[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] ntpd problems explanation
Green,
>>Can you please elaborate? I may have
missed an earlier discussion, and a quick Google search isn't providing
too much help. I found the ticket >>below, which is interesting reading,
but I'm not sure what specific peculiarities you're referring to.
One problem I understood which was a mystery was DOS attack which could be explained by ...
The NTP service could allow for multiple sync requests to be made with a
forged source IP address, thus sending the unrequested responses back
to the source, consuming its resources. An attacker could exploit this
vulnerability by sending a specifically crafted packet with a forged
source IP address of the target.
[ https://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 ]
and another was around about a year ago but no tinkering with ntp gave relief (as far as I understood).
Sep 02 03:48:32.146 [Warning] Received NETINFO cell with skewed time
> from server at 128.31.0.34:9101. It seems that our clock is ahead by 9
> hours, 0 minutes, or that theirs is behind. Tor requires an accurate
> clock to work: please check your time and date settings.
The skewing of the ntp time to reveal identity wasn't something I'd heard of so thank you for that ticket link.
https://trac.torproject.org/projects/tor/ticket/8170
Robert
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays