Greyware Automation Products, Inc.
Greyware Automation Products, Inc.   
     Home    Products    Store    Downloads    Customer Service    Site Search    
Log in  or   Create an account now -- FREE!        
Kb > FAQ: Is Domain Time susceptible to ntpd vulnerabilities or being used in NTP amplification attacks?

KB2012.129
FAQ: Is Domain Time susceptible to ntpd vulnerabilities or being used in NTP amplification attacks?

This article applies to Domain Time II.

Last Updated: 29 January 2014

Question

    FAQ: Is Domain Time susceptible to ntpd vulnerabilities or being used in NTP amplification attacks?

Answer

    Domain Time is not susceptible to ntpd vulnerabilities because it is not ported from ntpd and does not use any ntpd code.

    Domain Time is also not susceptible to being used in NTP amplification attacks. These attacks work by returning a large amount of data to a spoofed IP source address in response to a relatively small request packet. These attacks depend upon NTP clients responding to certain specific status reporting functions commonly found in NTP time clients ported from the typical ntpd daemon in standard use on UNIX/Linux. Domain Time does not implement these ntpd-specific auxilliary status reporting functions, therefore we do not respond to the spoofed attack packets.

    Note: Domain Time Server (if the NTP protocol is enabled) and Domain Time Client (if the NTP Broadcast Listener is enabled) can respond to two specific ntpq queries: ntpq -np and/or ntpdate -q. These commands typically do not respond with large amounts of data, so they are unlikely to be used in amplification attacks. However, on Domain Time version 5.2.b.20140101 or later, these responses can be disabled if desired by setting the following registry value to True:

        HKEY_LOCAL_MACHINE\SOFTWARE\Greyware\Domain Time Server[Client]\Parameters\NTP Query Disabled

My Account  |   Contact Us  |   Feedback to Greyware  |   Privacy Policy  |   Printer-Friendly Version
 
Copyright © 1995-2018 Greyware Automation Products, Inc.  All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.