[time-nuts] NTP as vector for DDOS attacks?

Jim Lux jimlux at earthlink.net
Fri Jan 10 07:32:50 EST 2014


http://arstechnica.com/security/2014/01/dos-attacks-that-took-down-big-game-sites-abused-webs-time-synch-protocol/

Interesting.. throw requests at an NTP server that look as if they come 
from the target, prompting large responses to the victim, presumably to 
overload it.


The article talks about how the victim site can easily filter out the 
messages from the NTP server, but does not seem to discuss the 
"societal" impact of potentially screwing up a public service (the NTP 
server)


More information about the time-nuts mailing list