Port 123 UDP
NTP (Network Time Protocol) operates on Port 53 UDP, clients via this protocol are able to synchronise their time/clock to an NTP server and time source.
Network Time Protocol (NTP) is a networking protocol that is used for clock synchronisation of devices over an IP-based network, usually the internet.
To perform synchronisation an NTP client will establish communication with an NTP server, and request the current time. The protocol will also calculate latency between the client and server, so that the servers returned time considers the delay from when it was generated by the server, and received by the client
In more recent years unsecured NTP servers have been used by DDOS attackers as an amplification technique - This is where the source IP address of an NTP request is forged to be the victim IP address, and therefore the substantially larger NTP response from the server is sent to the victim, amplifying the attack, and crudely masquerading the real attacker.
314 Position 1 Contributor 5,754 Views
External Links: None yet...