Description: The Network Time Protocol and the NTP reference implementation are the de facto standard for synchronizing computer clocks on the Internet. In the past year, a number of vulnerabilities have been discovered which allow attackers to use NTP to arbitrarily control the clock of a remote system. In a number of cases, software engineering choices appear to have played a role in causing or obscuring the vulnerability. In this short presentation, we'll review several recent vulnerabilities and highlight the software engineering choices that may have played a role in their origin.
Disclaimer: All opinions expressed are the speaker's personal opinions, not those of Cisco.
For More Information Please Visit:- http://www.ieee-security.org/TC/SP2016/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.