Network Time Protocol (NTP) can be abused to amplify denial-of-service attack traffic. Servers running NTP based on implementations of ntpd prior to version 4.2.7p26 that use the default unrestricted query configuration are susceptible to a reflected denial-of-service (DDoS) attack. Other proprietary NTP implementations may also be affected.

To protect your dedicated/cloud server implement one of following:
1. Update ntpd to version 4.2.7p26 or greater.
2. Disable ntpd.
3. Configure your firewall to perform egress filtering which may help mitigate attacks that use source IP spoofing. Refer to your product’s documentation for instructions on how to perform egress filtering.
4. Disable status queries or restrict access in the ntpd configuration (ntp.conf).

Leave a Reply

Your email address will not be published. Required fields are marked *