[Full-Disclosure] Security aspects of time synchronization infrastructure

[3APA3A]

Dear 3APA3A,

--Friday, August 20, 2004, 10:21:51 AM, you wrote to mvp at joeware.net:


3> Before  Windows  2000 SP4 it was possible to set date far in future (for
3> example  to  2038). Locked accounts, expired certificates in addition to
3> "problem  2038"  (Jan,  19  2038 is maximum date value for 32 bit time_t
3> timestamp used in many C compilers). But setting date 12 hours in future
3> or 12 hours in past still can produce a lot of harm.

 Minor correction: because SNTP uses different timestamp format it's not
 possible to set date behind 2036. But it's not so important.

-- 
~/ZARAZA
Появился новый тип элементарных частиц - шкварки.
Не очень большие, слегка подгоревшие.  (Лем)