SUPPORT THE WORK

GetWiki

Network Time Protocol

ARTICLE SUBJECTS
aesthetics  →
being  →
complexity  →
database  →
enterprise  →
ethics  →
fiction  →
history  →
internet  →
knowledge  →
language  →
licensing  →
linux  →
logic  →
method  →
news  →
perception  →
philosophy  →
policy  →
purpose  →
religion  →
science  →
sociology  →
software  →
truth  →
unix  →
wiki  →
ARTICLE TYPES
essay  →
feed  →
help  →
system  →
wiki  →
ARTICLE ORIGINS
critical  →
discussion  →
forked  →
imported  →
original  →
Network Time Protocol
[ temporary import ]
please note:
- the content below is remote from Wikipedia
- it has been imported raw for GetWiki
{{Distinguish|Daytime Protocol|Time Protocol}}{{short description|Standard protocol for synchronizing time across devices}}{{IPstack}}The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware.NTP is intended to synchronize all participating computers to within a few milliseconds of Coordinated Universal Time (UTC).{{rp|3}} It uses the intersection algorithm, a modified version of Marzullo's algorithm, to select accurate time servers and is designed to mitigate the effects of variable network latency. NTP can usually maintain time to within tens of milliseconds over the public Internet, and can achieve better than one millisecond accuracy in local area networks under ideal conditions. Asymmetric routes and network congestion can cause errors of 100 ms or more.WEB,weblink Executive Summary: Computer Network Time Synchronization, 2011-11-21, WEB,weblink NTP FAQ, The NTP Project, 2011-08-27, The protocol is usually described in terms of a client-server model, but can as easily be used in peer-to-peer relationships where both peers consider the other to be a potential time source.{{Rp|20}} Implementations send and receive timestamps using the User Datagram Protocol (UDP) on port number 123.WEB,weblink Port Numbers, The Internet Assigned Numbers Authority (IANA), Page 16 They can also use broadcasting or multicasting, where clients passively listen to time updates after an initial round-trip calibrating exchange. NTP supplies a warning of any impending leap second adjustment, but no information about local time zones or daylight saving time is transmitted.The current protocol is version 4 (NTPv4), which is a proposed standard as documented in {{IETF RFC|5905}}. It is backward compatible with version 3, specified in {{IETF RFC|1305}}.

