ntpd root exploit
E Frank Ball
frankb at efball.com
Wed Apr 11 21:58:17 PDT 2001
} On Wed, 11 Apr 2001, Bob Blick wrote:
} > What's ntp?
} NTP network time protocol (RFC 1119, RFC 1305)
} used to synchronize the time and clock on your computers (servers and
} clients) with each other.
There are "stratum 1" servers on the internet which are synchronized to
atomic clocks (either a GPS satellite, a WWV radio clock, or a local
atomic clock). Agilent's latest atomic clock is accurate to 1 second in
162,000 years. The stratum 1 servers are reserved for use by ISPs, big
companies, and the like. There are a number of stratum 2 servers, which
are sychronized to the stratum 1 servers, which we can use. So my DSL
firewall connects to three stratum 2 servers and automatically picks the
best one. My internal network then sychronizes to my firewall, which is
a stratum 3 server.
NTP runs on UDP port 123. "netstat -l" will show if you have it
running, just look for ntp, xntpd, or udp port 123.
E Frank Ball efball at efball.com
More information about the talk