From owner-freebsd-questions@FreeBSD.ORG  Fri Mar 11 03:44:10 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2EC7616A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Mar 2005 03:44:10 +0000 (GMT)
Received: from smtp11.wanadoo.fr (smtp11.wanadoo.fr [193.252.22.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E060E43D53
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Mar 2005 03:44:09 +0000 (GMT)
	(envelope-from atkielski.anthony@wanadoo.fr)
Received: from me-wanadoo.net (localhost [127.0.0.1])
	by mwinf1101.wanadoo.fr (SMTP Server) with ESMTP id 234041C0008C
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Mar 2005 04:44:09 +0100 (CET)
Received: from pix.atkielski.com (ASt-Lambert-111-2-1-3.w81-50.abo.wanadoo.fr
	[81.50.80.3])
	by mwinf1101.wanadoo.fr (SMTP Server) with ESMTP id E98051C00086
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Mar 2005 04:44:08 +0100 (CET)
X-ME-UUID: 20050311034408956.E98051C00086@mwinf1101.wanadoo.fr
Date: Fri, 11 Mar 2005 04:44:08 +0100
From: Anthony Atkielski <atkielski.anthony@wanadoo.fr>
X-Priority: 3 (Normal)
Message-ID: <1735368246.20050311044408@wanadoo.fr>
To: freebsd-questions@freebsd.org
In-Reply-To: <20050311025906.GD72527@hub.freebsd.org>
References: <751280160.20050311034539@wanadoo.fr>
 <20050311025906.GD72527@hub.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: Clock slew vulnerability in FreeBSD?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2005 03:44:10 -0000

Kris Kennaway writes:

> Isn't this a non-problem if you use ntpd?

Unfortunately, no, because the TCP stacks on most systems don't use the
disciplined clock provided by NTP for the timestamps.  Instead they use
a clock based directly on the RTC, which reveals a characteristic skew
that is unique to each machine.

If the stacks used the NTP-disciplined actual time of day, plus perhaps
a randomizing factor to avoid revealing patterns, this technique would
become useless.

-- 
Anthony