History

File:DL Mills-2.jpg|thumb|upright|NTP was designed by David L. MillsDavid L. Mills{{Update after|2020|01|01|reason=Add another year, check for any new RFC}}{{Graphical timeline! Reference identifier (refid)WEB,weblink 'ntpq -p' output, NLUG.ML1.co.uk, !! Clock Source
Request for Comments>RFC evolution for NTP|align=right|plot-colour=#bbeebb|from=1980|to=2020|scale-increment=5|width=18|height=350|height-unit=px|bar1-text=RFC 958
|bar1-from=1985 | bar1-to=1988 | bar1-left=0.10 | bar1-right=0.50|bar2-text=RFC 1059
|bar2-from=1988 | bar2-to=1989 | bar2-left=0.10 | bar2-right=0.50|bar3-text=RFC 1119
|bar3-from=1989 | bar3-to=1992 | bar3-left=0.10 | bar3-right=0.50|bar4-text=RFC 1305
|bar4-from=1992 | bar4-to=2010 | bar4-left=0.10 | bar4-right=0.50|bar5-text=RFC 5905
|bar5-from=2010 | bar5-to=2016 | bar5-left=0.10 | bar5-right=0.50|bar6-text=RFC 7822
|bar6-from=2016 | bar6-to=2019 | bar6-left=0.10 | bar6-right=0.50|bar7-text =RFC 1361
|bar7-from=1992 | bar7-to=1995 | bar7-left=0.60 |bar7-right=0.95|bar8-text =RFC 1769
|bar8-from=1995 | bar8-to=1996 | bar8-left=0.60 |bar8-right=0.95|bar9-text =RFC 2030
|bar9-from=1996 | bar9-to=2006 | bar9-left=0.60 |bar9-right=0.95|bar10-text=RFC 4330
|bar10-from=2006 | bar10-to=2019 | bar10-left=0.60 |bar10-right=0.95
note1-at=1981 | note1-colour=green note2-at=1992 | note2-colour=blue}}In 1979, network time synchronization technology was used in what was possibly the first public demonstration of Internet services running over a trans-Atlantic satellite network, at the National Computer Conference in New York. The technology was later described in the 1981 Internet Engineering Note (IEN) 173{{citation |url=http://www.cis.ohio-state.edu/htbin/ien/ien173.html |archive-url=https://web.archive.org/web/19961230073104weblink |archive-date=1996-12-30 |title=Time Synchronization in DCNET Hosts |author=D.L. Mills |date=25 February 1981}} and a public protocol was developed from it that was documented in {{IETF RFC|778}}. The technology was first deployed in a local area network as part of the Hello routing protocol and implemented in the Fuzzball router, an experimental operating system used in network prototyping, where it ran for many years.Other related network tools were available both then and now. They include the Daytime and Time protocols for recording the time of events, as well as the ICMP Timestamp and IP Timestamp option ({{IETF RFC|781}}). More complete synchronization systems, although lacking NTP's data analysis and clock disciplining algorithms, include the Unix daemon timed, which uses an election algorithm to appoint a server for all the clients;{{citation |url=http://www.skrenta.com/rt/man/timed.8.html |title=TIMED(8) |work=UNIX System Manager's Manual |access-date=2017-09-12}} and the Digital Time Synchronization Service (DTSS), which uses a hierarchy of servers similar to the NTP stratum model.In 1985, NTP version 0 (NTPv0) was implemented in both Fuzzball and Unix, and the NTP packet header and round-trip delay and offset calculations, which have persisted into NTPv4, were documented in {{IETF RFC|958}}. Despite the relatively slow computers and networks available at the time, accuracy of better than 100 milliseconds was usually obtained on Atlantic spanning links, with accuracy of tens of milliseconds on Ethernet networks.In 1988, a much more complete specification of the NTPv1 protocol, with associated algorithms, was published in {{IETF RFC|1059}}. It drew on the experimental results and clock filter algorithm documented in {{IETF RFC|956}} and was the first version to describe the client-server and peer-to-peer modes. In 1991, the NTPv1 architecture, protocol and algorithms were brought to the attention of a wider engineering community with the publication of an article by David L. Mills in the IEEE Transactions on Communications.JOURNAL, Intern Time Synchronization: The Network Time Protocol, IEEE Transactions on Communications, October 1991, 39, 1482–1493, 10,weblink David L. Mills, 10.1109/26.103043, In 1989, {{IETF RFC|1119}} was published defining NTPv2 by means of a state machine, with pseudocode to describe its operation. It introduced a management protocol and cryptographic authentication scheme which have both survived into NTPv4. {{citation needed span|text=The design of NTPv2 was criticized for lacking formal correctness principles by the DTSS community. Their alternative design included Marzullo's algorithm, a modified version of which was promptly added to NTP.|date=November 2017}} The bulk of the algorithms from this era have also largely survived into NTPv4.In 1992, {{IETF RFC|1305}} defined NTPv3. The RFC included an analysis of all sources of error, from the reference clock down to the final client, which enabled the calculation of a metric that helps choose the best server where several candidates appear to disagree. Broadcast mode was introduced.In subsequent years, as new features were added and algorithm improvements were made, it became apparent that a new protocol version was required.BOOK, David L. Mills, Computer Network Time Synchronization: The Network Time Protocol on Earth and in Space, Second Edition,weblink 15 November 2010, CRC Press, 978-1-4398-1464-2, 377, In 2010, {{IETF RFC|5905}} was published containing a proposed specification for NTPv4. The protocol has significantly moved on since then, and as of 2014, an updated RFC has yet to be published.{{citation| url=https://www.eecis.udel.edu/~mills/ntp.html| title=Network Time Synchronization Research Project| accessdate=24 December 2014 |section=Future Plans}} Following the retirement of Mills from the University of Delaware, the reference implementation is currently maintained as an open source project led by Harlan Stenn.WEB,weblink NTP Needs Money: Is A Foundation The Answer?, InformationWeek, March 23, 2015, April 4, 2015, WEB,weblink NTP's Fate Hinges On 'Father Time', InformationWeek, March 11, 2015, April 4, 2015,

