This release improves on one security issue in ntpd: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / CVE-2018-7170 /: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7 and with significant additional protections for this issue in 4.2.8p11, ntp-4.2.8p12 includes a fix for an edge case in the new noepeer support. Originally reported by Matt Van Gundy… Read More
NTP
Network Time Foundation Publishes NTP 4.2.8p11
February 2018 ntp-4.2.8p11 NTP Release and Security Vulnerability Announcement The NTP Project at Network Time Foundation publicly released ntp-4.2.8p11 on Tuesday, 27 February 2018. This release addresses five low and medium security issues in ntpd: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7, there are significant additional… Read More
Past, Present, and Future of NTP
The Past, Present, and Future of NTP Operations at AusNOG 2017 Paul Gear, an NTF individual member and volunteer, presented a talk at AusNOG on September 7th in Melbourne, Australia entitled The Past, Present, and Future of NTP Operations. We were ecstatic to have Paul take the time from his day job at Canonical Ltd.… Read More
NTF Attended ISPCS Symposium
NTF Attended ISPCS 2017 Plugfest and Symposium in Monterey, CA Last week, I joined Harlan Stenn at the 2017 ISPCS Conference (International IEEE Symposium on Precision Clock Synchronization for Measurement, Control, and Communication) where we attended the Plugfest and heard the latest developments in the PTP community. This was NTF’s fifth time at the event… Read More
Accomplishments Q1 & Q2 ’17 — Community Update
First, thank you to all our generous members and donors. Because of your continued support Network Time Foundation was able to accomplish some great things in the first half of 2017. As a nonprofit organization, it is all of you who help NTF produce and maintain the most reliable, secure and trusted open-source network time… Read More
Harlan Stenn Interviewed on CyberMatters Radio
On June 4th, Mark Graff interviewed Harlan Stenn on CyberMatters Radio as part of the “Hidden Heroes” series they are producing. You may already know about NTP and network time. This interview is still worth a listen! It gives a great overview of NTP, network time in general and the impact it has on our… Read More
Time Synchronization You Can Trust
Time is all around us. At any point, you likely have at least one clock within viewing distance. Is anyone caught without their cell phone these days? As I’m writing this, I have the time in the lower right corner of my laptop screen, the display of my smartwatch, my cell phone and an analog… Read More
Accomplishments Q1 2017 – Community Update
Network Time Foundation 2017 Q1 Accomplishments Firstly, thank you to all our generous members and donors. Because of your continued support Network Time Foundation was able to accomplish great things in the first quarter of 2017. As a non-profit organization, it is all of you who help NTF produce and maintain open-source network time software vital… Read More
Outdated Versions of NTP Leaving Users Vulnerable
NTP version 4 was first released in 2003, why haven’t you upgraded? Network Time Protocol version 3 remains a security risk to the Internet and, unfortunately, there is a good chance that many people reading this post are part of the problem. Network Time Foundation released version 4 of the NTP daemon in August of… Read More
Network Time Foundation Publishes NTP 4.2.8-p10
Network Time Foundation publishes NTP 4.2.8p10, with security, bug and information fixes, and enhancements As part of the Mozilla Foundation’s Secure Open Source (SOS) program they conducted a security audit of the NTP codebase. This release addresses the issues found along with a zero origin security bug. NTF’s Network Time Protocol (NTP) Project released ntp-428p10… Read More