CERT mailing list archives
Network Time Protocol (NTP) Amplification Attacks
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Fri, 10 Jan 2014 13:06:36 -0600
NCCIC / US-CERT National Cyber Awareness System: Network Time Protocol (NTP) Amplification Attacks [ https://www.us-cert.gov/ncas/current-activity/2014/01/10/Network-Time-Protocol-NTP-Amplification-Attacks ] 01/10/2014 01:35 PM EST Original release date: January 10, 2014 A vulnerability in the "monlist" feature of NTP can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of this attack vector in recent DDoS attacks. US-CERT encourages users and administrators to review the CCIRC document [ http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2014/av14-001-eng.aspx ] as well as US-CERT Vulnerability Note VU348126 [ http://www.kb.cert.org/vuls/id/348126 ] for more information. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Network Time Protocol (NTP) Amplification Attacks US-CERT (Jan 10)