An NTP amplification DoS attack exploits the Network Time Protocol (NTP) servers that will respond to remote monlist requests. The monlist function will return a list of all devices that have interacted with the server, in some cases up to as much as 600 listings. An attacker can spoof requests from a target IP address, and vulnerable servers will return very large responses for each request sent. At the time of writing this book, this is still a common threat that is currently being employed on a fairly large scale. As such, I will only demonstrate how to test NTP servers to determine if they will respond to remote monlist requests. Patches or fixes are available for most NTP services to address this problem, and any symptomatic devices should be remediated or brought offline.
KALI LINUX NETWORK SCANNING COOKBOOK
KALI LINUX NETWORK SCANNING COOKBOOK
Overview of this book
Table of Contents (16 chapters)
Kali Linux Network Scanning Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Disclaimer
Preface
Free Chapter
Getting Started
Discovery Scanning
Port Scanning
Fingerprinting
Vulnerability Scanning
Denial of Service
Web Application Scanning
Automating Kali Tools
Index
Customer Reviews