



Effects Of This Vulnerability.





DNSSEC specification

However, t's not clear how practical some of the attacks would be in real-world settings. While it's possible to use symmetric encryption to cryptographically authenticate an NTP service, keys are difficult to acquire.



More details can be obtained from the research paper at http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf



Sources:



http://www.pentester.es/2015/10/delorean.html,



http://www.cs.bu.edu/~goldbe/NTPattack.html ,



http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/ This vulnerability, if properly exploited, can cause debilitating outages, snoop on encrypted communications, bypass important security measures such aspreventing the tampering of domain name system records, etc The most troubling scenario involves bypassing HTTPS encryption by forcing a computer to accept an expired transport layer security certificate.However, t's not clear how practical some of the attacks would be in real-world settings. While it's possible to use symmetric encryption to cryptographically authenticate an NTP service, keys are difficult to acquire.Sources:http://www.pentester.es/2015/10/delorean.html,http://www.cs.bu.edu/~goldbe/NTPattack.html ,http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/

These serious weaknesses in the Internet's time-synchronization can be used to change the actual time in computers, to whatever time the attacker chooses. These attacks could be used by malicious actors to wreak havoc on the Internet. An attack that prevents sensitive computers and servers from receiving regular time-synchronization updates could cause malfunctions on a mass scale. In many cases, such denial-of-service hacks can be carried out even when attackers are "off-path,