Clock strata

File:Usno-amc.jpg|thumb|left|The U.S. Naval Observatory Alternate Master Clock at Schriever AFB (Colorado) is a stratum 0 source for NTP]](File:Network Time Protocol servers and clients.svg|thumb|Yellow arrows indicate a direct connection; red arrows indicate a network connection.)NTP uses a hierarchical, semi-layered system of time sources. Each level of this hierarchy is termed a stratum and is assigned a number starting with zero for the reference clock at the top. A server synchronized to a stratum n server runs at stratum n + 1. The number represents the distance from the reference clock and is used to prevent cyclical dependencies in the hierarchy. Stratum is not always an indication of quality or reliability; it is common to find stratum 3 time sources that are higher quality than other stratum 2 time sources.Telecommunication systems use a different definition for clock strata. A brief description of strata 0, 1, 2 and 3 is provided below.
Stratum 0
These are high-precision timekeeping devices such as atomic clocks, GPS or other radio clocks. They generate a very accurate pulse per second signal that triggers an interrupt and timestamp on a connected computer. Stratum 0 devices are also known as reference clocks.
Stratum 1
These are computers whose system time is synchronized to within a few microseconds of their attached stratum 0 devices. Stratum 1 servers may peer with other stratum 1 servers for sanity check and backup.WEB,weblink Network Time Protocol: Best Practices White Paper, 15 October 2013, They are also referred to as primary time servers.
Stratum 2
These are computers that are synchronized over a network to stratum 1 servers. Often a stratum 2 computer queries several stratum 1 servers. Stratum 2 computers may also peer with other stratum 2 computers to provide more stable and robust time for all devices in the peer group.
Stratum 3
These are computers that are synchronized to stratum 2 servers. They employ the same algorithms for peering and data sampling as stratum 2, and can themselves act as servers for stratum 4 computers, and so on.
The upper limit for stratum is 15; stratum 16 is used to indicate that a device is unsynchronized. The NTP algorithms on each computer interact to construct a Bellman-Ford shortest-path spanning tree, to minimize the accumulated round-trip delay to the stratum 1 servers for all the clients.{{rp|20}}In addition to stratum, the protocol is able to identify the synchronization source for each server in terms of reference identifier (refid).{| class="wikitable sortable"|+ Common time reference identifiers (refid) codes
| Geosynchronous Orbit Environment Satellite
| Global Positioning System
Galileo (satellite navigation)>Galileo Positioning System
| Generic pulse-per-second
| Inter-Range Instrumentation Group
| LF Radio WWVB Fort Collins, Colorado 60 kHz
DCF 77>LF Radio DCF77 Mainflingen, DE 77.5 kHz
HBG (time signal)>HBG Prangins, HB 75 kHz (ceased operation)
Time from NPL (MSF)>MSF Anthorn, UK 60 kHz
| LF Radio JJY Fukushima, JP 40 kHz, Saga, JP 60 kHz
| MF Radio Loran-C station, 100
TDF time signal>MF Radio Allouis, FR 162 kHz
CHU (radio station)>CHU Ottawa, Ontario
WWV (radio station)>WWV Fort Collins, Colorado
| HF Radio WWVH Kauai, Hawaii
National Institute of Standards and Technology>NIST telephone modem
| NIST telephone modem
| USNO telephone modem
| German PTB time standard telephone modem
| Multi Reference Sources
| Inter Face Association Changed (IP address changed or lost)
| Step time change, the offset is less than the panic threshold (1000 s) but greater than the step threshold (125 ms)

