On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote: > As a general principle, having an open UDP port exposes your network > infrastructure to either something like a NTP worm (if one was written) > or a great attack amplifier by spoofing NTP queries from a victim's IP > address. You can search Google for other NTP specific security issues.
I don't see how a (unicast) NTP service could be used as an effective amplifier, though it could be used to conceal the source of a ~1:1 DDoS attack. -- - mdz
