Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
ntp-packet-parser
Advanced tools
NTP packet parser
Library to parse NTP response packets according to RFC 5905 into a easy-to-use structure. It does not apply any validations or calculations regarding the time but solely parses the data.
See buffcode/ntp-time-sync for an implementation.
Installation
yarn add ntp-packet-parser
Usage
ES6 style
import { NtpPacketParser } from "ntp-packet-parser";
/** const udpPacket = new Buffer(...); **/
const result = NtpPacketParser.parse(udpPacket);
Legacy style
var NtpPacketParser = require("ntp-packet-parser").NtpPacketParser;
/** const udpPacket = new Buffer(...); **/
var result = NtpPacketParser.parse(udpPacket);
Structure
The response from NtpPacketParser.parse will return the following object structure:
| Property | Type | Description |
|---|---|---|
| leapIndicator | Integer | Warning of an impending leap second to be inserted or deleted in the last minute of the current month |
| version | Integer | NTP version number, currently 4 |
| mode | Integer | Request/response mode |
| stratum | Integer | Stratum of the server |
| poll | Integer | Integer representing the maximum interval in log2 seconds between successive messages (Note: you need to apply Math.pow(2, <value>) to get the real value) |
| precision | Integer | Integer representing the precision of the system clock in log2 seconds (Note: you need to apply Math.pow(2, <value>) to get the real value) |
| rootDelay | Date | Total round-trip delay to the reference clock |
| rootDispersion | Date | Total dispersion to the reference clock |
| referenceId | String | String to identify the particular server or reference clock |
| referenceTimestamp | Date | Time when the system clock was last set or corrected |
| originTimestamp | Date | Time at the client when the request departed for the server |
| receiveTimestamp | Date | Time at the server when the request arrived from the client |
| transmitTimestamp | Date | Time at the server when the response left for the client |
To get the relative time for any Date property, calculate the difference between "Jan 01 1900 GMT" and the given date.
let rootDelayInMilliseconds = result.rootDelay.getTime() - new Date("Jan 01 1900 GMT").getTime();
For further explanations on the possible values of these properties please refer to RFC 5909, Page 19ff.
Testing
Some tests regarding structure, response and error handling exist. To run them locally:
yarn test
Contributing
Please file a PR against master.
License
FAQs
A parser for NTP UDP packets
We found that ntp-packet-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Aug 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025