OK Weird story...we got a call from our ISP telling us one of our external IPs was sending out a DDoS attack and if we didn't fix it then they were going to shutdown our external IP. After trying to track down the machine that was causing the issue we believe it is our Digium switchvox phone system and that it was using the NTP port to send the attack.
Our ISP told us we either shut our NTP port on our Firewall or they were shutting down our external IP. So we shut that down and I have been trying to find out if that will cause any long term issues and I can't find a clear cut answer to the problem.
My question is by closing down our NTP port on our Firewall are we going to cause issues with controlling time on our network? Also how do I figure out which server is the NTP for my network, I had all ways understood that it was our Domain Controller? And if anyone else has experience DDoS attacks from their Digium Switchvox phone system?
Thanks for the help?
