Microsoft updates documentation on Windows time synchronization
From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 08/24/04
- Previous message: Perry, Mark-Allen (Mark-Allen): "A question about preparation for patching"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 24 Aug 2004 13:45:13 +0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Dear lists,
Sorry for additional noise.
Microsoft published Q884776 "Configuring the Windows Time service
against a large time offset"
http://support.microsoft.com/default.aspx?scid=kb;en-us;884776
In addition to clear description on new registry keys in Windows 2000
SP4 and Windows 2003 Microsoft added recommendation to use hardware
time source. Design flaw is currently fixed by documentation. I hope
finally MS will implement signing at least for it's own
time.windows.com.
P.S. just to make things clear: Microsoft is one of very few vendors
who really cares about time synchronisation infrastructure security
during operation system design. Even flawed this infrastructure is
much better than any unimplemented or undocumented infrastructure.
-- http://www.security.nnov.ru /\_/\ { , . } |\ +--oQQo->{ ^ }<-----+ \ | ZARAZA U 3APA3A } You know my name - look up my number (The Beatles) +-------------o66o--+ / |/ ----- NTBugtraq Editor's Note: Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field. -----
- Previous message: Perry, Mark-Allen (Mark-Allen): "A question about preparation for patching"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
