Is it relatively easy to hack Network Time Protocol(NTP)?
https://stackoverflow.com/questions/249318
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I read somewhere that NTP is based on UDP and there's no security built with NTP communication so it is easy to spoof NTP responses. Is it true? Wouldn't that be a major security issue since most of the servers out there depend on NTP to sync their clock?
Solution
here is an interesting article that talks about some of the security concerns, it might be a bit dated, but a good read.
OTHER TIPS
Yes, it is relatively easy and there are multiple exploits currently available. Most important to realize it that larger enterprises Sync NTP Timing through GPS, typically located within secure facilities. This minimizes the effectiveness of remote attacks. Therefore, the exploits and "hacking" causes more damage to organizations with 100 or less systems as most of those organizations do not have local timing and often rely on remote servers.