Timestamps

The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving a time scale that rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32 seconds (233 picoseconds). NTP uses an epoch of January 1, 1900. Therefore, the first rollover occurs on February 7, 2036.WEB,weblink David L. Mills, The NTP Era and Era Numbering, 12 May 2012, 24 September 2016, BOOK, W. Richard Stevens, Bill Fenner, Andrew M. Rudoff, UNIX Network Programming,weblink 2004, Addison-Wesley Professional, 978-0-13-141155-5, 582–, NTPv4 introduces a 128-bit date format: 64 bits for the second and 64 bits for the fractional-second. The most-significant 32-bits of this format is the Era Number which resolves rollover ambiguity in most cases.WEB, How NTP Represents the Time (Computer Network Time Synchronization),weblink 2018-07-20, WEB, A look at the Year 2036/2038 problems and time proofness in various systems,weblink 2018-07-20, According to Mills, "The 64-bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64-bit second value is enough to provide unambiguous time representation until the universe goes dim."University of Delaware Digital Systems Seminar presentation by David Mills, 2006-04-262−64 seconds is about 54 zeptoseconds (light would travel 16.26 picometers, or approximately 0.31 × Bohr radius), and 264 seconds is about 585 billion years.

Clock synchronization algorithm

(File:NTP-Algorithm.svg|thumb|Round-trip delay time δ)A typical NTP client regularly polls one or more NTP servers. The client must compute its time offset and round-trip delay. Time offset θ, the difference in absolute time between the two clocks, is defined by
theta = {(t_1 - t_0) + (t_2 - t_3 ) over 2},
and the round-trip delay δ by
delta = {(t_3 - t_0 ) - ( t_2- t_1 )},
where
t0 is the client's timestamp of the request packet transmission, t1 is the server's timestamp of the request packet reception, t2 is the server's timestamp of the response packet transmission and t3 is the client's timestamp of the response packet reception.{{rp|19}}
The values for θ and δ are passed through filters and subjected to statistical analysis. Outliers are discarded and an estimate of time offset is derived from the best three remaining candidates. The clock frequency is then adjusted to reduce the offset gradually, creating a feedback loop.BOOK, David L. Mills, Computer Network Time Synchronization: The Network Time Protocol,weblink 12 December 2010, Taylor & Francis, 978-0-8493-5805-0, 12–, {{rp|20}}Accurate synchronization is achieved when both the incoming and outgoing routes between the client and the server have symmetrical nominal delay. If the routes do not have a common nominal delay, a systematic bias exists of half the difference between the forward and backward travel times.CONFERENCE, Gotoh, T., Imamura, K., Kaneko, A., Improvement of NTP time offset under the asymmetric network with double packets method, Conference on Precision Electromagnetic Measurements, 448–449, 2002, 10.1109/CPEM.2002.1034915, 0-7803-7242-5,

Software implementations

(File:Ntpq -p query.png|thumb|The NTP management protocol utility ntpq being used to query the state of a stratum 2 server.)

Reference implementation

The NTP reference implementation, along with the protocol, has been continuously developed for over 20 years. Backwards compatibility has been maintained as new features have been added. It contains several sensitive algorithms, especially to discipline the clock, that can misbehave when synchronized to servers that use different algorithms. The software has been ported to almost every computing platform, including personal computers. It runs as a daemon called ntpd under Unix or as a service under Windows. Reference clocks are supported and their offsets are filtered and analysed in the same way as remote servers, although they are usually polled more frequently.{{rp|15–19}} This implementation was audited in 2017, finding numerous potential security issues.WEB,weblink Pentest-Report NTP 01.2017, Cure53, 2017, 2019-07-03,

SNTP

Simple Network Time Protocol (SNTP) is a less complex implementation of NTP, using the same protocol but without requiring the storage of state over extended periods of time.WEB,weblink Network Time Protocol Version 4: Protocol and Algorithms Specification, June 2010, 54, Primary servers and clients complying with a subset of NTP, called the Simple Network Time Protocol (SNTPv4) [...], do not need to implement the mitigation algorithms [...] The fully developed NTPv4 implementation is intended for [...] servers with multiple upstream servers and multiple downstream servers [...] Other than these considerations, NTP and SNTP servers and clients are completely interoperable and can be intermixed [...], 2012-08-26, It is used in some embedded systems and in applications where full NTP capability is not required.IETF, 4330, Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI,

