EditWYSIWYGAttachPrintable
r38 - 2007-11-20 - 03:24:53 - BradKnowlesYou are here: NTP >  Main Web > WebHome
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p13 was released on 07 March 2019. It addresses 1 medium-severity security issue in ntpd, and provides 17 non-security bugfixes and 1 other improvements over 4.2.8p12.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
Network Time Foundation
Stable
  4.2.8p13
  2019/03/07
Development
  4.3.99
  2019/06/07


  • NTP Project
  • Hosted@ ISC
  • BitKeeper
  • Coverity
  • FreeBSD
  • Debian

The NTP Public Services Project

Providing public support services for the NTP Project and hosting the IETF NTP Working Group. Copyright for the material on this web-site is held by the contributing authors. Please contact the webmaster and/or the contributing author with any questions regarding copyright.

NTP Security Information

Please see our Security Notice for up to date information about security related issues pertaining to the Reference Implementation of NTP.

What is NTP (Network Time Protocol) ?

NTP is a protocol designed to synchronize the clocks of computers over a network to a common timebase (usually UTC).

NTP version 3 is an internet draft standard, formalized in RFC 1305. NTP version 4 is a significant revision of the NTP standard, and is the current development version, but has not been formalized in an RFC. Simple NTP (SNTP) version 4 is described in RFC 4330.

Why is NTP Important?

In a commercial environment, accurate time stamps are essential to everything from maintaining and troubleshooting equipment and forensic analysis of distributed attacks, to resolving disputes among parties contesting a commercially valuable time-sensitive transaction. Within law enforcement, they essential for correlation of distributed communication events, forensic analysis, and potential evidentiary use in criminal proceedings. In essence, all security, audit, and authentication is founded on the basis of good time synchronization.

One of the best explanations for this issue comes from Thomas Akin, in chapter 10 of his book Hardening Cisco Routers:

Time is inherently important to the function of routers and networks. It provides the only frame of reference between all devices on the network. This makes synchronized time extremely important. Without synchronized time, accurately correlating information between devices becomes difficult, if not impossible. When it comes to security, if you cannot successfully compare logs between each of your routers and all your network servers, you will find it very hard to develop a reliable picture of an incident. Finally, even if you are able to put the pieces together, unsynchronized times, especially between log files, may give an attacker with a good attorney enough wiggle room to escape prosecution.

Additional information on this subject can be found at UC Berkeley, University of Wyoming, in Rik Farrow's Network Defense columns for Network Magazine , and in the Linux System Administrators Guide at the Linux Documentation Project.

Legal Requirements

There are legal requirements for good time synchronization, both in the US and abroad. In the US, legal requirements from CALEA, the FBI, and the FCC are for a minimum accuracy of 200ms (two hundred milliseconds). In Europe, there are proposals are on the table to reduce this to ten milliseconds (see Agentschap Telecom, Format for date and time, ETSI/TC LI Rap#16, Groningen, 27-28 Jun 2007, Doc. ETSI/LI-rap16-td12), and this is being used as justification for the same level of standard in FCC Notice RM-11376.

Then there the Federal Rules of Evidence, which govern the introduction of evidence in proceedings, both civil and criminal, in US Federal courts. While they do not apply to suits in state courts, the rules of many states have been closely modeled on these provisions. Of course, these rules may not be completely transferrable to other legal jurisdictions in other countries, but they should serve as a good initial guideline. Recently, in the decision Lorraine v. Markel American Ins. Co., PWG-06-1893 (D. Md May 4, 2007), the court disallowed the submission of e-mail messages as evidence into the case, in part because the parties could not prove that the data had been preserved according to the Federal Rules of Evidence, including time stamp information. Clearly, there is a legal requirement to be able to provide fully auditable, verifiable, and authenticated time stamps.

The NTP Project

The NTP Project produces a reference implementation of the NTP protocol, and implementation documentation, through a largely a volunteer effort. The NTP software distribution is copyrighted, as described in the NTP copyright page.

A list of reference clocks, ntp documentation, time and frequency standard stations, and time and frequency standard station transmission data is maintained at the Information on Time and Frequency Services page. Background information about NTP, along with briefings and a bibliography, are available at the Network Time Synchronization Project page.

IETF NTP Working Group

The NTP Public Services Project is hosting the IETF NTP Working Group. The goal of this working group is to update the NTP protocol specification and advance the standardization status of NTP based on the extensive work from the NTP community. For more information visit the IETF NTP Working Group Web.

Information For New NTP Users

  • New NTP users should read the Where-To-Start file included with the NTP distribution.
  • Documentation for the current NTP distribution, along with additional information, is available on the documentation page.
  • Community supported documentation is available in the Support Web of this site.
  • NTP users who don't like to read documentation may want to refer to a QuickStart Guide.
  • If you would like to find a server to get time from, please see the public NTP server list.
  • If you would like to download NTP software please see the download page.
  • If you would like to locate NTP software other than the reference distribution, please see the links page.

Contacting Us

To contact the NTP web maintainer or any of the NTP developer team, please see the contact page. Please direct comments and questions about this web site to webmaster@ntp.org.

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r62 | r40 < r39 < r38 < r37 | More topic actions...
Main.WebHome moved from Main.AboutThisTWiki on 2003-07-16 - 13:29 by SteveKostecke - put it back
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback