just switch to tighty-whities, so it doesn't swing at all.

12-21-2014, 11:24 AM

Quote:

Originally Posted by Porch Dweller

I stopped the pendulum on my Grandfather clock just to be on the safe side.

Yeah, but Grandmother clock will be pissed at you for disabling his pendulum!

Subvet642 · 12-21-2014, 01:55 PM

Ogre · 12-21-2014, 02:11 PM

12-20-2014, 10:27 AM	#1
markem Bunion Join Date: Oct 2008 First Name: Mark Location: Second Star on the Right Posts: 22,622 Trading: (47)	Potentially serious security flaw in fundamental Internet SW If you have a computer the odds are really good that you have a clock that uses the NTP (network time protocol). While the problem is about the part of the server that is on the time server, the security flaw can be used to create all sorts of security havoc. Here is a pointer to the article. http://support.ntp.org/bin/view/Main/SecurityNotice For those is Internet facing servers, make sure that you either upgrade as soon as possible or ensure that NTP is disabled. This may create some issues for those who only get their network time from a single source. Use this Google string if you want to find out more: ntp security issues __________________ I refuse to belong to any organization that would have me as a member. ~ Groucho Marx

12-20-2014, 07:36 PM	#2
8zeros What's this button do? Join Date: Dec 2013 First Name: Roger Location: Far from everything Posts: 268 Trading: (0)	Re: Potentially serious security flaw in fundamental Internet SW It may take a while for firmware devices like routers to get an update. Do you think NTP should be disabled on these boxes until then? __________________

12-20-2014, 08:42 PM	#4
The Poet Il megglior fabbro Join Date: Jun 2009 First Name: Thomas Location: Hickory, NC Posts: 8,420 Trading: (2)	Re: Potentially serious security flaw in fundamental Internet SW I'm pretty sure I have a computer, but I have no idea what any of this means. __________________ Ninety percent of everything is crap - Theodore Sturgeon.

12-21-2014, 10:49 AM	#9
icehog3 Admiral Douchebag Join Date: Oct 2008 First Name: Tom Location: Clermont, Kentucky Posts: 71,305 Trading: (60)	Re: Potentially serious security flaw in fundamental Internet SW It don't mean a thing, if it don't have that swing, do da da do da __________________ Thanks Dave, Julian, James, Kelly, Peter, Gerry, Dave, Mo, Frank, Týr and Mr. Mark!

12-21-2014, 01:55 PM	#12
Subvet642 Bilge Rat Join Date: Nov 2009 First Name: Darren Location: Torpedo Room Bilge Posts: 2,997 Trading: (13)	Re: Potentially serious security flaw in fundamental Internet SW __________________ *"Man's mind is his basic tool of survival. Life is given to him, survival is not." -John Galt*

12-21-2014, 02:11 PM	#13
Ogre **CENSORED** Join Date: Apr 2010 First Name: Larry Location: Central Florida Posts: 12,068 Trading: (46)	Re: Potentially serious security flaw in fundamental Internet SW __________________