Windows Time

All Microsoft Windows versions since Windows 2000 include the Windows Time service (W32Time),WEB,weblink Windows Time Service Technical Reference, technet.microsoft.com, 2011-08-17, 2011-09-19, which has the ability to synchronize the computer clock to an NTP server.W32Time was originally implemented for the purpose of the Kerberos version 5 authentication protocol, which required time to be within 5 minutes of the correct value to prevent replay attacks. The version in Windows 2000 and Windows XP only implements SNTP, and violates several aspects of the NTP version 3 standard.WEB,weblink Windows Time Service page at NTP.org, Support.NTP.org, 2008-02-25, 2017-05-01, Beginning with Windows Server 2003 and Windows Vista, a compliant implementation of NTP is included.WEB,weblink How the Windows Time Service Works, technet.microsoft.com, 2010-03-12, 2011-09-19, Microsoft states that W32Time cannot reliably maintain time synchronization with one second accuracy.WEB,weblink Support boundary to configure the Windows Time service for high accuracy environments, 2011-10-19, Microsoft, If higher accuracy is desired, Microsoft recommends using a newer version of Windows or different NTP implementation.WEB,weblink High Accuracy W32time Requirements, 2007-10-23, Ned Pyle, Microsoft, 2012-08-26, Windows 10 and Windows Server 2016 support 1 ms time accuracy under certain operating conditions.WEB,weblink technet.microsoft.com, Windows Server 2016 Accurate Time,

OpenNTPD

In 2004, Henning Brauer presented OpenNTPD, an NTP implementation with a focus on security and encompassing a privilege separated design. Whilst it is aimed more closely at the simpler generic needs of OpenBSD users, it also includes some protocol security improvements whilst still being compatible with existing NTP servers. It was originally designed for OpenBSD but has a portable version available and that has been made available as a package in Linux package repositories.

Ntimed

A new NTP client, ntimed, was started by Poul-Henning Kamp in 2014.WEB, Poul-Henning, Kamp, 20140926 – Playing with time again,weblink PHK's Bikeshed, 4 June 2015, The new implementation is sponsored by the Linux Foundation as a replacement for the reference implementation, as it was determined to be easier to write a new implementation from scratch than to fix the existing issues with the large existing code base. As of June 2015, no official release was done yet, but ntimed can synchronize clocks reliably.WEB, Poul-Henning, Kamp, Network time synchronization software, NTPD replacement.,weblink ntimed git repository README file, Github, 4 June 2015, ntimed works under Debian and FreeBSD, but remains to be ported to Windows and macOS.WEB, Poul-Henning, Kamp, 20150111 – What happened next?,weblink PHK's Bikeshed, 4 June 2015, 2015-01-11,

NTPsec

NTPsec is a fork of the reference implementation that has been systematically security-hardened. The fork point was in June 2015 and was in response to a rash of compromises in 2014; the first production release shipped in October 2017.WEB,weblink The Secure Network Time Protocol (NTPsec) Distribution, 2019-01-12, Between removal of unsafe features, removal of support for obsolete hardware, and removal of support for obsolete Unix variants, NTPsec has been able to pare away 75% of the original codebase, making the remainder more auditable.BOOK, Allan, Liska, NTP Security: A Quick-Start Guide,weblink December 10, 2016, Apress, 978-1-4842-2412-0, 80–, A 2017 audit of the code showed eight security issues, including two that were not present in the original reference implementation, but NTPsec did not suffer from eight other issues that remained in the reference implementation.WEB,weblink Pentest-Report NTPsec 01.2017, Cure53, 2017, 2019-07-03,

