Re: [Ntp] New rev of the NTP port randomization I-D (Fwd: New Version Notification for draft-gont-ntp-port-randomization-01.txt)

Danny Mayer <mayer@pdmconsulting.net> Wed, 29 May 2019 15:23 UTC

Return-Path: <mayer@pdmconsulting.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 265401201B8 for <ntp@ietfa.amsl.com>; Wed, 29 May 2019 08:23:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NL8yxf4mZfWa for <ntp@ietfa.amsl.com>; Wed, 29 May 2019 08:23:29 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2AB312017E for <ntp@ietf.org>; Wed, 29 May 2019 08:23:29 -0700 (PDT)
Received: from l34097ous.rpega.com (unknown [198.22.153.130]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 45DZH343SQzL7T for <ntp@ietf.org>; Wed, 29 May 2019 15:23:27 +0000 (UTC)
To: ntp@ietf.org
References: <155841904754.12856.3727925672753047210.idtracker@ietfa.amsl.com> <9d21f083-4cba-1dd1-f5bb-c95984d3127b@si6networks.com> <9d74c6e3-244e-fdd7-184a-0572f4f144cd@ntp.org> <25275d68-8c18-1616-f226-dffe7e21091e@si6networks.com> <20190528174208.11253a67@rellim.com> <1a133133-5d6a-ca96-6c15-73e6933baffc@si6networks.com> <2794A95B-B118-40BD-AD60-DCB50CC32717@latt.net> <2107d74d-02da-cbd7-7a12-2837cb2e47a2@si6networks.com> <ced4c6d4-c34d-3460-eccc-b5608fbd340e@nwtime.org> <b4faacdf-3d9b-5e47-2415-276ef3d7f3af@si6networks.com> <69295233-497e-fa31-3270-691407fb6f30@nwtime.org> <15a5c387-8a44-5d7e-404b-e953a7a81737@si6networks.com>
From: Danny Mayer <mayer@pdmconsulting.net>
Message-ID: <f1b43a93-83cb-4a8a-1cbb-dcfda1e12943@pdmconsulting.net>
Date: Wed, 29 May 2019 11:23:26 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <15a5c387-8a44-5d7e-404b-e953a7a81737@si6networks.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/WSVTvnJAJXup9WPbdEp_DfwDCfk>
Subject: Re: [Ntp] New rev of the NTP port randomization I-D (Fwd: New Version Notification for draft-gont-ntp-port-randomization-01.txt)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 15:23:33 -0000

On 5/29/19 6:03 AM, Fernando Gont wrote:
> On 29/5/19 05:18, Harlan Stenn wrote:
>> On 5/29/2019 12:17 AM, Fernando Gont wrote:
>>> On 29/5/19 01:20, Harlan Stenn wrote:
>>>>
>>>> On 5/28/2019 9:37 PM, Fernando Gont wrote:
>>>>> On 28/5/19 23:20, Majdi S. Abbas wrote:
> [....]
>>> Employing predictable numeric IDs is bad practice. The current
>>> requirement (which cannot even be complied to in IPv4-NATed networks),
>>> requires a fixed well-known port for clients. i.e., the spec mandates
>>> against a BCP (port randomization) and on the well-known concept that
>>> employing predictable IDs is asking for trouble.
>> By the same token, generally applying rules without fully understanding
>> the costs/benefits and other trade-offs is bad practice.
> I understand that your implementation employs port 123 as the source
> port. You mentioned that makes the code simpler. That's probably also
> the case when using predictable IDs (e.g. resulting from a counter) vs.
> randomized ones.
>
what predictable ID's? NTP doesn't have a counter.

attackers can send any packets that they want to a port, that's at the
UDP layer. Whether or not the packet is valid is something that the
receiving client is supposed to be checking. Malformed packets are
instantly discarded and invalid origin timestamps are similarly tossed.

Your draft should be stating a useful purpose and the contents needs to
actually fulfill that purpose. All we have so far is some claim about
what port to use without showing how that is better than all of the
other safeguards already built into the NTP protocol.

Danny