SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    NTP Servers Exposed to Long-Distance Wireless Attacks
Date    Saturday May 28 2016, @06:55PM
Author    martyb
Topic   
from the time-out! dept.
https://soylentnews.org/article.pl?sid=16/05/28/1218203

ticho writes:

Securityweek has an article about a presentation at the Hack in the Box (HITB) conference this week, where Yuwei Zheng and Haoqi Shan of China-based security firm Qihoo360 showed how a remote attacker can shift time on a stratum 1 NTP server by wirelessly sending it forged radio time signals.

Shifting time on an NTP server can have serious consequences — it allows attackers not only to damage or disrupt systems, but also to authenticate to services using expired credentials, bypass HTTP STS and certificate pinning, and cause TLS clients to accept revoked or expired certificates.

Direct link to the presentation PDF.

Original Submission

Links
  1. "ticho" - https://soylentnews.org/~ticho/
  2. "an article" - http://www.securityweek.com/ntp-servers-exposed-long-distance-wireless-attacks
  3. "Shifting time on an NTP server" - http://www.securityweek.com/new-ntp-vulnerabilities-put-networks-risk
  4. "Direct link to the presentation PDF" - https://conference.hitb.org/hitbsecconf2016ams/materials/D2T1%20-%20Yuwei%20Zheng%20and%20Haoqi%20Shan%20-%20Forging%20a%20Wireless%20Time%20Signal%20to%20Attack%20NTP%20Servers.pdf
  5. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=13904
© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, NTP Servers Exposed to Long-Distance Wireless Attacks on 2024-04-19 21:40:01