|
|
|
|
|
|
by cbhl
803 days ago
|
|
|
If you _don't_ enable dnssec on ntp.org, then a mitm can intercept the dns request to redirect to an attacker-owned timeserver with a time in the past. Then the host can have old and expired (without loss of generality) keys/certificates replayed against it. If memory serves though, Raspbian used to not even have `fake-hwclock` by default and even more Pis would end up with this "wildly wrong time near the epoch and can't bootstrap DNS/NTP" failure mode. You'd sometimes also see it with VMs too (esp if they were doing a pure-software clock that ran slower than realtime, instead of patching clock calls to the real hardware clock on the host). |
|
|
Preventing DNS mitm only matters if you prevent NTP mitm too.
What percent of NTP clients talking to these servers are doing it in a secure way? And is that share growing?