Skip to main content

Port Randomization in the Network Time Protocol Version 4

Document Type Replaced Internet-Draft (candidate for ntp WG)
Expired & archived
Authors Fernando Gont , Guillermo Gont
Last updated 2019-08-27 (Latest revision 2019-08-06)
Replaced by draft-ietf-ntp-port-randomization
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Call For Adoption By WG Issued
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-ntp-port-randomization
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The Network Time Protocol can operate in several modes. Some of these modes are based on the receipt of unsolicited packets, and therefore require the use of a service/well-known port as the local port number. However, in the case of NTP modes where the use of a service/well-known port is not required, employing such well-known/ service port unnecessarily increases the ability of attackers to perform blind/off-path attacks. This document formally updates RFC5905, recommending the use of port randomization for those modes where use of the NTP service port is not required.


Fernando Gont
Guillermo Gont

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)