SlideShare a Scribd company logo

NTP Final Report

Download as DOCX, PDF
A
Andrew McGarry
1 of 11
AndrewMcGarry Daniel Lopresti LehighinIreland2014 August9, 2014 Demonstrating a Security Flaw in Authenticated NTP Abstract: Thisreportdetailsa projectwhose central goal wasto explore anddemonstrate asecurityflaw inAuthenticatedNetworkTime Protocol. The particularexploitwhichthisprojectfocusedoninvolvesa Man-in-the-Middle (MitM) attackwhere the attackermasqueradesasa legitimate NTPserverafter brute forcinga 32-bit cookie generatedduringthe initialauthenticationprocess.Once the correct cookie hasbeenguessed,the attackercanthenconductan AddressResolutionProtocol (ARP)poisoning attack to directNTP trafficdestined forthe legitimate NTPservertoa target of hisor herchoice (usually the attacker’sownmachine).Thisthenallowsthe attackertofeedthe NTPclientfalse timing information,leadingtoa numberof adverse effectswhichrange frommisrepresentationof the current time to systemfailure.Control systems,suchasthose whichwouldbe usedtomonitorpowerusage ina smart grid,can be made blindif enoughmeasuringdevicesare deprivedof apropersense of time, potentiallyleadingtocatastrophicfailures. Todemonstrate thisexploit,ourgroupdecidedtosetupa small virtual computernetworkandthenconductthisattackon an AuthenticatedNTPsession establishedbetweentwoof the machines. Introduction: Duringthe 1980’s, as control andmeasurementapplicationsbecameincreasinglycomplex and computationallydemanding,theregrewaneedfora technologycapable of synchronizingtime between disparate computingdevices.Several solutionstothisproblem weredeveloped,includingGPStime synchronization,reference broadcastsynchronization,andNetworkTime Protocol.AlthoughGPSand reference broadcastsynchronizationare excellentsourcesof time,NetworkTime Protocol (NTP) isby far the most broadlyapplicablesince itcanoperate overthe wired andwirelessinternetprotocol networkscommonlyincorporatedintobuildings.Radiowavesdonotpropagate well throughdense materials,makingGPSandreference broadcastsynchronizationproblematicinbuildings andurban environments. As a resultof thisshortcoming, NTPhasbeenanextremely commonmeansof synchronizing time across computernetworksformore thana decade,anditsapplicationscontinue toevolve.The recentpushtowardssmart gridtechnology,forexample,will see the introductionof NTPintoa new domain:critical infrastructure.Smartgridtechnology promisestoimprove the efficiencyandreliability of the UnitedStatespowergridthroughthe additionof internet-enabledsensors.Ensuringthatthe varioussensorsandcontrol systemsall keepthe same time opensupawhole new range of capabilities for powergridengineers,andbecause manyof these deviceswill be internet-enabled,usingNTPto synchronize time acrossthe gridisan attractive option. It isnot however,asafe option.NTPinitsbase formhas no authenticationschemetoverify clientsorlegitimate serversandhasbeenusedasthe basisforseveral distributeddenial of service
(DDoS) attacks overthe yearsbecause of it.The additionof Autokey,anauthenticationmechanism,lead to the adventof AuthenticatedNTP.The factthatNTP can now be setup withan authentication mechanismmakesita bettercandidate foruse incritical infrastructure,yeteventhismeasure hasnot made NTP invulnerabletoexploitation.Recentscholarshiphasuncoveredseveral attackvectors,or meansof exploitation,relatingtoAuthenticatedNTP.These discoverieshave kickedoff awave of investigationintosecurityimprovementsforAuthenticatedNTPwiththe ultimate goal of preparingit for use incritical infrastructure. ProjectGoals: The main goal of thisprojectwasto explore anddemonstrateasecurityflaw associatedwith AuthenticatedNTP. Withregards to exploration,mypartnerandI setout tolearnabout NetworkTime Protocol,its importance andhowit functions.Inaddition,we wishedtolearnhow toutilize toolscommonlyusedin computerscience researchwhilealsointroducingourselvestocomputernetworkingandnetwork security. The demonstrationportionof ourprojectinvolvedatwo-stage approach.Stage 1 wasto consistof a computernetworkfeaturinganNTPclient/serverrelationshipandthe capabilitytomonitornetwork traffic.InStage 2, we wouldconducta Man-in-the-Middle(MitM) attackwithin thisnetworkwiththe goal of spoofinganNTPclientintoacceptingthe attackeras a legitimate NTPserver. NetworkTime Protocol: NetworkTime Protocol (NTP) isanapplication-layerprotocol which allowscomputingdevicesto synchronize theirclockstoreliabletime sourcesoveranetworkconnection. NTPoperatesasahierarchy of levels,knownasstratum.The lowestlevel,Statum0,referstonational time sourcestowhichStratum 1 servers are directlyconnectedviasatellite,radio,ortelephone modem.Stratum2servers receive their timinginformationfromStratum1 servers,Stratum3 serversfromStratum2 servers,andso on. The goal of NTP isto synchronize all participatingcomputingdevicestowithinafew millisecondsof the CoordinatedUniversal Time (UTC) timescale,atimingstandardobservedbymany national laboratories.Itdoesnothowever,inherentlyaccountforregional timedifferences,so differencesintime zonesmustbe accountedforona per-userbasis.Leapsecondsare accounted for and occur approximatelyevery18months. As forthe architecture of the protocol,NTPreliesonpacketexchangesbetweenclientsand serversusingitsownsetof on-wire protocols. A dual setof poll andpeerprocessesgovernswhensuch packetsare sentandwhat happenswhentheyare received.The poll processsendsNTPpacketsata rate of one every8 secondsto 36 hoursin orderto maximize accuracyandminimize networkload.If the packetpassesa sanitycheck,the peerprocessrunsthe on-wire protocol whichreliesonfour timestamps. The timestampsare: T1 : The time of departure of the requestpacketfromthe client T2 : The time of arrival of the requestpacketatthe server T3 : The time of departure of the replypacketfromthe server
T4 : The time of arrival of the replypacketatthe client NTP calculatesseveral values toassessthe accuracyof the time itexports basedonthese timestamps:offset,delay,jitter, frequencyerror,andstability. Perhapsthe mostimportof these four statistical valuesisthe offset,whichmeasuresthe asymmetryof the roundtriptime.If the offsetistoo high,NTPpreventsthe clientfromsynchronizingwiththe targetserver. In orderto continue toreceive timinginformationfromanNTPserver,an NTP clientmustfirst synchronize withthe server.The synchronizationprocessisaseriesof five request/receive exchanges.In each exchange,the clientfirstqueriesthe serverforthe currenttime bysendingouta UDP/IP packet containingatimestampdenotingthe time of departure(T1).Assoonasthe packetis received,the server marks downthe time at whichthe packetwasreceivedinatimestamp(T2) andadds itto the packet. The serverthenaddsan NTPtimestampcontainingthe time atwhichthe replypacketwillbe sent(T3) to the packet,and finally,the clientthenrecordsthe time atwhichthe replypacketarrives(T4) ina final timestamp.Once the clienthasreceivedandgeneratedall fourtimestamps,itcanthenperforma sanity checkon the exchange.If the testispassed,anotherexchange isallowedtooccur.Afterfive successful exchangesandsanitychecks,synchronizationisachievedandanyfurthertimestampsreceivedfromthe NTP serverare usedto setthe client’sclock. Normal operationforNTPisverysimilartothe synchronizationprocess.NTPusesUDP/IP packetsexclusivelyforinformationtransferandhasdesignatedport123 as the official NTPport. The clientandserveruse the same request/receive formatasdetailedabove,withboththe clientandserver addingNTPtimestampstothe packetuntil theyare all finallycollectedbythe client.After synchronizationthough,the offsetvalue calculatedusingthe timestampsisrunthroughanalgorithm and thenusedtoadjustthe systemclockandfrequency of the client.The onlyotherimportant difference betweensynchronizationandnormal operationisthatinnormal operation,the frequencyof exchangesdecreaseswitheachsuccessfulexchange untileventually,exchangesoccuronlyonce every 36 hours. In orderto make use of NTP,all that isrequiredforclientsisthattheydownloadthe currentNTP distribution.The distributioninstallsseveral programs,the mostimportantof whichare ntpd (NTP daemon), ntpq (NTPquery),and ntpdate. ntpd isanoperatingsystemdaemonwhichdealswiththe regularoperationof NTP,namelysynchronizationandnormal operationpollingintervals.Itiscapable of settingthe systemclockandfrequencyafterithassuccessfullysynchronizedwithan NTPserver. ntpq is a utilityprogramusedmainlytocheckthe status of an NTP connectionanddiagnose connectionissues. Finally, ntpdateisusedtoretrieve the date fromanNTP serverandsetthe systemclockwithouthaving to go throughthe synchronizationprocess.Onlyone query/replyexchange isrunby ntpdate,andthe resultof the queryisautomaticallyusedtosetthe systemclock. ntpdate,like ntpq,ismainlyusedfor debuggingpurposes. AuthenticatedNTP: AuthenticatedNTPwasintroducedin ordertoensure the securityof timinginformationacross computernetworks.Manycontrol systemshave verysmall toleranceswhenitcomestotime synchronization,soevensmall discrepanciesbetweenthe variousdevices’timescancause catastrophic failure.Since the onlyformof securitywhichthe base formof NTPoffersisprotectionfrompacketloss
