Skip to main content
main-content

Über dieses Buch

Learn the risks associated with Network Time Protocol (NTP) security and how to minimize those risks in daily deployment. Disruption of NTP services can interrupt communication between servers on the network and take an entire network offline.

Beyond disrupting communication, flaws in the NTP daemon itself can make servers vulnerable to external attack—attacks that often go unnoticed. NTP is being used more frequently in Distributed Denial of Service (DDoS) attacks. It is a User Datagram Protocol (UDP) with encryption schemes that are not often used or are poorly implemented, making it susceptible to spoofing.

Despite all of the security challenges, the fact is that NTP is critical to most modern networks. It is one of those "set it and forget it" protocols that network administrators and even security professionals don't understand in depth. However, an attacker who does understand the security flaws can wreak havoc on an insecure network.

NTP Security: A Quick-Start Guide provides a deeper understanding of the protocol itself and how to deploy a strategy using the protocol throughout a network in a secure manner. Your security team will be able to provide better guidance to the system and network teams who will then be able to better manage the day-to-day implementation.

This succinct resource offers practical guidance to an underserved topic (actually, not served at all). Coverage includes:

An understanding of NTP and the importance of time synchronization in modern networksIssues in NTP security, including an analysis of NTP trafficA review of the vulnerabilities and flaws in the protocolPractical solutions for securing NTP and building a robust infrastructureEffective alternatives to NTP

What you’ll learn

A better understanding of the risks associated with the Network Time protocol (NTP)How to configure NTP on servers and workstations in the network in a more secure manner How to configure NTP on network platforms in a secure manner Ways to bring more NTP capability inside the network, thus creating a smaller attack surface Alternatives to NTP, including how to synchronize network clocks in other ways

Who This Book Is For

System Administrators, Network Engineers, and Security Analysts

Inhaltsverzeichnis

Frontmatter

Chapter 1. Understanding NTP

Marking the passage of time has played a role in every great civilization, and as civilizations have continued to evolve, they have also developed a need for more precise timekeeping. The Sumerians, in early Mesopotamia, were content to track the months and years—as early as 3500 BCE—while the Egyptians, a few centuries later, used giant obelisks to track the time during the day. Even within civilizations, the marking of time continued to advance. The Egyptians moved from obelisks to more precise and portable sundials that divided days into 12 parts and were used to track working hours. Shadow clocks allowed Egyptians to track time day and night, and water clocks were used to track time irrespective of the sun.
Allan Liska

Chapter 2. Issues in NTP Security

NTP is most likely the longest continuously operating protocol on the Internet. At more than 30 years old, NTP has become pervasive across the Internet, to the point that most people don’t even think about it. Unfortunately, that is part of the problem. NTP is an obscure protocol that rarely fails and does its job well. This has led to a lot of entropy in the development and deployment of the protocol.
Allan Liska

Chapter 3. Vulnerabilities in NTP

Having reviewed some of the issues in NTP security, the next step is to take a closer look at some of the vulnerabilities. The goal of this chapter is not to cover specific vulnerabilities, but instead look at how vulnerabilities in NTP can be exploited and the potential damage those exploits can cause to an organization.
Allan Liska

Chapter 4. Securing NTP

This chapter gets to the meat of NTP security: actually securing an NTP installation, and protecting an organization from insecure NTP installations. As previously discussed, this is not always as easy as it sounds, especially given the many platforms in an organization’s network that make use of the protocol.
Allan Liska

Chapter 5. Securing NTP Infrastructure

NTP security is not just a matter of protecting the infrastructure—it is also requires making sure that infrastructure has a high level of availability. Availability is especially important for those organizations that choose to run their own NTP infrastructure rather than use publicly available NTP servers.
Allan Liska

Chapter 6. Alternatives to NTP

Given the number of security problems discussed in this book and that have been discovered and published over the years, it is not surprising that some organizations opt to run alternatives to the NTP reference client. There are a number of different options available.
Allan Liska

Backmatter

Weitere Informationen

Premium Partner

BranchenIndex Online

Die B2B-Firmensuche für Industrie und Wirtschaft: Kostenfrei in Firmenprofilen nach Lieferanten, Herstellern, Dienstleistern und Händlern recherchieren.

Whitepaper

- ANZEIGE -

Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung

Unternehmen haben das Innovationspotenzial der eigenen Mitarbeiter auch außerhalb der F&E-Abteilung erkannt. Viele Initiativen zur Partizipation scheitern in der Praxis jedoch häufig. Lesen Sie hier  - basierend auf einer qualitativ-explorativen Expertenstudie - mehr über die wesentlichen Problemfelder der mitarbeiterzentrierten Produktentwicklung und profitieren Sie von konkreten Handlungsempfehlungen aus der Praxis.
Jetzt gratis downloaden!

Bildnachweise