[ale] time of day goes back: taking countermeasures?

Transam transam at cavu.com
Fri Nov 23 22:32:08 EST 2001


> Does anyone know why ping does this?  My time is current per rdate and
> the national observatory.

> Google didn't have much except for a bunch of cgi scripts that are
> displaying this.

> Anyone have tips or a solution?

I've never bothered to look at ping's code to see where the braindamage is.

Regarding syncing system clocks ...

GA Tech seems to have the only reliable net time source I've found on
the US East Coast.  (The US Navy's systems, when the default UDP protocol
access occasionally send back a time of all binary zeros, launching you
40 years into the future.)  By using TCP and requiring that at least 2 of
four systems are in close agreement I've I either get the correct time or,
occasionally, no update.  (This beats getting a wrong time!)  My command
(used for many years) is:

     netdate tcp radar.gatech.edu bitsy.mit.edu tick.usno.navy.mil \
       tock.usno.navy.mil
     /sbin/clock -u -w

The netdate.c program (updated for most recent Linux distributions) may be
downloaded from my book site:

     http://www.realworldlinuxsecurity.com/netdate.c
     http://www.realworldlinuxsecurity.com/netdate.c.sig [GPG signature]

Note that those who use the UDP protocol risk a cracker spoofing a time server
and sending you the wrong time.  Anyone who can sniff your traffic anywhere
between you and the server can do this with an hour's programming effort.

> TIA,
> CB

Bob Toxen
transam at cavu.com                       [Bob's ALE Bulk email]
bob at cavu.com                           [Please use for email to me]
http://www.cavu.com
http://www.realworldlinuxsecurity.com/ [My 5* book:"Real World Linux Security"]
http://www.cavu.com/sunset.html        [Sunset Computer]
Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list