Network Time Protocol

Network Time Protocol (NTP) is used to synchronize the clocks of computers and other devices over a network. It operates on port 123 and ensures that all systems within a network have the same time. Accurate timekeeping is crucial for various network operations, including logging events and coordinating tasks.

What is Network Time Protocol

Network Time Protocol (NTP) is a protocol designed to synchronize the clocks of computers and other devices over a network. It operates on port 123 and is essential for ensuring that all systems within a network maintain the same time. Accurate timekeeping is crucial for various network operations, including logging events, coordinating tasks, and ensuring the proper sequence of transactions.

NTP was developed in the 1980s by David L. Mills at the University of Delaware. It is one of the oldest Internet protocols still in use today. The protocol uses a hierarchical system of time sources, with each level referred to as a stratum. Stratum 0 devices are high-precision timekeeping devices such as atomic clocks, while higher strata are servers that synchronize their time with lower strata.

In addition to its primary function of time synchronization, NTP also includes mechanisms for detecting and compensating for network delays, ensuring that the time provided to clients is as accurate as possible. NTP can operate in various modes, including client-server, peer-to-peer, and broadcast/multicast, making it a versatile solution for different network configurations.

Network Time Protocol runs on TCP and UDP port 123 and is official IANA port.

Security risk

If port 123 is open and the NTP service is running, it can be exploited for DDoS amplification attacks. Attackers can send small queries to the NTP server, which then responds with much larger replies, overwhelming the target system. Additionally, an improperly configured NTP server can be used to manipulate time settings, potentially causing issues with time-sensitive applications and logs.

In our UFW tutorial you can follow instructions how you can configure UFW to close port 123. Use StackChanges to monitor if the Network Time Protocol port is closed and stays closed. StackChanges will send an alert if port 123 is open again.