Chrony

File:Chronyc.jpg|thumb|chronyc, user license and command line help. Terminal window under Ubuntu 16.04.]]Chrony comes by default in Red Hat distributionsWEB
,weblink
, Combining PTP with NTP to Get the Best of Both Worlds
, 19 November 2017
, Lichvar
, Miroslav
, 20 July 2016
, Red Hat Enterprise Linux Blog
, Starting with Red Hat Enterprise Linux 7.0 (and now in Red Hat Enterprise Linux 6.8) a more versatile NTP implementation is also provided via the chrony package
, Red Hat
,weblink" title="web.archive.org/web/20160730091110weblink">weblink
, 30 July 2016
,
and is available in the Ubuntu repositories.
WEB
,weblink
, Package: chrony (2.1.1-1) [universe]
, 19 November 2017
, Lichtenheld
, Frank
, Ubuntu Package
, Versatile implementation of the Network Time Protocol
, Ubuntu Package
,weblink
, 19 November 2017
, Chrony is aimed at ordinary computers, which are unstable, go into sleep mode or have intermittent connection to the Internet.WEB, Both, David, Manage NTP with Chrony,weblink Opensource.com, 29 June 2019, en, Chrony is also designed for virtual machines, a much more unstable environment. It is characterized by low resource consumption (cost) and supports PTP as well as NTP. It has two main components: chronyd, a daemon that is executed when the computer starts, and chronyc, a command line interface to the user for its configuration. It has been evaluated as very safe and with just a few incidents,WEB
,weblink
, Pentest-Report Chrony 08.2017
, 19 November 2017
, Heiderich
, Mario
, August 2017
, Cure53.de Team
, english
, Withstanding eleven full days of on-remote testing in August of 2017 means that Chrony is robust, strong, and developed with security in mind.
, wiki.mozilla.org, AKA MozillaWiki or WikiMO
,weblink
, 5 October 2017
, its advantage is the versatility of its code, written from scratch to avoid the complexity of code.WEB
,weblink
, Securing Network Time
, 19 November 2017
, 27 September 2017
, Core Infrastructure Initiative, a Linux Foundation Collaborative Project
, In sum, the Chrony NTP software stands solid and can be seen as trustworthy
, Core Infrastructure Initiative
, Linux Foundation
,weblink
, 28 October 2017
, Chrony is written under GNU General Public License version 2, was created by Richard Curnow in 1997 with others along time and is currently maintained by Miroslav Lichvar, development supported by Red Hat Software.WEB
,weblink
, chrony introduction
, 19 November 2017
, TuxFamily, a non-profit organization.
, The software is supported on Linux, FreeBSD, NetBSD, macOS, and Solaris.
, chrony
,weblink
, 9 December 2009
,

Leap seconds

On the day of a leap second event, ntpd receives notification from either a configuration file, an attached reference clock, or a remote server. Because of the requirement that time must appear to be monotonically increasing, a leap second is inserted with the sequence 23:59:59, 23:59:60, 00:00:00. Although the clock is actually halted during the event, any processes that query the system time cause it to increase by a tiny amount, preserving the order of events. If a negative leap second should ever become necessary, it would be deleted with the sequence 23:59:58, 00:00:00, skipping 23:59:59.WEB,weblink The NTP Timescale and Leap Seconds, David Mills, 15 October 2013, An alternative implementation, called leap smearing, consists in introducing the leap second incrementally during a period of 24 hours, from noon to noon in UTC time. This implementation is used by Google (both internally and on their public NTP servers) and by Amazon AWS.WEB,weblink Google Developers Leap Smear, 4 April 2019,