and replays,AuthenticatedNTPwasaddedasan additiontoNTP inorderto provide some measure of security. The main advantage of usingAuthenticatedNTP isthe incorporationof anAutokeypublickey algorithm. The Autokeyauthenticationschemeinvolvesthe use of digital certificatestoverifyachainof verifiedNTPserversandapublickeycryptographyscheme.Atthe start of everyAuthenticatedNTP session,clientsrequestaseriesof digital certificates.The chainof certificatesstartswithaTrustedHost (TH),usuallyaStratum 1 server.The TH’scertificate isself-signed,andsorepresentsthe startof the certificate chain. AnyStratum2 servers connectedtoa TH in turnreceive acertificate signedbythe TH. Stratum3 serversreceive certificatessignedbythe Stratum2 serverstheyare connectedto,and so on. NTP clientsreceive acopyof each certificate inthe chainleadingbacktothe TH fromwhichthe timing informationisderived. Once the certificate chainhasbeenresolved,NTPclientsrequestacookie fromthe server. Cookiesare 32 bitsequencesgeneratedusingaclient’spublickeyanda server’sprivate key andare usedto authenticate packetssentfrom the client.Inadditiontousingitsownprivate keytogenerate the cookie,serversuse asequence calledthe serverseedinthe formationof the cookie.The serverseed isnot sharedwiththe publicandso representsasecretknown onlytothe server. Thisfact is important because itmeansthe serverseed isthe onlypiece of information usedtoauthenticatepackets which cannot be gatheredsimplybymonitoringnetworktrafficbetweenanNTPclientandanNTP server. The Autokey authenticationprocessisdetailedinthe figure below:
As previouslymentioned,the cookieisa32 bitsequence generatedusingthe clientpublickey, the serverprivate key,andthe serverseed.Ithasthe followingformat: Cookie = MSBs32 (H (Client-IP||Server-IP|| 0 || ServerSeed)),e.g. Cookie = EClient(MSBs32 (H (Client-IP||Server-IP|| 0 || ServerSeed))) Remark:|| = Concatenation,H= hashfunction(MD5 or SHA1) Remark:The serverisstatelessandhastorecalculate cookie wheneveraclientcontacts it Remark:The ServerSeedis32 bitlong.It issharedfor all clientcookiesandchangedevery24 hrs. Duringnormal NTP operation,the cookie isincorporatedinto the NTPpacketinorderto authenticate the source: NTP Packet = NTP-Payload|| KeyId || MAC Remark:the NTP payloadisnotencryptedandis easilyreadable Message AuthenticationCode (MAC) = H (Autokey|| NTP-Payload) KeyIdis128 bitslongand pickedbythe clientat the start of everyNTPsession. Autokeyis128 bitlongand calculatedasfollows: Autokey= H (Sender-IP||Receiver-IP||KeyID || Cookie) The Autokeyauthenticationschemeisnotinvulnerable.One particularexploitwhichwas discoveredbycomputerscience academicsrecentlytakesadvantage of the factthatthe cookie,which containsthe onlybitof informationwhichcan’tbe collectedbyobservingnormal NTPtraffic,isonly32 bitslong.Anattacker whoattemptsto brute force thissequence bybombardingthe serverwithbogus requestscansuccessfullyguessthe cookie inabout10 minutes. Demonstratingthisparticularexploit was the subjectof our projectsoI will describe how suchanattack isconducted. In thisattack, we assume thatan NTP connectionhasbeenestablishedbetweenaclientanda server,thatthe Autokeyauthenticationsequence hasalreadyoccurred,andthatthe clientisalready synchronizedtothe server.WhenaMitM entersthe scene andbeginstosniff the packets being exchangedbetweenthe clientandserver,three piecesof informationare readilyavailable tohim.By justsniffingthe UDPpacketsexchangedbythe clientandserver,the MitMcan determinethe client’sIP address,the server’sIPaddress,andthe keyID. Since the ultimate goal of the MitMis to convince the clientthatit isthe legitimate NTPserversothat itcan feedthe clientfalse timinginformation,the only piece of informationthe MitMneedsatthispointinorder to masquerade asthe serveristhe cookie. The cookie isnot easilyreadable bythe MitMbecause itis runthrougha hashfunctiontocreate the Autokeysequence andthenthroughanotherhashfunctiontocreate the MAC. Since hashfunctionsare one-directioncalculations,itwouldtake atremendousamountof efforttodetermine the cookiefrom the MAC. However,the cookie isonly32 bitslong.Knowingthis,the MitMcan use the informationhe’s alreadygatheredthroughsniffingnetworktraffictoforge NTPclientrequestsforthe currenttime.The MitM’s goal at thispointisto keepsendingforgedclientrequestsuntil he brute forces,orguesses
correctlythroughtrial and error,the cookie sequence. Itwasestimatedbymyadvisorthatthe process of brute forcingthe cookie wouldonlytake about10 minutes. Once the attacker managesto determinethe correctcookie sequence,the onlythinglefttodo isto performan ARPpoisoningattacksothat all requestsaimedatthe legitimate NTPserverare instead directedatthe attacker’smachine.There are manyapplicationsreadilyavailable onthe webtoperform ARPpoisoningattacks,sothisisnot a particularlydifficultfeat.However,once the ARPpoisoningattack iscomplete,the MitMisfree to feedthe NTPclientwhatevertiminginformationhe wantstoand therebywrecksystemswhichrelyonaccurate time synchronization. A diagramof thiskindof attack isgiven below: Stage 1: Duringthe initial planningstagesof thisproject,ourgroupdecidedthat the projectwouldbe brokenupintotwo distinctstages,Stage 1 andStage 2. The objective of Stage 1was to setup a testing environmentinwhichwe couldlaterexecuteaMitMattack whichdemonstratedthe securityflaw in AuthenticatedNTPdetailedpreviously.
I was responsible for planningoutand completingStage 1.My initial planforStage 1 involvedestablishingan NTP connectionbetween twovirtual machinesand thenmonitoringthe NTP trafficpassingbetween themusingWireshark,a packetsniffingprogram, installed onthe hostOS (see diagramat right). My decisionto use virtual machinesforStage 1 was influencedbythree factors.First,Ihave hada greatdeal of experience settingupandusingvirtual machinesinmypreviousinternships,soIwasconfidentinmy abilitytosetStage 1 up quickly.Second,Iwantedtocontainthe projectentirelywithinmylaptopso that my partnerand I couldworkon the projectwithouthavingtoworryaboutwhenthe labswere open.Third,I knewfrompreviousexperience thatvirtual machinesare veryeasytomanipulate andthe abilitytocreate snapshotsof theircurrentstate wouldallow ustorecoveraftererrors far more quickly than if we had usedseparate computersforeachof the elementsinStage 1. To create the virtual machinesandthe virtual networkwhichwouldbindStage 1together,I useda piece of software calledVMWare.VMWare allowsuserstocreate virtual machines(VMs)from diskimagesandmanage themwithvarioustoolsandfeatures.The mostimportantmanagementtool for our purposeswasthe snapshottool,whichallowedustosave the currentstate of the virtual machine andrecoverback to previousonesif anerrorarose.VMWare alsoprovidesthe capabilitytoset up virtual networks.Three defaultvirtual networksare createdbyVMWare uponinstallation:ahost- onlynetwork,aNATnetwork,anda bridgednetwork.WhenaVMis created,the usercan choose which virtual networktoconnectthe VMto. VMWare will automaticallycreate avirtual networkadapter connectingthe VMtothe desiredvirtual network once the installationprocessiscomplete. VMWare alsocreatesa virtual DHCP serverforeach of the three networkstoassignIPaddressestoall machines participatingineachnetwork. In the VMWare documentation,itsaysthatwheneveraVMisconnectedtoone of the three defaultvirtual networks,the VMisautomaticallyconnectedtothe virtual switchassignedtothat network.However,IfiguredoutearlyonthroughresearchingVMWare thatthe virtual switchthe documentationsaysitconnectsVMsto inrealityoperateslike avirtual hub.Thisisbecause like ahub, thisvirtual switchautomaticallycopiesall incomingpacketsandsendsacopyout to all of the machines connectedtoit.This isimportantto note since itplaysa keyrole inthe operationof Stage 1. I chose to set upStage 1 on the defaultNATnetworksince itwasthe onlydefaultnetwork whichwouldallowVM’stohave access tothe external networkandtothe host OS.In the default bridgednetwork,the hostOSisnot givenavirtual networkadapter,andsocannot be accessedbythe VMs participatinginthe network.The host-onlyvirtualnetworkisalsolimitedinthatitcuts off VMs
