Re: pool.ntp.org NTP servers

From: Matt Zimmerman (no email)
Date: Tue Jun 10 2003 - 16:57:29 EDT

• Next message: Eric Brunner-Williams in Portland Maine: "Re: off-topic, contact needed at mac.com"
• Previous message: Leo Bicknell: "Re: High Speed IP-Sec - Summary"
• Maybe in reply to: wayne: "pool.ntp.org NTP servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote:

> As a general principle, having an open UDP port exposes your network
> infrastructure to either something like a NTP worm (if one was written)
> or a great attack amplifier by spoofing NTP queries from a victim's IP
> address. You can search Google for other NTP specific security issues.

I don't see how a (unicast) NTP service could be used as an effective
amplifier, though it could be used to conceal the source of a ~1:1 DDoS
attack.

-- 
 - mdz

• Next message: Eric Brunner-Williams in Portland Maine: "Re: off-topic, contact needed at mac.com"
• Previous message: Leo Bicknell: "Re: High Speed IP-Sec - Summary"
• Maybe in reply to: wayne: "pool.ntp.org NTP servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]