Full Disclosure: Microsoft updates documentation on Windows time synchronization

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Microsoft updates documentation on Windows time synchronization

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Tue, 24 Aug 2004 13:45:13 +0400

Dear lists,

  Sorry  for additional noise.

  Microsoft  published  Q884776  "Configuring  the  Windows Time service
  against a large time offset"

  http://support.microsoft.com/default.aspx?scid=kb;en-us;884776

  In  addition to clear description on new registry keys in Windows 2000
  SP4  and  Windows  2003 Microsoft added recommendation to use hardware
  time  source.  Design flaw is currently fixed by documentation. I hope
  finally   MS   will   implement   signing   at   least  for  it's  own
  time.windows.com.

  P.S.  just  to make things clear: Microsoft is one of very few vendors
  who  really  cares  about time synchronisation infrastructure security
  during  operation  system  design.  Even flawed this infrastructure is
  much better than any unimplemented or undocumented infrastructure.

-- 
http://www.security.nnov.ru
         /\_/\
        { , . }     |\
+--oQQo->{ ^ }<-----+ \
|  ZARAZA  U  3APA3A   } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
                    |/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Microsoft updates documentation on Windows time synchronization 3APA3A (Aug 24)
- RE: Microsoft updates documentation on Windows time synchronization Nicolas villatte (Aug 24)