Re: WINDOWS XP NTPFrom: John Galt (email@example.com)
- Previous message: Mauro Flores: "Re: MiM Simultaneous close attack"
- In reply to: Dino: "WINDOWS XP NTP"
- Next in thread: David Schwartz: "RE: WINDOWS XP NTP"
- Reply: David Schwartz: "RE: WINDOWS XP NTP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Aug 2001 14:05:29 -0600 (MDT) From: John Galt <firstname.lastname@example.org> To: Dino <email@example.com> Subject: Re: WINDOWS XP NTP Message-ID: <Pine.LNX.firstname.lastname@example.org>
time.windows.com: stratum 2, offset 0.002825, synch distance 0.06490
time.nist.gov: stratum 1, offset 0.004652, synch distance 0.00000, refid 'ACTS'
Locutus is most definitely not a windows XP box :)
I'm still guessing that any and all NTP 'sploits are prefectly valid for
Win XP, and even more so, since there is a default attack vector. You can
get substantial coverage with a script that forges an NTP packet from
time.windows.com (188.8.131.52 according to my dig, but it's
non-authoritative...) The fun part is they're .60 seconds off NIST:
pathetic for a stratum 2.
On Tue, 21 Aug 2001, Dino wrote:
>I apologize for making a mistake on the name of the NTP:
>time.microsoft.com vs time.windows.com
>When I tried a 3rd party app and sad it did not work using time.windows.com,
>I really used time.microsoft.com.
>Sorry for the swap of names:(
>(yes I tried time.microsoft.com and time.windows.com and neither worked on a
-- There is an old saying that if a million monkeys typed on a million keyboards for a million years, eventually all the works of Shakespeare would be produced. Now, thanks to Usenet, we know this is not true.
Who is John Galt? email@example.com, that's who!