Hello bugtraq, I published whitepaper called "Security aspects of time synchronization infrastructure". It describes some observations on very common security flaws in time synchronization infrastructure design, including (but not limited to) MS Windows Active Directory. http://www.security.nnov.ru/advisories/timesync.asp Any comments are very appreciated. -- /3APA3A