nanog mailing list archives
Re: pool.ntp.org NTP servers
From: Matt Zimmerman <mdz () csh rit edu>
Date: Tue, 10 Jun 2003 16:57:29 -0400
On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote:
As a general principle, having an open UDP port exposes your network infrastructure to either something like a NTP worm (if one was written) or a great attack amplifier by spoofing NTP queries from a victim's IP address. You can search Google for other NTP specific security issues.
I don't see how a (unicast) NTP service could be used as an effective amplifier, though it could be used to conceal the source of a ~1:1 DDoS attack. -- - mdz
Current thread:
- RE: pool.ntp.org NTP servers Ejay Hire (Jun 07)
- RE: pool.ntp.org NTP servers Simon Lyall (Jun 07)
- RE: pool.ntp.org NTP servers Sean Donelan (Jun 07)
- RE: pool.ntp.org NTP servers Curtis Maurand (Jun 07)
- Re: pool.ntp.org NTP servers Paul Vixie (Jun 07)
- Re: pool.ntp.org NTP servers Robert Boyle (Jun 07)
- Re: pool.ntp.org NTP servers Sean Donelan (Jun 07)
- Re: pool.ntp.org NTP servers james (Jun 07)
- Re: pool.ntp.org NTP servers Matt Zimmerman (Jun 10)
- Re: pool.ntp.org NTP servers Robert Boyle (Jun 07)