fromthe external network. Since NTPserversmustreceivetiminginformationthroughaserverchain leadingbackto a Stratum1 server,the NTPserverwhichIwouldsetup had to have accessto the external network.Bridgednetworkingwasrejectedbecause Ididnotwantto have to create more VM’s than necessary,sothe defaultvirtual NATnetworkwasthe onlyoptionleft. Once it wasset up,Stage 1 wouldconsistof twovirtual machinesandthe hostoperating system.One of the virtual machineswouldrunthe NTPserverapplicationandreceive timing informationfromanestablishedNTPserveratNational Universityof IrelandGalway(NUIGalway) by accessingthe external networkthroughthe NATdevice.The secondVMwouldbe setupas an NTP client,andreceive timinginformationfromthe otherVM.Wiresharkwouldthenbe installedonthe host OS and would monitorall networktrafficonthe virtual network.The reasonthatWiresharkwouldbe able to see all trafficonthe virtual networkisbecause the virtual hubatthe centerof the network wouldcopyeverypacketroutedthroughitto the host OS,effectivelyallowingWirehsharkto“see”the trafficbetweenthe NTPclientandthe NTPserver. Thissetupwouldserve asa jumpingoff pointforStage 2 since,if Wiresharkcouldindeedseeall of the networktrafficonthe virtual network,thenwe couldeventuallyreplace WiresharkwithaMitM- style attacker.The exploitdescribedearlieronlyrequiresthatthe attackerbe able to sniff the NTP packetstravellingbetweenthe clientandserverandbe able toinjectpacketsintothe network.If Wiresharkcouldsee the packetsanattacker wouldwantto sniff,thenwe couldeventuallyreplace Wiresharkwiththe attacker. Stage 2: In Stage 2, our group wouldmodifyStage 1and demonstrate the AuthenticatedNTPexploit detailedinthe “AuthenticatedNTP”section.Thoughwe didnotultimatelycompleteStage 2,I researchedhowitcouldbe achieved. My planwasto downloadapiece of software calledScapyontothe hostOS. Scapyis a program capable of packetsniffingaswell ascustompacketcreationandinjection. UsersinteractwithScapy throughPython code,allowingthe usertofine tune itsfunctions.A pythonscriptcouldtheoreticallybe writtentoperformall of the functionsof the attacker,such as sniffingthe NTPtrafficbetweenthe client and serverto pick upeasilyavailableinformationandcraftingbogusrequestsinordertobrute force the cookie.Toperformthe ARPpoisoningattackfollowingthe determinationof the cookie,anotherpieceof opensource software,Ettercap,couldbe used.Ettercapis a network security tool withawide range of featuresforconductingMitMattacks onlocal area networks.One suchfeature allowsuserstoquickly performARPpoisoningattacksandtherebyredirectnetworktrafficdestinedforone machine to another. Once the cookie wasdeterminedusingScapyandan ARPpoisoningattackconductedusing Ettercap,we couldthenuse Scapyto feedthe NTPfalse timinginformation.Thiswouldbe achievedby craftingNTP packetsusingthe publicinformationdeterminedearlier, the knownAutokeyhash functions,the cookie,andwhateverNTPpayloadwe chose.The clientwouldthensetitsclockusingthe falsifiedtiminginformation,markingthe successful completionof the MitMattack. Progress:
Duringthe firstweekanda half of the project,DeclanandI performedagreat deal of research and I attemptedtogetStage 1 up andrunning.Since Declanhadn’tbeenexposedtocomputer networkingpreviously,Idevelopedalistof topicsincomputernetworkingwhichhe couldinvestigatein orderto helphimunderstandourproject.While he workedonthatforthe firstweekanda half,Itook charge of planninghowStage 1 wouldworkand plannedouthow Iwouldsetit up.I familiarizedmyself withVMWare,especiallyhowthe virtual networksitcreateswork,anddidsome preliminaryresearch intohowNTP worksto informmyplanning. Once I had begunto setup Stage 1 however,Ibegantorun intothe bugsthat would plague me for weeksafterwards.Manyof these issueswere resolvedbylearninghow toadd andmodifyrulesin Fedora19’s kernel firewall,knownasiptables,andhow toaddexceptionstoWindowsFirewall.This researchgot me to the pointwhere bothof the Fedora19 virtual machinesIhadsetup were able to pingone another, andboth of the VMswere able to pingthe hostOS. The real trouble beganwhenIattemptedtosetupan NTP serveronone of the VMs.As previouslymentioned,NTPhasa hierarchical structure,meaningthatall NTPserversare connectedback to a Stratum 1 serverthrougha chainof servers.My firstattemptsat synchronizingmyservertoan establishedNUIGalwayNTPserverdidnotsucceed,forcingme todelve deeperintothe NTP documentation.Ispentaweeklearninghow todiagnose NTPconnectionswiththe ntpq andntpdate commands,butstill couldnotfigure outwhyI was unable tosynchronize myserverwiththe NUIGNTP server. At thispoint,IcalleduponMichael Schukatforadvice. He theorizedthatmyNTP serverwas unable toreceive repliesfromthe NUIGalwayNTPserverbecause theirNTPserverexistedoutside the universityfirewall.The replieswhichthe NUIGalwayNTPserversentbackto myserverwere being interceptedbythe firewall.Tofix this,Michael broughtdownacellularrouterwhichwould allowmy laptopto connectto the internetoverthe local cellularnetwork.Thisway,Icouldbypassthe university firewall andcontactthe NUIG serverdirectly. The use of the cellularrouterallowedmyservertosuccessfullysynchronize withthe NUIG serverafterseveral daysof trial anderror. However,thiswasnota long-termsolutionsince Michael had onlypurchasedone gigabyte of datafor the cellularrouterandI wasfast approachingthe limitduring testing.HughMelvinsteppedinatthatpoint and setup an NTPserverwithinthe NUIGfirewall withthe hopesthatI couldsynchronize withthatoverthe NUIG campuswifi withoutworryingaboutthe campus firewall. SynchronizationbetweenmyNTPserverandHugh’sNTPserverdidnotoccur overthe next weekof testing.Michael wasawaythatweekandHugh Melvinhadpressingmatterstoattendto so I was lefttotry to debugthe issue myself.Several daysof testingvariousNTPconfigurationfilesetups and trawlingthe internetforanswersleadtoan importantdiscovery.Once Ihadbeguntoexplore the variousoptionswhichcouldbe appendedontothe ntpq andntpdatecommands,IdiscoveredthatIwas able to retrieve the date fromHugh’sNTPbyspecifyingthatthe requestbe sentoveranunrestricted port. Anyportnumberabove 1024 isconsideredunrestrictedandanyportnumberbelow orincluding 1024 restricted.Since NTPnormallysendsrequestsfromport123, addingthe –u optionto the ntpdate commandforcedthe requesttobe sentonan unrestricted portnumber,andforan unknownreason, that allowedme toretrieve the date.AfterconsultingbothHughMelvinandProfessorChuahaboutthis, I was leadtobelieve thatthe issue laysomewhere inVMWare’ssetupof the virtual network.
I studiedthe VMWare documentationandinternetforumsforseveraldaysbutcouldnotfindan answer.Idid howeverlearnhowthe NATdevice whichallowedthe VM’stoconnectto the external networkworked,andevenlearnedhowtoaddcustomrulesto the NAT device.Whenaddingcustom rulesfailedtoproducedresults,Iresignedtothe factthat the VMWare documentationwasnotdetailed enoughformy purposesandthatI wouldhave to rethinkhow Iwas goingto setup Stage 1. My newplanforStage 1 involvedswitchingthe rolesof the VM’sand the hostOS. Insteadof tryingto synchronize anNTPserverona VMto an NUIG NTPserver,I decidedinsteadtosetupan NTP serveronmy hostOS and thenhave one of the VM’sreceive timinginformationfromthat.Ihad discoveredthatwhile the VM’swere havingdifficultysynchronizingtothe NUIG NTPservers,myhost OS wasable to synchronize withHugh’sserverwithnodifficultywhatsoever.Thisfindinginconjunction combinedwiththe discoveryof apiece of opensource software whichwassupposedtofix time synchronizationissuesacrossNATdevicesleadme tobelieve thatthissetupwouldwork. The role of the attacker wouldtherefore be switchedovertothe secondVMsince itwouldbe able to monitorall of the networktrafficbetweenthe NTPclientVMandthe hostOS justas easilyasthe hostOS was able tomonitorthe trafficbetweenthe twoVM’s.A diagramof thissetupisincluded onthe here: Aftera twodays of tweakingandtroubleshooting,Imanagedtosynchronize the NTPclientVM withmyhost OS,and runningWiresharkinside the secondVMprovedthatitcouldindeedsee the NTP trafficpassingbetweenthe NTPclientVMandthe hostOS. Stage 1 was now complete. The setupof Stage 1 tookuntil the 15th of July,leavinguswithlessthanaweekto workon Stage 2. With the remainingtime,Iresearchedwhatpiecesof software wouldbe necessarytocomplete Stage 2 and howto create customnetworkpackets.Ididnot ultimatelyfinishStage 2,but I hada veryfirm ideabythe endof howI wouldcomplete it.
As a final note onthe workthat I didthis summer,Ialsotookresponsibilityforplanningoutthe final presentationwhichDeclanandIgave to Michael Schukatand Hugh Melvinandwrote tenof the thirteenslidesinvolvedinthe PowerPoint,includingtwoexplanatorydiagrams. Summary: Duringthe sevenweeksspentworkingonthisproject,mypartnerandI put ina greatdeal of efforttowardsachievingourprojectobjectives.Thoughwe didnotultimatelyrealizeourgoal of demonstratingasecurityflawinAuthenticatedNTP,we made importantgainsinmanyareas.Both Declanand I learnedagreat deal aboutNetworkTime Protocol,computernetworking,andvarious software toolsduringthe course of the project.The longand arduoustroubleshootingprocessIwent throughto complete Stage 1 leftme withanin-depthunderstandingof how the NTPprogramsworks, howVMWare’svirtual networksare setup,and how to diagnose networkconnectionissues.Inaddition, I was alsoexposedtothe innerworkingsof AuthenticatedNTPandplannedouthow ourgroupwouldgo aboutperformingaMitM-style attack. Thanksto all of the supportwe receivedfromMichael Shukat,HughMelvin,andProfessor Chuah,Declanand I were able toshowcase a functional Stage 1at the endof the summerand demonstrate afirmunderstandingof how the systemworked.We have alsoleftthe projectinsucha waythat it can be continuedinthe future byNUIGalwaystudents.Futureworkonthe projectbysuch studentswill mostlikelyinclude the completionof Stage 2, so thoughour time withthe projecthas come to a close,the workthatwe have done will helptoeducate the computerscience students which followbehindus.

