Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 123 (tcp/udp) Attack Activity - SANS Internet Storm Center Port 123 (tcp/udp) Attack Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
[get complete service list]
Port Information
Protocol Service Name
tcp NetController [trojan] Net Controller
tcp ntp Network Time Protocol
udp ntp Network Time Protocol
Top IPs Scanning
TodayYesterday (1258) (1718) (1022) (1295) (752) (1244) (645) (822) (642) (815) (576) (659) (533) (622) (410) (558) (337) (378) (332) (340)
User Comments
Submitted By Date
2014-07-05 00:42:34
ntp can be used for amplificating ddos attacks:
Kutbuddin Trunkwala 2005-04-19 15:50:12
Two more vulnerabilities pertaining to NTP. Only HP-UX is vulnerable Several Microsoft products/versions affected
Derek Shull - Christian Cyber Security Service Owner 2005-03-26 02:48:26
This is used by Sobig virus.
Add a comment
CVE Links
CVE # Description
CVE-2016-9042 An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.