NTP Fingerprinting

Arhont’s NTP fingerprinting tool (ntp-tool.tgz) is a Perl script that can be used to query remote NTP daemons and enumerate system details. Sometimes output is limited, as shown in Example below:

$ perl ntp-fingerprint.pl -t 192.168.66.202

ntp-fingerprint.pl, , v 0.1
************* NTP server found at host 192.168.66.202 ****
#It was possible to gather the following information
#from the remote NTP host 192.168.66.202
#Operating system: cisco
*************************************************************

and

$ perl ntp-fingerprint.pl -t b.ntp.br

ntp-fingerprint.pl, , V 0.1
************* NTP server found at host b.ntp.br ***********

#It was possible to gather the following information
#from the remote NTP host b.ntp.br
# NTP daemon:version=ntpd 4.2.6p5@1.2349-o Tue

Jan 17 15:48:13 UTC 2012 (1)

# Processor:amd64
# Operating system:FreeBSD/7.3-RELEASE-p4
*************************************************************

Further NTP Querying

Two other useful tools that can be used to launch specific NTP queries are as follows:

ntpdc (http://www.eecis.udel.edu/~mills/ntp/html/ntpdc.html)
ntpq (http://www.eecis.udel.edu/~mills/ntp/html/ntpq.html)



biOos