T
T
TODO•SEC
Search…
NTP Security
NTP is used to synchronize network devices/computer system time settings. Without NTP, computers would slowly drift away from each other in time. Eventually there would be a lot of differences between the clocks, even within one network of devices. For systems that require events to occur at a certain intervals, this is an issue. In terms of troubleshooting any network issues, having varying times on devices can make it hard to determine what time an outage approximately occurred. One device may show it received a reply much slower than expected due to time differences on the computers.

Why is NTP security important?

  • You only want to use time settings from trusted sources
  • An attacker may broadcast wrong time stamps
  • An attacker may be disguised as another time server
To ensure the device receives the correct settings, we must ensure it is contacting the correct NTP server. For this, we can use authentication. NTP authentication uses a key, a password you create so make it strong. This key must be known and trusted between the server and the clients. Authentication does not involve any kind of encryption. The key attached to the device's data acts as a digital signature that the other device, having the same key, can match and confirm they are reaching the correct server.
Command
Utility
ntp master 10
show clock detail
to verify source is ntp & time is correct
ntp server x.x.x.x
specify ip address of ntp server

Security Configuration

Command
Utility
_ntp authenticate _
ntp authentication-key x md5 xxxx
ntp server x.x.x.x key x

NTP Commands

Command
Utility
show ntp status
to view devices current ntp status, stratum, reference, etc
show ntp associations
to view if device has ntp master, OR AS MASTER: master ip, whether they are synced, metrics
Last modified 8d ago
Copy link