Recommended

Network Time Synchronization
Network Time SynchronizationNetwork Time Synchronization
Network Time SynchronizationBen Rothke
 
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCAN
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCANADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCAN
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCANIJNSA Journal
 
Analytical Research of TCP Variants in Terms of Maximum Throughput
Analytical Research of TCP Variants in Terms of Maximum ThroughputAnalytical Research of TCP Variants in Terms of Maximum Throughput
Analytical Research of TCP Variants in Terms of Maximum ThroughputIJLT EMAS
 
Pres_FORENSECURE
Pres_FORENSECUREPres_FORENSECURE
Pres_FORENSECURERobert Waziak Jr.
 
Entropy based DDos Detection in SDN
Entropy based DDos Detection in SDNEntropy based DDos Detection in SDN
Entropy based DDos Detection in SDNVishal Vasudev
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
Cldap threat-advisory
Cldap threat-advisoryCldap threat-advisory
Cldap threat-advisoryAndrey Apuhtin
 
Time-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerTime-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerLippo Group Digital
 

Recommended

Network Time Synchronization
Network Time SynchronizationNetwork Time Synchronization
Network Time SynchronizationBen Rothke
 
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCAN
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCANADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCAN
ADRISYA: A FLOW BASED ANOMALY DETECTION SYSTEM FOR SLOW AND FAST SCANIJNSA Journal
 
Analytical Research of TCP Variants in Terms of Maximum Throughput
Analytical Research of TCP Variants in Terms of Maximum ThroughputAnalytical Research of TCP Variants in Terms of Maximum Throughput
Analytical Research of TCP Variants in Terms of Maximum ThroughputIJLT EMAS
 
Pres_FORENSECURE
Pres_FORENSECUREPres_FORENSECURE
Pres_FORENSECURERobert Waziak Jr.
 
Entropy based DDos Detection in SDN
Entropy based DDos Detection in SDNEntropy based DDos Detection in SDN
Entropy based DDos Detection in SDNVishal Vasudev
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
Cldap threat-advisory
Cldap threat-advisoryCldap threat-advisory
Cldap threat-advisoryAndrey Apuhtin
 
Time-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerTime-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerLippo Group Digital
 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Praveen Joshi
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design reportRaj Gupta
 
Tcp performance simulationsusingns2
Tcp performance simulationsusingns2Tcp performance simulationsusingns2
Tcp performance simulationsusingns2Justin Frankel
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design reportAbhishek Datta
 
Ijnsa050211
Ijnsa050211Ijnsa050211
Ijnsa050211IJNSA Journal
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
 
Tugas komjar 7-yee
Tugas komjar 7-yeeTugas komjar 7-yee
Tugas komjar 7-yeeramasatriaf
 
Tcp Anonymous Authenticated ID
Tcp Anonymous Authenticated IDTcp Anonymous Authenticated ID
Tcp Anonymous Authenticated IDJim MacLeod
 
Security in Large Networks by Raja Velampalli
Security in Large Networks by Raja VelampalliSecurity in Large Networks by Raja Velampalli
Security in Large Networks by Raja VelampalliRaja Velampalli
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
Chapter 3. sensors in the network domain
Chapter 3. sensors in the network domainChapter 3. sensors in the network domain
Chapter 3. sensors in the network domainPhu Nguyen
 
An internet worm early warning system
An internet worm early warning systemAn internet worm early warning system
An internet worm early warning systemUltraUploader
 
Ab26180184
Ab26180184Ab26180184
Ab26180184IJERA Editor
 
Virtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource UtilizationVirtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource Utilizationidescitation
 
Unveiling-Patchwork
Unveiling-PatchworkUnveiling-Patchwork
Unveiling-PatchworkBrandon Levene
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Shoaib
ShoaibShoaib
ShoaibMohammed Shoaib Khan
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 
Informal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIPInformal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIPvanhoefm
 
Intermediate Capistrano
Intermediate CapistranoIntermediate Capistrano
Intermediate CapistranoLee Hambley
 
Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015Sidharth Singh
 
BizBiz Presentation
BizBiz PresentationBizBiz Presentation
BizBiz PresentationRob Hiscock
 

More Related Content

What's hot

Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Praveen Joshi
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design reportRaj Gupta
 
Tcp performance simulationsusingns2
Tcp performance simulationsusingns2Tcp performance simulationsusingns2
Tcp performance simulationsusingns2Justin Frankel
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design reportAbhishek Datta
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
 
Tugas komjar 7-yee
Tugas komjar 7-yeeTugas komjar 7-yee
Tugas komjar 7-yeeramasatriaf
 
Tcp Anonymous Authenticated ID
Tcp Anonymous Authenticated IDTcp Anonymous Authenticated ID
Tcp Anonymous Authenticated IDJim MacLeod
 
Security in Large Networks by Raja Velampalli
Security in Large Networks by Raja VelampalliSecurity in Large Networks by Raja Velampalli
Security in Large Networks by Raja VelampalliRaja Velampalli
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
Chapter 3. sensors in the network domain
Chapter 3. sensors in the network domainChapter 3. sensors in the network domain
Chapter 3. sensors in the network domainPhu Nguyen
 
An internet worm early warning system
An internet worm early warning systemAn internet worm early warning system
An internet worm early warning systemUltraUploader
 
Virtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource UtilizationVirtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource Utilizationidescitation
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 
Informal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIPInformal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIPvanhoefm
 
Intermediate Capistrano
Intermediate CapistranoIntermediate Capistrano
Intermediate CapistranoLee Hambley
 

What's hot (20)

Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design report
 
Tcp performance simulationsusingns2
Tcp performance simulationsusingns2Tcp performance simulationsusingns2
Tcp performance simulationsusingns2
 
CS 6390 Project design report
CS 6390 Project design reportCS 6390 Project design report
CS 6390 Project design report
 
Ijnsa050211
Ijnsa050211Ijnsa050211
Ijnsa050211
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysis
 
Tugas komjar 7-yee
Tugas komjar 7-yeeTugas komjar 7-yee
Tugas komjar 7-yee
 
Tcp Anonymous Authenticated ID
Tcp Anonymous Authenticated IDTcp Anonymous Authenticated ID
Tcp Anonymous Authenticated ID
 
Security in Large Networks by Raja Velampalli
Security in Large Networks by Raja VelampalliSecurity in Large Networks by Raja Velampalli
Security in Large Networks by Raja Velampalli
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDN
 
Chapter 3. sensors in the network domain
Chapter 3. sensors in the network domainChapter 3. sensors in the network domain
Chapter 3. sensors in the network domain
 
An internet worm early warning system
An internet worm early warning systemAn internet worm early warning system
An internet worm early warning system
 
Ab26180184
Ab26180184Ab26180184
Ab26180184
 
Virtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource UtilizationVirtual Machine Incorporated Sharing Model for Resource Utilization
Virtual Machine Incorporated Sharing Model for Resource Utilization
 
Unveiling-Patchwork
Unveiling-PatchworkUnveiling-Patchwork
Unveiling-Patchwork
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Shoaib
ShoaibShoaib
Shoaib
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap Discovery
 
Informal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIPInformal Presentation on WPA-TKIP
Informal Presentation on WPA-TKIP
 
Intermediate Capistrano
Intermediate CapistranoIntermediate Capistrano
Intermediate Capistrano
 

Viewers also liked

Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015Sidharth Singh
 
BizBiz Presentation
BizBiz PresentationBizBiz Presentation
BizBiz PresentationRob Hiscock
 
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...Mallory Johnson
 
Report annual event Linking students and NGOs 8 Oct 2015
Report annual event Linking students and NGOs 8 Oct 2015Report annual event Linking students and NGOs 8 Oct 2015
Report annual event Linking students and NGOs 8 Oct 2015Rosanne Anholt
 
Behavioral Conformance of Artifact-Centric Process Models
Behavioral Conformance of Artifact-Centric Process ModelsBehavioral Conformance of Artifact-Centric Process Models
Behavioral Conformance of Artifact-Centric Process ModelsDirk Fahland
 
The Process of Process Modeling
The Process of Process ModelingThe Process of Process Modeling
The Process of Process ModelingDirk Fahland
 
The circulatory system 2
The circulatory system 2The circulatory system 2
The circulatory system 2sbarragaan
 
NTP Project Presentation
NTP Project PresentationNTP Project Presentation
NTP Project PresentationAndrew McGarry
 
PDF Digital signatures
PDF Digital signaturesPDF Digital signatures
PDF Digital signaturesBruno Lowagie
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreClubHack
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoMike Chapple
 
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...Ben Rothke
 
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESSPRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESSpattok
 
Basic ntp configuration
Basic ntp configurationBasic ntp configuration
Basic ntp configurationRaghu nath
 
Slug 2009 06 SELinux For Sysadmins
Slug 2009 06 SELinux For SysadminsSlug 2009 06 SELinux For Sysadmins
Slug 2009 06 SELinux For SysadminsPaulWay
 
Medicina
Medicina Medicina
Medicina dulovci
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policyeverestsky66
 
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE Varshapadman
 

Viewers also liked (20)

Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015Cup shup discussion materials_coupondunia case study_feb2015
Cup shup discussion materials_coupondunia case study_feb2015
 
BizBiz Presentation
BizBiz PresentationBizBiz Presentation
BizBiz Presentation
 
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...
The Importance of a Quality Reporting Process in a Pay-for-Performance Enviro...
 
