Home page logo

nanog logo nanog mailing list archives

Re: pool.ntp.org NTP servers
From: Matt Zimmerman <mdz () csh rit edu>
Date: Tue, 10 Jun 2003 16:57:29 -0400

On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote:

As a general principle, having an open UDP port exposes your network
infrastructure to either something like a NTP worm (if one was written)
or a great attack amplifier by spoofing NTP queries from a victim's IP
address.  You can search Google for other NTP specific security issues.

I don't see how a (unicast) NTP service could be used as an effective
amplifier, though it could be used to conceal the source of a ~1:1 DDoS

 - mdz

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]