When time attacks

Earlier today we noted an attack that we haven't really observed all that often. Normally we would just ignore these because they typically don't cause impact but we noted a large influx of traffic from a single IP that was attempting to overload a third party with forged NTP request.

Starting on the 4th of December and still active as of today, 199[.]195[.]252[.]32 is actively utilizing NTP reflection attacks. The target of the attacks is not being disclosed at this time but we will mention that it's located in the middle east.

Jigsaw Security will continue to monitor this activity. We have not observed any outages in the middle east (in which we have significant infrastructure) where we monitor traffic.

You can research this type of attack here. This vulnerability is largely unpatched by most ISP's and is still relatively effective. A US based retailer is also being targeted which may interfere with holiday shopping.


Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.