Report annual event Linking students and NGOs 8 Oct 2015
Report annual event Linking students and NGOs 8 Oct 2015Report annual event Linking students and NGOs 8 Oct 2015
Report annual event Linking students and NGOs 8 Oct 2015
 
Behavioral Conformance of Artifact-Centric Process Models
Behavioral Conformance of Artifact-Centric Process ModelsBehavioral Conformance of Artifact-Centric Process Models
Behavioral Conformance of Artifact-Centric Process Models
 
The Process of Process Modeling
The Process of Process ModelingThe Process of Process Modeling
The Process of Process Modeling
 
The circulatory system 2
The circulatory system 2The circulatory system 2
The circulatory system 2
 
NTP Project Presentation
NTP Project PresentationNTP Project Presentation
NTP Project Presentation
 
PDF Digital signatures
PDF Digital signaturesPDF Digital signatures
PDF Digital signatures
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and Careto
 
RHEL6 - Rh255
RHEL6 - Rh255RHEL6 - Rh255
RHEL6 - Rh255
 
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...
The Time Is Now The Convergence Of Networks, Time Synchronization And Inform...
 
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESSPRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS
PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS
 
Conoce la Biblioteca de Ciencias Sociales
Conoce la Biblioteca de Ciencias SocialesConoce la Biblioteca de Ciencias Sociales
Conoce la Biblioteca de Ciencias Sociales
 
Basic ntp configuration
Basic ntp configurationBasic ntp configuration
Basic ntp configuration
 
Slug 2009 06 SELinux For Sysadmins
Slug 2009 06 SELinux For SysadminsSlug 2009 06 SELinux For Sysadmins
Slug 2009 06 SELinux For Sysadmins
 
Medicina
Medicina Medicina
Medicina
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
 
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE
DIFFERENT APPROACHES OF CONTENT ORGANIZATION IN SOCIAL SCIENCE
 

Similar to NTP Final Report

raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31John Wu
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpOlli-Pekka Niemi
 
Tta protocolsfinalppt-140305235749-phpapp02
Tta protocolsfinalppt-140305235749-phpapp02Tta protocolsfinalppt-140305235749-phpapp02
Tta protocolsfinalppt-140305235749-phpapp02Hrudya Balachandran
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTREcscpconf
 
5th KuVS Meeting
5th KuVS Meeting5th KuVS Meeting
5th KuVS Meetingsteccami
 
Replay of Malicious Traffic in Network Testbeds
Replay of Malicious Traffic in Network TestbedsReplay of Malicious Traffic in Network Testbeds
Replay of Malicious Traffic in Network TestbedsDETER-Project
 
Command Transfer Protocol (CTP) for Distributed or Parallel Computation
Command Transfer Protocol (CTP) for Distributed or Parallel ComputationCommand Transfer Protocol (CTP) for Distributed or Parallel Computation
Command Transfer Protocol (CTP) for Distributed or Parallel Computationpaperpublications3
 
Ntp in Amplification Inferno
Ntp in Amplification InfernoNtp in Amplification Inferno
Ntp in Amplification InfernoSriram Krishnan
 
Synchronization For High Frequency Trading Networks: A How To Guide
Synchronization For High Frequency Trading Networks: A How To GuideSynchronization For High Frequency Trading Networks: A How To Guide
Synchronization For High Frequency Trading Networks: A How To Guidejeremyonyan
 
Network time protocol
Network time protocolNetwork time protocol
Network time protocolMohd Amir
 
A network behavior analysis method to detect this writes about a method to ...
A network behavior analysis method to detect this writes about a method to ...A network behavior analysis method to detect this writes about a method to ...
A network behavior analysis method to detect this writes about a method to ...Thang Nguyen
 
IJSRED-V1I1P2
IJSRED-V1I1P2IJSRED-V1I1P2
IJSRED-V1I1P2IJSRED
 
Network protocols
Network protocolsNetwork protocols
Network protocolsAbiud Orina
 
Improved SCTP Scheme To Overcome Congestion Losses Over Manet
Improved SCTP Scheme To Overcome Congestion Losses Over ManetImproved SCTP Scheme To Overcome Congestion Losses Over Manet
Improved SCTP Scheme To Overcome Congestion Losses Over ManetIJERA Editor
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a laneSAT Publishing House
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection finalAkshay Bansal
 

Similar to NTP Final Report (20)

Seminar
SeminarSeminar
Seminar
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
 
Tta protocolsfinalppt-140305235749-phpapp02
Tta protocolsfinalppt-140305235749-phpapp02Tta protocolsfinalppt-140305235749-phpapp02
Tta protocolsfinalppt-140305235749-phpapp02
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
 
5th KuVS Meeting
5th KuVS Meeting5th KuVS Meeting
5th KuVS Meeting
 
Replay of Malicious Traffic in Network Testbeds
Replay of Malicious Traffic in Network TestbedsReplay of Malicious Traffic in Network Testbeds
Replay of Malicious Traffic in Network Testbeds
 
Command Transfer Protocol (CTP) for Distributed or Parallel Computation
Command Transfer Protocol (CTP) for Distributed or Parallel ComputationCommand Transfer Protocol (CTP) for Distributed or Parallel Computation
Command Transfer Protocol (CTP) for Distributed or Parallel Computation
 
Ntp in Amplification Inferno
Ntp in Amplification InfernoNtp in Amplification Inferno
Ntp in Amplification Inferno
 
Synchronization For High Frequency Trading Networks: A How To Guide
Synchronization For High Frequency Trading Networks: A How To GuideSynchronization For High Frequency Trading Networks: A How To Guide
Synchronization For High Frequency Trading Networks: A How To Guide
 
Network time protocol
Network time protocolNetwork time protocol
Network time protocol
 
A network behavior analysis method to detect this writes about a method to ...
A network behavior analysis method to detect this writes about a method to ...A network behavior analysis method to detect this writes about a method to ...
A network behavior analysis method to detect this writes about a method to ...
 
IJSRED-V1I1P2
IJSRED-V1I1P2IJSRED-V1I1P2
IJSRED-V1I1P2
 
Ba25315321
Ba25315321Ba25315321
Ba25315321
 
Network protocols
Network protocolsNetwork protocols
Network protocols
 
Improved SCTP Scheme To Overcome Congestion Losses Over Manet
Improved SCTP Scheme To Overcome Congestion Losses Over ManetImproved SCTP Scheme To Overcome Congestion Losses Over Manet
Improved SCTP Scheme To Overcome Congestion Losses Over Manet
 
Precision clock synchronization_wp
Precision clock synchronization_wpPrecision clock synchronization_wp
Precision clock synchronization_wp
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lan
 
TecDoc
TecDocTecDoc
TecDoc
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection final
 

