Hello,
Again a straightforward doubt here. I am a little confused when it comes to the topic of the 'NTP Amplification DDoS' attack. I'd appreciate it if somebody could explain it in a simple way that could prove beneficial for the Network+ exam. Also, I heard DNS Amplification attacks are possible, is that true?
Thanks!
-
Doubt in DDoS
-
@Atharva-Bet @wes-bryan Sir, can you please clear this for me
-
@Atharva-Bet great question, NTP uses very small data packets with requesting a response from the client to the server. The attacker spoofs the IP address of the victim in the packet then sends requests to the NTP servers for a larger amount of information (a "monlist"). The NTP servers will respond back to the IP address that has been spoofed, will the goal of taking the victim offline. These are known as reflective attacks and both NTP and DNS amplification attacks are reflective.
Best Regards,
Wes BryanKnowledge is a road to be traveled upon, not a destination to be reached~~
