Vulnerability of NTP

Andre Kesteloot andre.kesteloot at verizon.net
Wed Feb 26 21:28:46 CST 2014 

On 2/26/2014 20:21 PM, Robert Seastrom wrote:
> On Feb 25, 2014, at 11:50 PM, Andre Kesteloot <andre.kesteloot at verizon.net> wrote:
>
>>> http://www.bbc.co.uk/news/technology-26136774
> The article kind of misses the point, that it's not NTP or open servers that's the problem; it's amplification potential

(Dear, or Formerly Dear  -:) Rob,

That's like saying "/I want to leave my doors open at night, the problem 
is with those thieves out there"/.
Of course, yes, sure, the problem is the bad guys, but it is up to me 
and my friends to accept that, nowadays, I have to close and lock my 
doors and my windows (pun intended) at night.

I 'd hate to disagree with you (in public), but the article did /_not 
_/miss the point: the title was clearly "_the vulnerability of NT_P."
Vulnerability is therefore what we are discussing.

And NTP (certainly a most useful thing) has been overwhelmed by a simple 
DOS (denial of service attack) and therefore, the NTP network itself/ 
--with all its advantages-- must be protected.
NTP, as you well know, is used by most computers connected to the Web 
today, just like Visa Cards are used by most human beings in the US.

You would probably agree that attacks, against poorly-protected Visa 
Card databases, are the problems of the databases managers, not the 
problem of hackers trying to gain access to them.
_http://business.time.com/2014/02/11/targets-hacking-fix-is-second-rate-says-consumer-reports/__
_
If my computer uses NTP,  --and it does--  should it not be protected by 
"those in charge " (whoever they may be).

Considering the usefulness, as well as the vulnerabilities of  NTP, 
wouldn't it be a good idea if "Cyber Command" (or whoever else in 
Go'ment), whatever else they may be doing, were to get involved, 
considering the downside potential of doing nothing ?

73
André





---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://amrad.org/pipermail/tacos/attachments/20140226/c8686410/attachment.html>

More information about the Tacos mailing list