- May 7, 2016
- 1,311
AMSTERDAM - HACK IN THE BOX - Researchers have demonstrated that remote attackers can wirelessly change the time on network time protocol (NTP) servers over long distances using inexpensive devices.
NTP is a networking protocol utilized to synchronize time between computer systems. NTP uses a hierarchical system of time sources where the first level (stratum 0) is represented by reference clocks, such as atomic, GPS and radio clocks (JJY, WWVB, DCF77 and WWVH). The computers on the other levels (stratum 1, stratum 2, etc.) are synchronized with the previous stratum and also with devices on the same stratum for sanity checks, stability and robustness.
NTP servers can be used by organizations to synchronize the time on devices within their network, but they also play an important role in industrial and power generation networks.
Shifting time on an NTP server can have serious consequences — it allows attackers not only to damage or disrupt systems, but also to authenticate to services using expired credentials, bypass HTTP STS and certificate pinning, and cause TLS clients to accept revoked or expired certificates.
In a presentation at the Hack in the Box (HITB) conference this week, Yuwei Zheng and Haoqi Shan of China-based security firm Qihoo360 showed how a remote attacker can shift time on a stratum 1 NTP server by wirelessly sending it forged radio time signals.
Read Full:NTP Servers Exposed to Long-Distance Wireless Attacks | SecurityWeek.Com
NTP is a networking protocol utilized to synchronize time between computer systems. NTP uses a hierarchical system of time sources where the first level (stratum 0) is represented by reference clocks, such as atomic, GPS and radio clocks (JJY, WWVB, DCF77 and WWVH). The computers on the other levels (stratum 1, stratum 2, etc.) are synchronized with the previous stratum and also with devices on the same stratum for sanity checks, stability and robustness.
NTP servers can be used by organizations to synchronize the time on devices within their network, but they also play an important role in industrial and power generation networks.
Shifting time on an NTP server can have serious consequences — it allows attackers not only to damage or disrupt systems, but also to authenticate to services using expired credentials, bypass HTTP STS and certificate pinning, and cause TLS clients to accept revoked or expired certificates.
In a presentation at the Hack in the Box (HITB) conference this week, Yuwei Zheng and Haoqi Shan of China-based security firm Qihoo360 showed how a remote attacker can shift time on a stratum 1 NTP server by wirelessly sending it forged radio time signals.
Read Full:NTP Servers Exposed to Long-Distance Wireless Attacks | SecurityWeek.Com