Clock slew vulnerability in FreeBSD?
Bart Silverstrim
bsilver at chrononomicon.com
Fri Mar 11 05:27:34 PST 2005
On Mar 10, 2005, at 10:44 PM, Anthony Atkielski wrote:
> Kris Kennaway writes:
>
>> Isn't this a non-problem if you use ntpd?
>
> Unfortunately, no, because the TCP stacks on most systems don't use the
> disciplined clock provided by NTP for the timestamps. Instead they use
> a clock based directly on the RTC, which reveals a characteristic skew
> that is unique to each machine.
>
> If the stacks used the NTP-disciplined actual time of day, plus perhaps
> a randomizing factor to avoid revealing patterns, this technique would
> become useless.
Wouldn't the skew resolution necessary for this tracking technique
become useless with temperature variations, humidity, etc. that can
affect most systems over the course of the day/week/year?
More information about the freebsd-questions
mailing list