ntpd root exploit

E Frank Ball frankb at efball.com
Wed Apr 11 21:58:17 PDT 2001


} On Wed, 11 Apr 2001, Bob Blick wrote:
} > What's ntp?
} 
} NTP network time protocol (RFC  1119, RFC 1305)
} 
} used to synchronize the time and clock on your computers (servers and
} clients) with each other.

There are "stratum 1" servers on the internet which are synchronized to
atomic clocks (either a GPS satellite, a WWV radio clock, or a local
atomic clock).  Agilent's latest atomic clock is accurate to 1 second in
162,000 years.  The stratum 1 servers are reserved for use by ISPs, big
companies, and the like.  There are a number of stratum 2 servers, which
are sychronized to the stratum 1 servers, which we can use.  So my DSL
firewall connects to three stratum 2 servers and automatically picks the
best one.  My internal network then sychronizes to my firewall, which is
a stratum 3 server.  

NTP runs on UDP port 123.  "netstat -l" will show if you have it
running, just look for ntp, xntpd, or udp port 123.

   E Frank Ball                efball at efball.com



More information about the talk mailing list