Security concerns

Several security concerns arose in late 2014. Previously, researchers became aware that NTP servers can be susceptible to man-in-the-middle attacks unless packets are cryptographically signed for authentication.WEB,weblink Network Time Protocol Version 4: Autokey Specification, IETF, 2010, 2014-10-16, The computational overhead involved can make this impractical on busy servers, particularly during denial of service attacks.WEB,weblink NTP Security Analysis, 11 October 2013, NTP message spoofing can be used to move clocks on client computers and allow a number of attacks based on bypassing of cryptographic key expiration.WEB,weblink Bypassing HTTP Strict Transport Security, 2014-10-16, 2014-10-16, Jose Selvi, Some of the services affected by fake NTP messages identified are TLS, DNSSEC, various caching schemes (such as DNS cache), BGP, Bitcoin and a number of persistent login schemes.JOURNAL,weblink Attacking the Network Time Protocol, Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, Sharon Goldberg, yes, 20 October 2015, NDSS, WEB, Attacking the Network Time Protocol,weblink www.cs.bu.edu, 2015-10-27, Only a few other security problems have been identified in the reference implementation of the NTP codebase in its 25+ year history, but the ones that appeared in 2009 were cause for significant concern.WEB,weblink Security Notice, Support.NTP.org, 2009-12-10, 2011-01-12, results returned by a search on "Network Time Protocol"{{dead link|date=February 2018 |bot=InternetArchiveBot |fix-attempted=yes }} at weblink{{original research inline|date=May 2013}} The protocol has been undergoing revision and review over its entire history. As of January 2011, there are no security revisions in the NTP specification and no reports at CERT.in {{IETF RFC|778}}, {{IETF RFC|891}}, {{IETF RFC|956}}, {{IETF RFC|958}}, {{IETF RFC|1305}}, {{IETF RFC|5905}}, and the NTPv4 specification The current codebase for the reference implementation has been undergoing security audits from several sources for several years, and there are no known high-risk vulnerabilities in the current released software.WEB,weblink Code Audit, Support.NTP.org, 2009-06-13, 2011-01-12, A 2017 security audit of three NTP implementations, conducted on behalf of the Linux Foundation's Core Infrastructure Initiative, suggested that both NTP and NTPsec were more problematic than Chrony froma security standpoint.WEB,weblinkweblink 2018-02-03, CII Audit Identifies Most Secure NTP Implementation, The Linux Foundation, September 28, 2017, 2019-07-03, NTP has been used in distributed denial of service (DDoS) attacks.WEB, Goodin, Dan,weblink New DoS attacks taking down game sites deliver crippling 100Gbps floods, Ars Technica, 2014-01-13, 2014-01-25, WEB, Lee, Dave,weblink Huge Hack 'Ugly Sign of Future' for Internet Threats, BBC, 2014-02-11, 2014-02-12, A small query is sent to an NTP server with the return address spoofed to be the target address. Similar to the DNS amplification attack, the server responds with a much larger reply that allows an attacker to substantially increase the amount of data being sent to the target. To avoid participating in an attack, servers can be configured to ignore external queries, or they can be upgraded to version 4.2.7p26 or later.WEB,weblink DRDoS / Amplification Attack using ntpdc monlist command, support.NTP.org, 2010-04-24, 2014-04-13, A stack-based buffer overflow exploit was discovered and a patch is available as of December 19, 2014. This includes all NTP Version 4 releases before version 4.2.8.WEB,weblink Network Time Protocol Vulnerabilities (Update C) | ICS-CERT, Ics-cert.us-cert.gov, 2015-04-15, Apple was concerned enough that it used its auto-update capability for the first time,WEB,weblink Apple automatically patches Macs to fix severe NTP security flaw, arstechnica, Dec 23, 2014, Apr 29, 2015, Cunningham, Andrew, though only for recent versions of macOS. In the case of version 10.6.8 there are manual fixes for the server version, and normal "client" users can just turn off automatic time updating in System Preferences for Date & Time.WEB,weblink NTP vulnerability on versions prior to 4.2.8 -- we OK?, Apple Support Communities, Some implementation errors are basic, such as a missing return statement in a routine, that can lead to unlimited access to systems that are running some versions of NTP in the root daemon. Systems that do not use the root daemon, such as BSD, are not subject to this flaw.WEB,weblink NTP The Latest Open Source Security Problem, I Programmer, 23 December 2014, Fairhead, Harry, {{See also|NTP server misuse and abuse}}

See also

Notes

{{Reflist|group=note}}

References

Further reading

  • IETF, 5907, Definitions of Managed Objects for Network Time Protocol Version 4 (NTPv4),
  • IETF, 5908, Network Time Protocol (NTP) Server Option for DHCPv6,

External links



- content above as imported from Wikipedia
- "Network Time Protocol" does not exist on GetWiki (yet)
- time: 2:36am EDT - Wed, Jul 24 2019
[ this remote article is provided by Wikipedia ]
LATEST EDITS [ see all ]
GETWIKI 09 JUL 2019
Eastern Philosophy
History of Philosophy
GETWIKI 09 MAY 2016
GETWIKI 18 OCT 2015
M.R.M. Parrott
Biographies
GETWIKI 20 AUG 2014
GETWIKI 19 AUG 2014
CONNECT