10 Jun
2003
10 Jun
'03
4:57 p.m.
On Sun, Jun 08, 2003 at 12:15:19AM -0400, Sean Donelan wrote:
As a general principle, having an open UDP port exposes your network infrastructure to either something like a NTP worm (if one was written) or a great attack amplifier by spoofing NTP queries from a victim's IP address. You can search Google for other NTP specific security issues.
I don't see how a (unicast) NTP service could be used as an effective amplifier, though it could be used to conceal the source of a ~1:1 DDoS attack. -- - mdz