Date: Fri, 11 Mar 2005 08:27:36 -0500 From: Bart Silverstrim <bsilver@chrononomicon.com> To: freebsd-questions@freebsd.org Subject: Re: Clock slew vulnerability in FreeBSD? Message-ID: <56f756c499c68c62c6706fef0e896cb2@chrononomicon.com> In-Reply-To: <1735368246.20050311044408@wanadoo.fr> References: <751280160.20050311034539@wanadoo.fr> <20050311025906.GD72527@hub.freebsd.org> <1735368246.20050311044408@wanadoo.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 10, 2005, at 10:44 PM, Anthony Atkielski wrote: > Kris Kennaway writes: > >> Isn't this a non-problem if you use ntpd? > > Unfortunately, no, because the TCP stacks on most systems don't use the > disciplined clock provided by NTP for the timestamps. Instead they use > a clock based directly on the RTC, which reveals a characteristic skew > that is unique to each machine. > > If the stacks used the NTP-disciplined actual time of day, plus perhaps > a randomizing factor to avoid revealing patterns, this technique would > become useless. Wouldn't the skew resolution necessary for this tracking technique become useless with temperature variations, humidity, etc. that can affect most systems over the course of the day/week/year?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56f756c499c68c62c6706fef0e896cb2>