Software Engineering Institute (SEI) Podcast Series

NTP Best Practices


Listen Later

The network time protocol (NTP) synchronizes the time of a computer client or server to another server or within a few milliseconds of Coordinated Universal Time (UTC). NTP servers, long considered a foundational service of the Internet, have more recently been used to amplify large-scale Distributed Denial of Service (DDoS) attacks. While 2016 did not see a noticeable uptick in the frequency of DDoS attacks, the last 12 months have witnessed some of the largest DDoS attacks, according to Akamai's State of the Internet/Security report. One issue that attackers have exploited is abusable NTP servers. In 2014, there were over seven million abusable NTP servers. As a result of software upgrades, repaired configuration files, or the simple fact that ISPs and IXPs have decided to block NTP traffic, the number of abusable servers dropped by almost 99 percent in a matter months, according to a January 2015 article in ACM Queue. But there is still work to be done. It only takes 5,000 abusable NTP servers to generate a DDoS attack in the range of 50-400 Gbps. In this podcast, Timur Snoke explores the challenges of NTP and prescribes some best practices for securing accurate time with this protocol. Listen on Apple Podcasts.
...more
View all episodesView all episodes
Download on the App Store

Software Engineering Institute (SEI) Podcast SeriesBy Members of Technical Staff at the Software Engineering Institute

  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

18 ratings


More shows like Software Engineering Institute (SEI) Podcast Series

View all
Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

1,827 Listeners

Risky Business by Patrick Gray

Risky Business

361 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Make It Real by CMU Engineering

Make It Real

0 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

622 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

269 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,875 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

167 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

SEI Cyber Talks by Members of Technical Staff

SEI Cyber Talks

0 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis

459 Listeners

HBR On Strategy by Harvard Business Review

HBR On Strategy

84 Listeners