Dan on Security
Register | Login
New attacks on Network Time Protocol can defeat HTTPS and create chaos

[...] the attacks can be used to snoop on encrypted traffic or to bypass important security measures such as DNSSEC specification preventing the tampering of domain name system records. The most troubling scenario involves bypassing HTTPS encryption by forcing a computer to accept an expired transport layer security certificate.
The NTP attacker could force a client to accept an expired or revoked certificate (e.g. pre-Heartbleed). However, the attack might be limited as the NTP client would not accept time changes of >15 minutes, measure that could be defeated by making the change gradually in several steps, or by resetting the time immediately after a reboot.

Read further: Attacking the Network Time Protocol

Tags: ntp
More from: arstechnica.com

show/hide source |


No comments found :-( To post a comment, please log in