Full Disclosure: Re[3]: Security aspects of time synchronization infrastructure

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re[3]: Security aspects of time synchronization infrastructure

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 20 Aug 2004 13:35:30 +0400

Dear 3APA3A,

--Friday, August 20, 2004, 10:21:51 AM, you wrote to mvp () joeware net:


3> Before  Windows  2000 SP4 it was possible to set date far in future (for
3> example  to  2038). Locked accounts, expired certificates in addition to
3> "problem  2038"  (Jan,  19  2038 is maximum date value for 32 bit time_t
3> timestamp used in many C compilers). But setting date 12 hours in future
3> or 12 hours in past still can produce a lot of harm.

 Minor correction: because SNTP uses different timestamp format it's not
 possible to set date behind 2036. But it's not so important.

-- 
~/ZARAZA
Появился новый тип элементарных частиц - шкварки.
Не очень большие, слегка подгоревшие.  (Лем)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Security aspects of time synchronization infrastructure 3APA3A (Aug 19)
- RE: Security aspects of time synchronization infrastructure joe (Aug 19)
  - Re[2]: Security aspects of time synchronization infrastructure 3APA3A (Aug 19)
    - Re[3]: Security aspects of time synchronization infrastructure 3APA3A (Aug 20)
    - RE: Re[2]: Security aspects of time synchronization infrastructure joe (Aug 20)