NTP Final Report

  • 1. AndrewMcGarry Daniel Lopresti LehighinIreland2014 August9, 2014 Demonstrating a Security Flaw in Authenticated NTP Abstract: Thisreportdetailsa projectwhose central goal wasto explore anddemonstrate asecurityflaw inAuthenticatedNetworkTime Protocol. The particularexploitwhichthisprojectfocusedoninvolvesa Man-in-the-Middle (MitM) attackwhere the attackermasqueradesasa legitimate NTPserverafter brute forcinga 32-bit cookie generatedduringthe initialauthenticationprocess.Once the correct cookie hasbeenguessed,the attackercanthenconductan AddressResolutionProtocol (ARP)poisoning attack to directNTP trafficdestined forthe legitimate NTPservertoa target of hisor herchoice (usually the attacker’sownmachine).Thisthenallowsthe attackertofeedthe NTPclientfalse timing information,leadingtoa numberof adverse effectswhichrange frommisrepresentationof the current time to systemfailure.Control systems,suchasthose whichwouldbe usedtomonitorpowerusage ina smart grid,can be made blindif enoughmeasuringdevicesare deprivedof apropersense of time, potentiallyleadingtocatastrophicfailures. Todemonstrate thisexploit,ourgroupdecidedtosetupa small virtual computernetworkandthenconductthisattackon an AuthenticatedNTPsession establishedbetweentwoof the machines. Introduction: Duringthe 1980’s, as control andmeasurementapplicationsbecameincreasinglycomplex and computationallydemanding,theregrewaneedfora technologycapable of synchronizingtime between disparate computingdevices.Several solutionstothisproblem weredeveloped,includingGPStime synchronization,reference broadcastsynchronization,andNetworkTime Protocol.AlthoughGPSand reference broadcastsynchronizationare excellentsourcesof time,NetworkTime Protocol (NTP) isby far the most broadlyapplicablesince itcanoperate overthe wired andwirelessinternetprotocol networkscommonlyincorporatedintobuildings.Radiowavesdonotpropagate well throughdense materials,makingGPSandreference broadcastsynchronizationproblematicinbuildings andurban environments. As a resultof thisshortcoming, NTPhasbeenanextremely commonmeansof synchronizing time across computernetworksformore thana decade,anditsapplicationscontinue toevolve.The recentpushtowardssmart gridtechnology,forexample,will see the introductionof NTPintoa new domain:critical infrastructure.Smartgridtechnology promisestoimprove the efficiencyandreliability of the UnitedStatespowergridthroughthe additionof internet-enabledsensors.Ensuringthatthe varioussensorsandcontrol systemsall keepthe same time opensupawhole new range of capabilities for powergridengineers,andbecause manyof these deviceswill be internet-enabled,usingNTPto synchronize time acrossthe gridisan attractive option. It isnot however,asafe option.NTPinitsbase formhas no authenticationschemetoverify clientsorlegitimate serversandhasbeenusedasthe basisforseveral distributeddenial of service
  • 2. (DDoS) attacks overthe yearsbecause of it.The additionof Autokey,anauthenticationmechanism,lead to the adventof AuthenticatedNTP.The factthatNTP can now be setup withan authentication mechanismmakesita bettercandidate foruse incritical infrastructure,yeteventhismeasure hasnot made NTP invulnerabletoexploitation.Recentscholarshiphasuncoveredseveral attackvectors,or meansof exploitation,relatingtoAuthenticatedNTP.These discoverieshave kickedoff awave of investigationintosecurityimprovementsforAuthenticatedNTPwiththe ultimate goal of preparingit for use incritical infrastructure. ProjectGoals: The main goal of thisprojectwasto explore anddemonstrateasecurityflaw associatedwith AuthenticatedNTP. Withregards to exploration,mypartnerandI setout tolearnabout NetworkTime Protocol,its importance andhowit functions.Inaddition,we wishedtolearnhow toutilize toolscommonlyusedin computerscience researchwhilealsointroducingourselvestocomputernetworkingandnetwork security. The demonstrationportionof ourprojectinvolvedatwo-stage approach.Stage 1 wasto consistof a computernetworkfeaturinganNTPclient/serverrelationshipandthe capabilitytomonitornetwork traffic.InStage 2, we wouldconducta Man-in-the-Middle(MitM) attackwithin thisnetworkwiththe goal of spoofinganNTPclientintoacceptingthe attackeras a legitimate NTPserver. NetworkTime Protocol: NetworkTime Protocol (NTP) isanapplication-layerprotocol which allowscomputingdevicesto synchronize theirclockstoreliabletime sourcesoveranetworkconnection. NTPoperatesasahierarchy of levels,knownasstratum.The lowestlevel,Statum0,referstonational time sourcestowhichStratum 1 servers are directlyconnectedviasatellite,radio,ortelephone modem.Stratum2servers receive their timinginformationfromStratum1 servers,Stratum3 serversfromStratum2 servers,andso on. The goal of NTP isto synchronize all participatingcomputingdevicestowithinafew millisecondsof the CoordinatedUniversal Time (UTC) timescale,atimingstandardobservedbymany national laboratories.Itdoesnothowever,inherentlyaccountforregional timedifferences,so differencesintime zonesmustbe accountedforona per-userbasis.Leapsecondsare accounted for and occur approximatelyevery18months. As forthe architecture of the protocol,NTPreliesonpacketexchangesbetweenclientsand serversusingitsownsetof on-wire protocols. A dual setof poll andpeerprocessesgovernswhensuch packetsare sentandwhat happenswhentheyare received.The poll processsendsNTPpacketsata rate of one every8 secondsto 36 hoursin orderto maximize accuracyandminimize networkload.If the packetpassesa sanitycheck,the peerprocessrunsthe on-wire protocol whichreliesonfour timestamps. The timestampsare: T1 : The time of departure of the requestpacketfromthe client T2 : The time of arrival of the requestpacketatthe server T3 : The time of departure of the replypacketfromthe server
  • 3. T4 : The time of arrival of the replypacketatthe client NTP calculatesseveral values toassessthe accuracyof the time itexports basedonthese timestamps:offset,delay,jitter, frequencyerror,andstability. Perhapsthe mostimportof these four statistical valuesisthe offset,whichmeasuresthe asymmetryof the roundtriptime.If the offsetistoo high,NTPpreventsthe clientfromsynchronizingwiththe targetserver. In orderto continue toreceive timinginformationfromanNTPserver,an NTP clientmustfirst synchronize withthe server.The synchronizationprocessisaseriesof five request/receive exchanges.In each exchange,the clientfirstqueriesthe serverforthe currenttime bysendingouta UDP/IP packet containingatimestampdenotingthe time of departure(T1).Assoonasthe packetis received,the server marks downthe time at whichthe packetwasreceivedinatimestamp(T2) andadds itto the packet. The serverthenaddsan NTPtimestampcontainingthe time atwhichthe replypacketwillbe sent(T3) to the packet,and finally,the clientthenrecordsthe time atwhichthe replypacketarrives(T4) ina final timestamp.Once the clienthasreceivedandgeneratedall fourtimestamps,itcanthenperforma sanity checkon the exchange.If the testispassed,anotherexchange isallowedtooccur.Afterfive successful exchangesandsanitychecks,synchronizationisachievedandanyfurthertimestampsreceivedfromthe NTP serverare usedto setthe client’sclock. Normal operationforNTPisverysimilartothe synchronizationprocess.NTPusesUDP/IP packetsexclusivelyforinformationtransferandhasdesignatedport123 as the official NTPport. The clientandserveruse the same request/receive formatasdetailedabove,withboththe clientandserver addingNTPtimestampstothe packetuntil theyare all finallycollectedbythe client.After synchronizationthough,the offsetvalue calculatedusingthe timestampsisrunthroughanalgorithm and thenusedtoadjustthe systemclockandfrequency of the client.The onlyotherimportant difference betweensynchronizationandnormal operationisthatinnormal operation,the frequencyof exchangesdecreaseswitheachsuccessfulexchange untileventually,exchangesoccuronlyonce every 36 hours. In orderto make use of NTP,all that isrequiredforclientsisthattheydownloadthe currentNTP distribution.The distributioninstallsseveral programs,the mostimportantof whichare ntpd (NTP daemon), ntpq (NTPquery),and ntpdate. ntpd isanoperatingsystemdaemonwhichdealswiththe regularoperationof NTP,namelysynchronizationandnormal operationpollingintervals.Itiscapable of settingthe systemclockandfrequencyafterithassuccessfullysynchronizedwithan NTPserver. ntpq is a utilityprogramusedmainlytocheckthe status of an NTP connectionanddiagnose connectionissues. Finally, ntpdateisusedtoretrieve the date fromanNTP serverandsetthe systemclockwithouthaving to go throughthe synchronizationprocess.Onlyone query/replyexchange isrunby ntpdate,andthe resultof the queryisautomaticallyusedtosetthe systemclock. ntpdate,like ntpq,ismainlyusedfor debuggingpurposes. AuthenticatedNTP: AuthenticatedNTPwasintroducedin ordertoensure the securityof timinginformationacross computernetworks.Manycontrol systemshave verysmall toleranceswhenitcomestotime synchronization,soevensmall discrepanciesbetweenthe variousdevices’timescancause catastrophic failure.Since the onlyformof securitywhichthe base formof NTPoffersisprotectionfrompacketloss
