[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure
- From: gadgeteer@xxxxxxxxxxxxxxxxxxxxxx
- Date: Sun, 22 Aug 2004 09:25:09 -0600
On Fri, Aug 20, 2004 at 10:26:08AM +0400, 3APA3A (3APA3A@xxxxxxxxxxxxxxxx)
wrote:
[...]
> you state:
>
> If there is a host with reliable time on the network (that is host
> synchronized with some hardware source, like radio clocks, cesium
> clocks, GPS clocks, etc) - whole network will be finally, after some
> time, synchronized with this host.
>
> Depending upon the criticality of the time sensitive applications on
> the network, you might want to reconsider the use of "radio clocks"
> and especially "GPS clocks". These time sources are also subject to
> attacks. Any free air broadcast is subject to jamming. This is
> essentially a DoS. Spoofing to provide incorrect time signal is also
> possible with free air broadcast, but less easy to do.
[...]
For a fixed installation detecting if someone is dinking the gps signal
is trivial. The unit starts thinking it is not in Kansas anymore.
--
Chief Gadgeteer
Elegant Innovations
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html