NTP can be abused to amplify denial-of-service attack traffic

ronjor · Jan 10, 2014

Overview

UDP protocols such as NTP can be abused to amplify denial-of-service attack traffic. Servers running the network time protocol (NTP) based on implementations of ntpd prior to version 4.2.7p26 that use the default unrestricted query configuration are susceptible to a reflected denial-of-service (DRDoS) attack. Other proprietary NTP implementations may also be affected
Click to expand...

http://www.kb.cert.org/vuls/id/348126

Minimalist · Jan 12, 2014

So thousands of servers running NTP will have to be updated and/or reconfigured. I guess till then we will see more Dos attacks using this protocol.

Regards, hqsec

Minimalist · Apr 29, 2014

First-quarter numbers from Arbor Networks illustrate the point that volumetric attacks, where hackers leverage open DNS resolvers and open NTP servers to launch massive attacks, are already exceeding 2013 totals. Attacks of more than 20 Gbps in Q1 have already toppled all of last year’s similar attacks by 1½ times; 72 incidents of more than 100 Gbps were tracked with the peak attack at 325 Gbps.
Click to expand...

http://threatpost.com/volume-of-ntp-amplification-attacks-getting-louder

Minimalist · May 21, 2014

I think the industry should set a goal to eliminate the NTP reflection attack before the end of 2014. I’m talking about total eradication, and I’ll tell you why I think it is possible. Although the ICS Cert was published in February of this year, the big news about NTP attacks started at the end of 2013, so it would be a real accomplishment if we can see its rise and fall within a single year.
Click to expand...

http://www.securitybistro.com/?p=8757

Minimalist · Jun 25, 2014

At the time, more than 430,000 servers could be used in attacks; that number crashed by March to just more than 21,000 and by May, a hair over 17,000 servers were still vulnerable, according to research released today by security company NSFocus.
Click to expand...

http://threatpost.com/dramatic-drop-in-vulnerable-ntp-servers-used-in-ddos-attacks

Log in or Sign up

NTP can be abused to amplify denial-of-service attack traffic

ronjor Global Moderator

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Log in or Sign up

NTP can be abused to amplify denial-of-service attack traffic

ronjor Global Moderator

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Useful Searches