Vulnerability & Exploit Database

Back to search

NTP Mode 6 REQ_NONCE DRDoS Scanner

This module identifies NTP servers which permit mode 6 REQ_NONCE requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to REQ_NONCE requests with a response larger than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • Jon Hart <jon_hart [at]>




Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/scanner/ntp/ntp_req_nonce_dos msf auxiliary(ntp_req_nonce_dos) > show actions ...actions... msf auxiliary(ntp_req_nonce_dos) > set ACTION <action-name> msf auxiliary(ntp_req_nonce_dos) > show options and set options... msf auxiliary(ntp_req_nonce_dos) > run

Related Vulnerabilities

Related Modules