-->

  • All About NTP Enumeration

     



    All About NTP Enumeration



    NTP stands for network time protocol design to synchronise clock of networked computers. NTP can achieve accuracy of 200 million seconds or better in local area networks under ideal condition. NTP can maintain time to within 10 milli seconds ( 1/100 ) over the internet. Ntp based on agent server architecture where agent queries the ntp server and it works on user Dataram Protocol (UDP) and well known Port 123.



    NTP Enumeration



    An attacker can eliminate the following information by querying NTP server.

    1) List of hosts connected to the NTP server.
    2) internal client IP addresses, host name and operating systems used.


     

    NTP Enumeration Tools



    The following table shows the list of tools to perform NTP enumeration.

    Name the tools and description/wab links



    1) NTP Trace

    Query to determine from the NTP server update its time and tresses the chain of the NTP server from a sources.


    2) ntpdc

    Where is the ntp deamon about its current state and to request changes in the state.


    3) ntpq

    Monitor NTP daemon ntpd operations and determine performance.


    4) Cisco ntpd packet tracer download

    https://www.computernetworkingnotes.com/ccna-study-guide/download-packet-tracer-for-windows-and-linux.html



    NTP Security Controls



    The following are the security controls to prevent ntp enumeration attack.


    # restrict the uses of NTP and enable the use of NTPsec where possible.

    # filter and the traffic with IPtables.

    # enable logging for the messages and events.




    Disclaimer


     

    All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.
     

    • 0 comments:

    Post a Comment

    For Any Tech Updates, Hacking News, Internet, Computer, Technology and related to IT Field Articles Follow Our Blog.