Port 123 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
123 |
udp |
NTP |
Network Time Protocol (NTP) - used for time synchronization [RFC 5905]
Security Concerns:
It provides both information and possible avenue of attack for intruders. Info gathered can include system uptime, time since reset, time server pkt, I/O & memory statistics and ntp peer list. If a host is susceptible to time altering via ntp an attacker can possibly:
1) Run replay attacks using captured OTP and Kerberos tickets before they expire.
2) Stop security-related cron jobs from running or cause them to run at incorrect times.
3) Make system and audit logs unreliable since time is alterable.
Vodafone Sure Signal also uses this port |
SG
|
123 |
tcp |
trojan |
Net Controller trojan
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
References: [CVE-2019-11331], [BID-108010], [XFDB-159889] |
SG
|
123 |
udp |
|
Network Time Protocol (NTP) - used for time synchronization (official) |
Wikipedia
|
123 |
tcp |
trojan |
[trojan] Net Controller |
Trojans
|
123 |
tcp |
NetController |
[trojan] Net Controller |
SANS
|
123 |
tcp,udp |
applications |
NTP |
Portforward
|
123 |
tcp |
threat |
Madfind |
Bekkoame
|
123 |
tcp,udp |
ntp |
Network Time Protocol [RFC5905] |
IANA
|
|
8 records found
Related ports: 50 500 4500 33434
|