CEH v13 explains that NTP (UDP port 123) can leak sensitive network information if misconfigured. When an NTP daemon allows unrestricted external queries (e.g., monlist or ntpq commands), attackers can enumerate internal IP addresses and hostnames.
This exposure is a known reconnaissance weakness and has been exploited in both information disclosure and amplification attacks. CEH v13 strongly recommends restricting NTP query access using access control lists.
DNS poisoning and honeypots do not explain legitimate NTP enumeration responses. Therefore, option D is correct.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit