[ntp:questions] Source port for NTP

Geoff Down geoffdown at fastmail.net
Mon Oct 26 19:48:17 UTC 2015


Sorry, meant to reply to the list.

----- Original message -----
From: Geoff Down <geoffdown at fastmail.net>
To: Kiss Gábor <kissg at niif.hu>
Subject: Re: [ntp:questions] Source port for NTP
Date: Mon, 26 Oct 2015 16:15:17 +0000



On Mon, Oct 26, 2015, at 10:41 AM, Kiss Gábor wrote:
> >  servers. I assume that UDP packets are getting through the router due
> >  to 'full cone NAT' as explained at
> > https://isc.sans.edu/forums/diary/Part+2+Is+your+home+network+unwittingly+contributing+to+NTP+DDOS+attacks/18549/
> > and the fact that NTP is always using port 123 as the source port when
> 
> I don't believe it. :-)
> "tcpdump -n dst port 123 and \! src port 123"
> shows something else.
> Even if it is true what about SNTP clients?
> 
> Gabor
 I read somewhere that NTP and OpenNTP behave differently. Which do you
 have?
https://stackoverflow.com/questions/232722/ntpd-use-an-unrestricted-port-for-communication
SNTP I know nothing of.
GD

-- 
http://www.fastmail.com - Accessible with your email software
                          or over the web


-- 
http://www.fastmail.com - Faster than the air-speed velocity of an
                          unladen european swallow



More information about the questions mailing list