| < draft-ietf-ntp-mode-6-cmds-04.txt | draft-ietf-ntp-mode-6-cmds-05.txt > | |||
|---|---|---|---|---|
| Network Working Group D. Mills | Network Working Group D. Mills | |||
| Internet-Draft University of Delaware | Internet-Draft University of Delaware | |||
| Intended status: Informational B. Haberman, Ed. | Intended status: Informational B. Haberman, Ed. | |||
| Expires: September 20, 2018 JHU | Expires: September 27, 2018 JHU | |||
| March 19, 2018 | March 26, 2018 | |||
| Control Messages Protocol for Use with Network Time Protocol Version 4 | Control Messages Protocol for Use with Network Time Protocol Version 4 | |||
| draft-ietf-ntp-mode-6-cmds-04 | draft-ietf-ntp-mode-6-cmds-05 | |||
| Abstract | Abstract | |||
| This document describes the structure of the control messages used | This document describes the structure of the control messages used | |||
| with the Network Time Protocol. These control messages can be used | with the Network Time Protocol. These control messages can be used | |||
| to monitor and control the Network Time Protocol application running | to monitor and control the Network Time Protocol application running | |||
| on any IP network attached computer. The information in this | on any IP network attached computer. The information in this | |||
| document was originally described in Appendix B of RFC 1305. The | document was originally described in Appendix B of RFC 1305. The | |||
| goal of this document is to provide a historic description of the | goal of this document is to provide a historic description of the | |||
| control messages as described in RFC 1305 and any additional commands | control messages as described in RFC 1305 and any additional commands | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 20, 2018. | This Internet-Draft will expire on September 27, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 5, line 29 ¶ | skipping to change at page 5, line 29 ¶ | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | | | | | | |||
| / Authenticator (optional, 96 bits) / | / Authenticator (optional, 96 bits) / | |||
| | | | | | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| Figure 1: NTP Control Message Header | Figure 1: NTP Control Message Header | |||
| Leap Indicator (LI): This is a two-bit integer that is set to b00 for | Leap Indicator (LI): This is a two-bit integer that is set to b00 for | |||
| control message requests and responses. The Leap Indicator value | control message requests and responses. The Leap Indicator value | |||
| used as this position in mot NTP modes is in the System Status Word | used at this position in most NTP modes is in the System Status Word | |||
| provided in some control message responses. | provided in some control message responses. | |||
| Version Number (VN): This is a three-bit integer indicating a minimum | Version Number (VN): This is a three-bit integer indicating a minimum | |||
| NTP version number. NTP servers do not respond to control messages | NTP version number. NTP servers do not respond to control messages | |||
| with an unrecognized version number. Requests may intentionally use | with an unrecognized version number. Requests may intentionally use | |||
| a lower version number to enable interoperability with earlier | a lower version number to enable interoperability with earlier | |||
| versions of NTP. Responses carry the same version as the | versions of NTP. Responses carry the same version as the | |||
| corresponding request. | corresponding request. | |||
| Mode: This is a three-bit integer indicating the mode. The value 6 | Mode: This is a three-bit integer indicating the mode. The value 6 | |||
| skipping to change at page 17, line 5 ¶ | skipping to change at page 17, line 5 ¶ | |||
| o NTP as a Distributed Denial-of-Service (DDoS) vector. NTP timing | o NTP as a Distributed Denial-of-Service (DDoS) vector. NTP timing | |||
| query and response packets (modes 1-2, 3-4, 5) are usually short | query and response packets (modes 1-2, 3-4, 5) are usually short | |||
| in size. However, some NTP control queries generate a very long | in size. However, some NTP control queries generate a very long | |||
| packet in response to a short query. As such, there is a history | packet in response to a short query. As such, there is a history | |||
| of use of NTP's control queries, which exhibit such behavior, to | of use of NTP's control queries, which exhibit such behavior, to | |||
| perform DDoS attacks. These off-path attacks exploit the large | perform DDoS attacks. These off-path attacks exploit the large | |||
| size of NTP control queries to cause UDP-based amplification | size of NTP control queries to cause UDP-based amplification | |||
| attacks (e.g., mode 7 monlist command generates a very long packet | attacks (e.g., mode 7 monlist command generates a very long packet | |||
| in response to a small query (CVE-2013-5211)). These attacks only | in response to a small query (CVE-2013-5211)). These attacks only | |||
| use NTP as a vector for DoS atacks on other protocols, but do not | use NTP as a vector for DoS atacks on other protocols, but do not | |||
| affect the time service on the NTP host itself. | affect the time service on the NTP host itself. To limit the | |||
| sources of these malicious commands, NTP server operators are | ||||
| recommended to deploy ingress filtering [RFC2827]. | ||||
| o Time-shifting attacks through information leakage/overwriting. | o Time-shifting attacks through information leakage/overwriting. | |||
| NTP hosts save important system and peer state variables. An off- | NTP hosts save important system and peer state variables. An off- | |||
| path attacker who can read these variables remotely can leverage | path attacker who can read these variables remotely can leverage | |||
| the information leaked by these control queries to perform time- | the information leaked by these control queries to perform time- | |||
| shifting and DoS attacks on NTP clients. These attacks do affect | shifting and DoS attacks on NTP clients. These attacks do affect | |||
| time synchronization on the NTP hosts. For instance, | time synchronization on the NTP hosts. For instance, | |||
| * In the client/server mode, the client stores its local time | * In the client/server mode, the client stores its local time | |||
| when it sends the query to the server in its xmt peer variable. | when it sends the query to the server in its xmt peer variable. | |||
| skipping to change at page 18, line 33 ¶ | skipping to change at page 18, line 36 ¶ | |||
| deserve credit for portions of this document due to their earlier | deserve credit for portions of this document due to their earlier | |||
| efforts to document these commands. | efforts to document these commands. | |||
| 8. Normative References | 8. Normative References | |||
| [RFC1305] Mills, D., "Network Time Protocol (Version 3) | [RFC1305] Mills, D., "Network Time Protocol (Version 3) | |||
| Specification, Implementation and Analysis", RFC 1305, | Specification, Implementation and Analysis", RFC 1305, | |||
| DOI 10.17487/RFC1305, March 1992, | DOI 10.17487/RFC1305, March 1992, | |||
| <https://www.rfc-editor.org/info/rfc1305>. | <https://www.rfc-editor.org/info/rfc1305>. | |||
| [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: | ||||
| Defeating Denial of Service Attacks which employ IP Source | ||||
| Address Spoofing", BCP 38, RFC 2827, DOI 10.17487/RFC2827, | ||||
| May 2000, <https://www.rfc-editor.org/info/rfc2827>. | ||||
| [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, | [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, | |||
| "Network Time Protocol Version 4: Protocol and Algorithms | "Network Time Protocol Version 4: Protocol and Algorithms | |||
| Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, | Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, | |||
| <https://www.rfc-editor.org/info/rfc5905>. | <https://www.rfc-editor.org/info/rfc5905>. | |||
| Appendix A. NTP Remote Facility Message Format | Appendix A. NTP Remote Facility Message Format | |||
| The format of the NTP Remote Facility Message header, which | The format of the NTP Remote Facility Message header, which | |||
| immediately follows the UDP header, is shown in Figure 3. Following | immediately follows the UDP header, is shown in Figure 3. Following | |||
| is a description of its fields. Bit positions marked as zero are | is a description of its fields. Bit positions marked as zero are | |||
| End of changes. 6 change blocks. | ||||
| 6 lines changed or deleted | 13 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||