In a NTP Flood, attackers use NTP as a variant of a UDP flood. Attackers send valid but spoofed NTP request packets at a very high packet rate and from a very large group of source IP addresses. Since these appear as valid requests, the victim’s NTP servers proceeds to respond to all requests. The NTP server can be overwhelmed by the vast number of requests. This attack consumes large amounts of network resources that exhaust the NTP infrastructure until it goes offline.
