Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Overview of this book

Table of Contents (16 chapters)
Kali Linux Network Scanning Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Disclaimer
Preface
Index

NTP amplification DoS attack


An NTP amplification DoS attack exploits the Network Time Protocol (NTP) servers that will respond to remote monlist requests. The monlist function will return a list of all devices that have interacted with the server, in some cases up to as much as 600 listings. An attacker can spoof requests from a target IP address, and vulnerable servers will return very large responses for each request sent. At the time of writing this book, this is still a common threat that is currently being employed on a fairly large scale. As such, I will only demonstrate how to test NTP servers to determine if they will respond to remote monlist requests. Patches or fixes are available for most NTP services to address this problem, and any symptomatic devices should be remediated or brought offline.

Getting ready

To determine if an NTP server can be leveraged in an NTP amplification attack, you will need to have a device with NTP enabled on it. In the examples provided, an installation...