  • 4. and replays,AuthenticatedNTPwasaddedasan additiontoNTP inorderto provide some measure of security. The main advantage of usingAuthenticatedNTP isthe incorporationof anAutokeypublickey algorithm. The Autokeyauthenticationschemeinvolvesthe use of digital certificatestoverifyachainof verifiedNTPserversandapublickeycryptographyscheme.Atthe start of everyAuthenticatedNTP session,clientsrequestaseriesof digital certificates.The chainof certificatesstartswithaTrustedHost (TH),usuallyaStratum 1 server.The TH’scertificate isself-signed,andsorepresentsthe startof the certificate chain. AnyStratum2 servers connectedtoa TH in turnreceive acertificate signedbythe TH. Stratum3 serversreceive certificatessignedbythe Stratum2 serverstheyare connectedto,and so on. NTP clientsreceive acopyof each certificate inthe chainleadingbacktothe TH fromwhichthe timing informationisderived. Once the certificate chainhasbeenresolved,NTPclientsrequestacookie fromthe server. Cookiesare 32 bitsequencesgeneratedusingaclient’spublickeyanda server’sprivate key andare usedto authenticate packetssentfrom the client.Inadditiontousingitsownprivate keytogenerate the cookie,serversuse asequence calledthe serverseedinthe formationof the cookie.The serverseed isnot sharedwiththe publicandso representsasecretknown onlytothe server. Thisfact is important because itmeansthe serverseed isthe onlypiece of information usedtoauthenticatepackets which cannot be gatheredsimplybymonitoringnetworktrafficbetweenanNTPclientandanNTP server. The Autokey authenticationprocessisdetailedinthe figure below:
  • 5. As previouslymentioned,the cookieisa32 bitsequence generatedusingthe clientpublickey, the serverprivate key,andthe serverseed.Ithasthe followingformat: Cookie = MSBs32 (H (Client-IP||Server-IP|| 0 || ServerSeed)),e.g. Cookie = EClient(MSBs32 (H (Client-IP||Server-IP|| 0 || ServerSeed))) Remark:|| = Concatenation,H= hashfunction(MD5 or SHA1) Remark:The serverisstatelessandhastorecalculate cookie wheneveraclientcontacts it Remark:The ServerSeedis32 bitlong.It issharedfor all clientcookiesandchangedevery24 hrs. Duringnormal NTP operation,the cookie isincorporatedinto the NTPpacketinorderto authenticate the source: NTP Packet = NTP-Payload|| KeyId || MAC Remark:the NTP payloadisnotencryptedandis easilyreadable Message AuthenticationCode (MAC) = H (Autokey|| NTP-Payload) KeyIdis128 bitslongand pickedbythe clientat the start of everyNTPsession. Autokeyis128 bitlongand calculatedasfollows: Autokey= H (Sender-IP||Receiver-IP||KeyID || Cookie) The Autokeyauthenticationschemeisnotinvulnerable.One particularexploitwhichwas discoveredbycomputerscience academicsrecentlytakesadvantage of the factthatthe cookie,which containsthe onlybitof informationwhichcan’tbe collectedbyobservingnormal NTPtraffic,isonly32 bitslong.Anattacker whoattemptsto brute force thissequence bybombardingthe serverwithbogus requestscansuccessfullyguessthe cookie inabout10 minutes. Demonstratingthisparticularexploit was the subjectof our projectsoI will describe how suchanattack isconducted. In thisattack, we assume thatan NTP connectionhasbeenestablishedbetweenaclientanda server,thatthe Autokeyauthenticationsequence hasalreadyoccurred,andthatthe clientisalready synchronizedtothe server.WhenaMitM entersthe scene andbeginstosniff the packets being exchangedbetweenthe clientandserver,three piecesof informationare readilyavailable tohim.By justsniffingthe UDPpacketsexchangedbythe clientandserver,the MitMcan determinethe client’sIP address,the server’sIPaddress,andthe keyID. Since the ultimate goal of the MitMis to convince the clientthatit isthe legitimate NTPserversothat itcan feedthe clientfalse timinginformation,the only piece of informationthe MitMneedsatthispointinorder to masquerade asthe serveristhe cookie. The cookie isnot easilyreadable bythe MitMbecause itis runthrougha hashfunctiontocreate the Autokeysequence andthenthroughanotherhashfunctiontocreate the MAC. Since hashfunctionsare one-directioncalculations,itwouldtake atremendousamountof efforttodetermine the cookiefrom the MAC. However,the cookie isonly32 bitslong.Knowingthis,the MitMcan use the informationhe’s alreadygatheredthroughsniffingnetworktraffictoforge NTPclientrequestsforthe currenttime.The MitM’s goal at thispointisto keepsendingforgedclientrequestsuntil he brute forces,orguesses
  • 6. correctlythroughtrial and error,the cookie sequence. Itwasestimatedbymyadvisorthatthe process of brute forcingthe cookie wouldonlytake about10 minutes. Once the attacker managesto determinethe correctcookie sequence,the onlythinglefttodo isto performan ARPpoisoningattacksothat all requestsaimedatthe legitimate NTPserverare instead directedatthe attacker’smachine.There are manyapplicationsreadilyavailable onthe webtoperform ARPpoisoningattacks,sothisisnot a particularlydifficultfeat.However,once the ARPpoisoningattack iscomplete,the MitMisfree to feedthe NTPclientwhatevertiminginformationhe wantstoand therebywrecksystemswhichrelyonaccurate time synchronization. A diagramof thiskindof attack isgiven below: Stage 1: Duringthe initial planningstagesof thisproject,ourgroupdecidedthat the projectwouldbe brokenupintotwo distinctstages,Stage 1 andStage 2. The objective of Stage 1was to setup a testing environmentinwhichwe couldlaterexecuteaMitMattack whichdemonstratedthe securityflaw in AuthenticatedNTPdetailedpreviously.
  • 7. I was responsible for planningoutand completingStage 1.My initial planforStage 1 involvedestablishingan NTP connectionbetween twovirtual machinesand thenmonitoringthe NTP trafficpassingbetween themusingWireshark,a packetsniffingprogram, installed onthe hostOS (see diagramat right). My decisionto use virtual machinesforStage 1 was influencedbythree factors.First,Ihave hada greatdeal of experience settingupandusingvirtual machinesinmypreviousinternships,soIwasconfidentinmy abilitytosetStage 1 up quickly.Second,Iwantedtocontainthe projectentirelywithinmylaptopso that my partnerand I couldworkon the projectwithouthavingtoworryaboutwhenthe labswere open.Third,I knewfrompreviousexperience thatvirtual machinesare veryeasytomanipulate andthe abilitytocreate snapshotsof theircurrentstate wouldallow ustorecoveraftererrors far more quickly than if we had usedseparate computersforeachof the elementsinStage 1. To create the virtual machinesandthe virtual networkwhichwouldbindStage 1together,I useda piece of software calledVMWare.VMWare allowsuserstocreate virtual machines(VMs)from diskimagesandmanage themwithvarioustoolsandfeatures.The mostimportantmanagementtool for our purposeswasthe snapshottool,whichallowedustosave the currentstate of the virtual machine andrecoverback to previousonesif anerrorarose.VMWare alsoprovidesthe capabilitytoset up virtual networks.Three defaultvirtual networksare createdbyVMWare uponinstallation:ahost- onlynetwork,aNATnetwork,anda bridgednetwork.WhenaVMis created,the usercan choose which virtual networktoconnectthe VMto. VMWare will automaticallycreate avirtual networkadapter connectingthe VMtothe desiredvirtual network once the installationprocessiscomplete. VMWare alsocreatesa virtual DHCP serverforeach of the three networkstoassignIPaddressestoall machines participatingineachnetwork. In the VMWare documentation,itsaysthatwheneveraVMisconnectedtoone of the three defaultvirtual networks,the VMisautomaticallyconnectedtothe virtual switchassignedtothat network.However,IfiguredoutearlyonthroughresearchingVMWare thatthe virtual switchthe documentationsaysitconnectsVMsto inrealityoperateslike avirtual hub.Thisisbecause like ahub, thisvirtual switchautomaticallycopiesall incomingpacketsandsendsacopyout to all of the machines connectedtoit.This isimportantto note since itplaysa keyrole inthe operationof Stage 1. I chose to set upStage 1 on the defaultNATnetworksince itwasthe onlydefaultnetwork whichwouldallowVM’stohave access tothe external networkandtothe host OS.In the default bridgednetwork,the hostOSisnot givenavirtual networkadapter,andsocannot be accessedbythe VMs participatinginthe network.The host-onlyvirtualnetworkisalsolimitedinthatitcuts off VMs
