仓库源文站点原文


tags: [linux]

ntpd上曾出现过拒绝服务的漏洞

pochttp://dumpco.re/cve-2016-7434/

还有一种方法是利用ntp做放大攻击

https://www.incapsula.com/ddos/attack-glossary/ntp-amplification.html

ntpd server

开启ntpd服务 service ntpd start

client

ntpdate ntpdate is a computer program used to quickly synchronize and set computers' date and time by querying a Network Time Protocol (NTP) server. It is available for a wide variety of unix-like operating systems.

ntp mode

放大攻击

from scapy.all import *

NTP(version=2, mode=7,stratum=0, poll=3,precison=42)
# 剩下的ip头和upd头请自己构造,ip/udp/ntp