[ntp:questions] Source port for NTP

Geoff Down geoffdown at fastmail.net
Mon Oct 26 19:48:17 UTC 2015

Sorry, meant to reply to the list.

----- Original message -----
From: Geoff Down <geoffdown at fastmail.net>
To: Kiss Gábor <kissg at niif.hu>
Subject: Re: [ntp:questions] Source port for NTP
Date: Mon, 26 Oct 2015 16:15:17 +0000

On Mon, Oct 26, 2015, at 10:41 AM, Kiss Gábor wrote:
> >  servers. I assume that UDP packets are getting through the router due
> >  to 'full cone NAT' as explained at
> > https://isc.sans.edu/forums/diary/Part+2+Is+your+home+network+unwittingly+contributing+to+NTP+DDOS+attacks/18549/
> > and the fact that NTP is always using port 123 as the source port when
> I don't believe it. :-)
> "tcpdump -n dst port 123 and \! src port 123"
> shows something else.
> Even if it is true what about SNTP clients?
> Gabor
 I read somewhere that NTP and OpenNTP behave differently. Which do you
SNTP I know nothing of.

http://www.fastmail.com - Accessible with your email software
                          or over the web

http://www.fastmail.com - Faster than the air-speed velocity of an
                          unladen european swallow

More information about the questions mailing list