NTP over the Internet - how secure is it?

The diagram below shows how a standard setup for NTP over the Internet works.

Diagram of an NTP system with Stratum 1 and 2 servers, firewall protection and DDoS risk

In this scenario, a public NTP server pool (stratum 1) serves as a time reference for internal time servers. However, this configuration requires an internet connection through the firewall.

This opens up a potential security hole that could be exploited by attackers to penetrate the entire system. When using this method, not only is the time infrastructure vulnerable to cyberattacks, but time quality can also suffer in terms of accuracy and precision.

For example, network fluctuations are a major problem for public time servers: While local NTP servers are usually less affected by this as they operate within a controlled network.

The accuracy of the time depends on the customer's requirements. This requirement determines the choice of a suitable time source and the corresponding hardware.

Perhaps you are interested in other topics in addition to Public Time Server Security...

DDoS Protection

Yellow Intersec lettering Intersec, which is placed in front of the exhibition centre

Intersec 2024

View of the earth from space with sunrise in the background, showing the global satellite navigation systems

Guide to the GNSS