DDoS continues to be a resilient and dangerous attack vector. The story of 2014 has been driven by a sharp rise in NTP Reflection/Amplification DDoS Attacks. NTP is a UDP-based protocol used to synchronize clocks over a computer network. Any UDP-based service including DNS, SNMP, NTP, chargen, and RADIUS is a potential vector for DDoS attacks because the protocol is connectionless and source IP addresses can be spoofed by attackers who have control of compromised or ‘botted’ hosts residing on networks which have not implemented basic anti-spoofing measures. NTP is popular due to its high amplification ratio of approximately 1000x. Furthermore, attacks tools are becoming readily available, making these attacks easy to execute.
 
Network operators, from the ISP to the enterprise, need to be prepared for these attacks.
 
Read it to learn:

  • What is a NTP Reflection/Amplification Attack?

  • Why is a NTP Attack so Dangerous?

  • What are the Best Practices to Protect Your Availability?

DOWNLOAD THE BRIEF

Defending Against Network Time Protocol (NTP) Reflection/Amplification DDoS Attacks

Insight from Arbor Networks

All fields are required.