T
T
TODO•SEC
Search…
T
T
TODO•SEC
v2 - Compact Menu
todo•SEC Home
Contents
Cloud and Networked Systems
Cloud and Networked Systems Topics
Computer Networks
Routing and Switching
350-401 ENCOR: Implementing Cisco Enterprise Network Core Technologies
WIP - 1.1.2 Lab - Implement Inter-VLAN Routing
2.1.2 Lab - Observe STP Topology Changes and Implement RSTP
Tune & Optimize EtherChannel Operations
NTP Security
OSPF
Exam Topics
300-410 ENARSI: Implementing Cisco Enterprise Advanced Routing and Services
300-415 ENSDWI: Implementing Cisco SD-WAN Solutions
Ethernet Local Area Networks
MAC Addresses
OSI and TCP/IP, IPv6 and Network Protocols at each layer
Intro to DHCP
802.1Q vs 802.1P (VLAN 0 Priority Tagging)
Domain Name System
What are webpages made of?
Top 1000 Well Known Ports
Zone-Based Policy Firewall (also known as Zone-Policy Firewall, or ZFW)
Wireless
Virtualization
Cloud Systems
macOS
Windows
Linux
Network Storage
Code
InfoSec
Infosec Topics
Powered By GitBook
NTP Security
NTP is used to synchronize network devices/computer system time settings. Without NTP, computers would slowly drift away from each other in time. Eventually there would be a lot of differences between the clocks, even within one network of devices. For systems that require events to occur at a certain intervals, this is an issue. In terms of troubleshooting any network issues, having varying times on devices can make it hard to determine what time an outage approximately occurred. One device may show it received a reply much slower than expected due to time differences on the computers.

Why is NTP security important?

  • You only want to use time settings from trusted sources
  • An attacker may broadcast wrong time stamps
  • An attacker may be disguised as another time server
To ensure the device receives the correct settings, we must ensure it is contacting the correct NTP server. For this, we can use authentication. NTP authentication uses a key, a password you create so make it strong. This key must be known and trusted between the server and the clients. Authentication does not involve any kind of encryption. The key attached to the device's data acts as a digital signature that the other device, having the same key, can match and confirm they are reaching the correct server.
Command
Utility
ntp master 10
show clock detail
to verify source is ntp & time is correct
ntp server x.x.x.x
specify ip address of ntp server

Security Configuration

Command
Utility
_ntp authenticate _
ntp authentication-key x md5 xxxx
ntp server x.x.x.x key x

NTP Commands

Command
Utility
show ntp status
to view devices current ntp status, stratum, reference, etc
show ntp associations
to view if device has ntp master, OR AS MASTER: master ip, whether they are synced, metrics
Previous
Tune & Optimize EtherChannel Operations
Next
OSPF
Last modified 8mo ago
Copy link
Outline