My ACM Queue article, “Securing the Network Time Protocol - Crackers discover how to use NTP as a weapon for abuse” has been published.
The article talks about:
how to secure your NTP configuration
how many bug fixes and improvements have been made to the code over the past many releases
offers some conjectures as to why people don’t upgrade their NTP software more often
what we’re planning to do about that (change the package numbering scheme)
and perhaps most importantly, how and why folks should implement BCP38 on their networks.
As an added bonus, nowhere in the article do I recommend people read “The Snarkout Boys and the Baconburg Horror”, by Daniel M. Pinkwater, to read one of my favorite poems, “The World Owes Me A Living ‘Cause I’m Short”. If you like the poem enough to read the book, you might want to read “The Snarkout Boys and the Avocado of Death” first. But secure your NTP configuration before reading some of my favorite books!