Network Time Protocol (NTP): 123

Security Weaknesses

• Vulnerable to amplification attacks in DDoS scenarios.

• Time spoofing can disrupt systems relying on accurate timestamps.

• Lack of authentication in basic NTP configurations.

Security Defense and Mitigation Measures

• Use NTP over authenticated methods like NTS (Network Time Security).

• Restrict NTP traffic to known servers.

• Monitor for unusually large NTP responses.

Indicators of Compromise or Attack

• Unusual time synchronization errors.

• High volumes of NTP traffic from unexpected sources.

• Discrepancies in logs due to incorrect timestamps.