  • 8. fromthe external network. Since NTPserversmustreceivetiminginformationthroughaserverchain leadingbackto a Stratum1 server,the NTPserverwhichIwouldsetup had to have accessto the external network.Bridgednetworkingwasrejectedbecause Ididnotwantto have to create more VM’s than necessary,sothe defaultvirtual NATnetworkwasthe onlyoptionleft. Once it wasset up,Stage 1 wouldconsistof twovirtual machinesandthe hostoperating system.One of the virtual machineswouldrunthe NTPserverapplicationandreceive timing informationfromanestablishedNTPserveratNational Universityof IrelandGalway(NUIGalway) by accessingthe external networkthroughthe NATdevice.The secondVMwouldbe setupas an NTP client,andreceive timinginformationfromthe otherVM.Wiresharkwouldthenbe installedonthe host OS and would monitorall networktrafficonthe virtual network.The reasonthatWiresharkwouldbe able to see all trafficonthe virtual networkisbecause the virtual hubatthe centerof the network wouldcopyeverypacketroutedthroughitto the host OS,effectivelyallowingWirehsharkto“see”the trafficbetweenthe NTPclientandthe NTPserver. Thissetupwouldserve asa jumpingoff pointforStage 2 since,if Wiresharkcouldindeedseeall of the networktrafficonthe virtual network,thenwe couldeventuallyreplace WiresharkwithaMitM- style attacker.The exploitdescribedearlieronlyrequiresthatthe attackerbe able to sniff the NTP packetstravellingbetweenthe clientandserverandbe able toinjectpacketsintothe network.If Wiresharkcouldsee the packetsanattacker wouldwantto sniff,thenwe couldeventuallyreplace Wiresharkwiththe attacker. Stage 2: In Stage 2, our group wouldmodifyStage 1and demonstrate the AuthenticatedNTPexploit detailedinthe “AuthenticatedNTP”section.Thoughwe didnotultimatelycompleteStage 2,I researchedhowitcouldbe achieved. My planwasto downloadapiece of software calledScapyontothe hostOS. Scapyis a program capable of packetsniffingaswell ascustompacketcreationandinjection. UsersinteractwithScapy throughPython code,allowingthe usertofine tune itsfunctions.A pythonscriptcouldtheoreticallybe writtentoperformall of the functionsof the attacker,such as sniffingthe NTPtrafficbetweenthe client and serverto pick upeasilyavailableinformationandcraftingbogusrequestsinordertobrute force the cookie.Toperformthe ARPpoisoningattackfollowingthe determinationof the cookie,anotherpieceof opensource software,Ettercap,couldbe used.Ettercapis a network security tool withawide range of featuresforconductingMitMattacks onlocal area networks.One suchfeature allowsuserstoquickly performARPpoisoningattacksandtherebyredirectnetworktrafficdestinedforone machine to another. Once the cookie wasdeterminedusingScapyandan ARPpoisoningattackconductedusing Ettercap,we couldthenuse Scapyto feedthe NTPfalse timinginformation.Thiswouldbe achievedby craftingNTP packetsusingthe publicinformationdeterminedearlier, the knownAutokeyhash functions,the cookie,andwhateverNTPpayloadwe chose.The clientwouldthensetitsclockusingthe falsifiedtiminginformation,markingthe successful completionof the MitMattack. Progress:
  • 9. Duringthe firstweekanda half of the project,DeclanandI performedagreat deal of research and I attemptedtogetStage 1 up andrunning.Since Declanhadn’tbeenexposedtocomputer networkingpreviously,Idevelopedalistof topicsincomputernetworkingwhichhe couldinvestigatein orderto helphimunderstandourproject.While he workedonthatforthe firstweekanda half,Itook charge of planninghowStage 1 wouldworkand plannedouthow Iwouldsetit up.I familiarizedmyself withVMWare,especiallyhowthe virtual networksitcreateswork,anddidsome preliminaryresearch intohowNTP worksto informmyplanning. Once I had begunto setup Stage 1 however,Ibegantorun intothe bugsthat would plague me for weeksafterwards.Manyof these issueswere resolvedbylearninghow toadd andmodifyrulesin Fedora19’s kernel firewall,knownasiptables,andhow toaddexceptionstoWindowsFirewall.This researchgot me to the pointwhere bothof the Fedora19 virtual machinesIhadsetup were able to pingone another, andboth of the VMswere able to pingthe hostOS. The real trouble beganwhenIattemptedtosetupan NTP serveronone of the VMs.As previouslymentioned,NTPhasa hierarchical structure,meaningthatall NTPserversare connectedback to a Stratum 1 serverthrougha chainof servers.My firstattemptsat synchronizingmyservertoan establishedNUIGalwayNTPserverdidnotsucceed,forcingme todelve deeperintothe NTP documentation.Ispentaweeklearninghow todiagnose NTPconnectionswiththe ntpq andntpdate commands,butstill couldnotfigure outwhyI was unable tosynchronize myserverwiththe NUIGNTP server. At thispoint,IcalleduponMichael Schukatforadvice. He theorizedthatmyNTP serverwas unable toreceive repliesfromthe NUIGalwayNTPserverbecause theirNTPserverexistedoutside the universityfirewall.The replieswhichthe NUIGalwayNTPserversentbackto myserverwere being interceptedbythe firewall.Tofix this,Michael broughtdownacellularrouterwhichwould allowmy laptopto connectto the internetoverthe local cellularnetwork.Thisway,Icouldbypassthe university firewall andcontactthe NUIG serverdirectly. The use of the cellularrouterallowedmyservertosuccessfullysynchronize withthe NUIG serverafterseveral daysof trial anderror. However,thiswasnota long-termsolutionsince Michael had onlypurchasedone gigabyte of datafor the cellularrouterandI wasfast approachingthe limitduring testing.HughMelvinsteppedinatthatpoint and setup an NTPserverwithinthe NUIGfirewall withthe hopesthatI couldsynchronize withthatoverthe NUIG campuswifi withoutworryingaboutthe campus firewall. SynchronizationbetweenmyNTPserverandHugh’sNTPserverdidnotoccur overthe next weekof testing.Michael wasawaythatweekandHugh Melvinhadpressingmatterstoattendto so I was lefttotry to debugthe issue myself.Several daysof testingvariousNTPconfigurationfilesetups and trawlingthe internetforanswersleadtoan importantdiscovery.Once Ihadbeguntoexplore the variousoptionswhichcouldbe appendedontothe ntpq andntpdatecommands,IdiscoveredthatIwas able to retrieve the date fromHugh’sNTPbyspecifyingthatthe requestbe sentoveranunrestricted port. Anyportnumberabove 1024 isconsideredunrestrictedandanyportnumberbelow orincluding 1024 restricted.Since NTPnormallysendsrequestsfromport123, addingthe –u optionto the ntpdate commandforcedthe requesttobe sentonan unrestricted portnumber,andforan unknownreason, that allowedme toretrieve the date.AfterconsultingbothHughMelvinandProfessorChuahaboutthis, I was leadtobelieve thatthe issue laysomewhere inVMWare’ssetupof the virtual network.
  • 10. I studiedthe VMWare documentationandinternetforumsforseveraldaysbutcouldnotfindan answer.Idid howeverlearnhowthe NATdevice whichallowedthe VM’stoconnectto the external networkworked,andevenlearnedhowtoaddcustomrulesto the NAT device.Whenaddingcustom rulesfailedtoproducedresults,Iresignedtothe factthat the VMWare documentationwasnotdetailed enoughformy purposesandthatI wouldhave to rethinkhow Iwas goingto setup Stage 1. My newplanforStage 1 involvedswitchingthe rolesof the VM’sand the hostOS. Insteadof tryingto synchronize anNTPserverona VMto an NUIG NTPserver,I decidedinsteadtosetupan NTP serveronmy hostOS and thenhave one of the VM’sreceive timinginformationfromthat.Ihad discoveredthatwhile the VM’swere havingdifficultysynchronizingtothe NUIG NTPservers,myhost OS wasable to synchronize withHugh’sserverwithnodifficultywhatsoever.Thisfindinginconjunction combinedwiththe discoveryof apiece of opensource software whichwassupposedtofix time synchronizationissuesacrossNATdevicesleadme tobelieve thatthissetupwouldwork. The role of the attacker wouldtherefore be switchedovertothe secondVMsince itwouldbe able to monitorall of the networktrafficbetweenthe NTPclientVMandthe hostOS justas easilyasthe hostOS was able tomonitorthe trafficbetweenthe twoVM’s.A diagramof thissetupisincluded onthe here: Aftera twodays of tweakingandtroubleshooting,Imanagedtosynchronize the NTPclientVM withmyhost OS,and runningWiresharkinside the secondVMprovedthatitcouldindeedsee the NTP trafficpassingbetweenthe NTPclientVMandthe hostOS. Stage 1 was now complete. The setupof Stage 1 tookuntil the 15th of July,leavinguswithlessthanaweekto workon Stage 2. With the remainingtime,Iresearchedwhatpiecesof software wouldbe necessarytocomplete Stage 2 and howto create customnetworkpackets.Ididnot ultimatelyfinishStage 2,but I hada veryfirm ideabythe endof howI wouldcomplete it.
  • 11. As a final note onthe workthat I didthis summer,Ialsotookresponsibilityforplanningoutthe final presentationwhichDeclanandIgave to Michael Schukatand Hugh Melvinandwrote tenof the thirteenslidesinvolvedinthe PowerPoint,includingtwoexplanatorydiagrams. Summary: Duringthe sevenweeksspentworkingonthisproject,mypartnerandI put ina greatdeal of efforttowardsachievingourprojectobjectives.Thoughwe didnotultimatelyrealizeourgoal of demonstratingasecurityflawinAuthenticatedNTP,we made importantgainsinmanyareas.Both Declanand I learnedagreat deal aboutNetworkTime Protocol,computernetworking,andvarious software toolsduringthe course of the project.The longand arduoustroubleshootingprocessIwent throughto complete Stage 1 leftme withanin-depthunderstandingof how the NTPprogramsworks, howVMWare’svirtual networksare setup,and how to diagnose networkconnectionissues.Inaddition, I was alsoexposedtothe innerworkingsof AuthenticatedNTPandplannedouthow ourgroupwouldgo aboutperformingaMitM-style attack. Thanksto all of the supportwe receivedfromMichael Shukat,HughMelvin,andProfessor Chuah,Declanand I were able toshowcase a functional Stage 1at the endof the summerand demonstrate afirmunderstandingof how the systemworked.We have alsoleftthe projectinsucha waythat it can be continuedinthe future byNUIGalwaystudents.Futureworkonthe projectbysuch studentswill mostlikelyinclude the completionof Stage 2, so thoughour time withthe projecthas come to a close,the workthatwe have done will helptoeducate the computerscience students which followbehindus.