I was making some firewall changes and accidently flip-flopped some settings briefly. While reviewing the firewall logs I noticed that there was some NTP traffic coming from various privileged ports (other than 123)... Literally like ports 1,3,5,6,7, and many others in the double & triple digit range...
I always thought that the source should be either 123 for a normal NTP client, or an unprivileged port 1024-65535 ???? Rough estimate probably about 15% of NTP requests from from random privileged ports... That seems rather high to just be random chance. Are people really that bad at coding and following standards, or is this illegitimate traffic and should be blocked? _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions