pool.ntp.org NTP servers

Matt Zimmerman mdz at csh.rit.edu
Tue Jun 10 20:57:29 UTC 2003


On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote:

> As a general principle, having an open UDP port exposes your network
> infrastructure to either something like a NTP worm (if one was written)
> or a great attack amplifier by spoofing NTP queries from a victim's IP
> address.  You can search Google for other NTP specific security issues.

I don't see how a (unicast) NTP service could be used as an effective
amplifier, though it could be used to conceal the source of a ~1:1 DDoS
attack.

-- 
 - mdz



More information about the NANOG mailing list