CVE-2013-5211\u6f0f\u6d1e\u8bf4\u660e\uff1a<\/strong><\/span><\/div>\n
CVE-2013-5211\u6700\u65e9\u516c\u5e03\u662f2014\u5e741\u670810\u65e5\uff0c\u7531\u4e8eNTP\u672c\u8eab\u4e0d\u4f1a\u9a8c\u8bc1\u53d1\u9001\u8005\u7684\u6e90ip\u5730\u5740\u3002\u8fd9\u5c31\u7c7b\u4f3c\u4e8eDNS\u89e3\u6790\u5668\u4f7f\u7528\u7684DRDoS\uff08\u5206\u5e03\u5f0f\u53cd\u5c04\u578b\u62d2\u7edd\u670d\u52a1\u653b\u51fb\uff09\u3002\u653b\u51fb\u8005HACK\u53d1\u9001\u4e86\u4e00\u4e2a\u4f2a\u9020\u62a5\u6587\u53d1\u9001\u7ed9NTP\u670d\u52a1\u5668Server A\uff0c\u5c06\u6570\u636e\u5305\u4e2d\u7684\u6e90ip\u5730\u5740\u6539\u6210\u4e86\u53d7\u5bb3\u8005Client A\u7684ip\u5730\u5740\u3002NTP\u670d\u52a1\u5668Server A\u4f1a\u54cd\u5e94\u8fd9\u4e2a\u8bf7\u6c42\uff0c\u76f8\u5bf9\u4e8e\u521d\u59cb\u8bf7\u6c42\uff0c\u54cd\u5e94\u5305\u53d1\u9001\u7684\u5b57\u8282\u6570\u662f\u4e00\u4e2a\u88ab\u653e\u5927\u7684\u91cf\uff0c\u5bfc\u81f4\u53d7\u5bb3\u8005Client A\u88abdos\u653b\u51fb\u3002\u6700\u9ad8\u7684\u4e24\u4e2a\u6d88\u606f\u7c7b\u578b\uff1aREQ_MON_GETLIST \u548cREQ_MON_GETLIST_1\uff0c\u901a\u8fc7\u9ad8\u8fbe3660\u548c5500\u7684\u4e00\u4e2a\u56e0\u7d20\u5206\u522b\u653e\u5927\u539f\u59cb\u8bf7\u6c42\u3002<\/p>\n
\u3010\u89e3\u51b3\u65b9\u6848\u3011:<\/strong><\/span><\/div>\n
\u653e\u5927\u53cd\u5c04dos\u653b\u51fb\u7531CVE-2013-5211\u6240\u81f4\u3002\u4e14\u8fd9\u6f0f\u6d1e\u662f\u4e0emolist\u529f\u80fd\u6709\u5173\u3002Ntpd4.2.7p26\u4e4b\u524d\u7684\u7248\u672c\u90fd\u4f1a\u53bb\u54cd\u5e94NTP\u4e2d\u7684mode7\u201cmonlist\u201d\u8bf7\u6c42\u3002ntpd-4.2.7p26\u7248\u672c\u540e\uff0c\u201cmonlist\u201d\u7279\u6027\u5df2\u7ecf\u88ab\u7981\u6b62\uff0c\u53d6\u800c\u4ee3\u4e4b\u7684\u662f\u201cmrulist\u201d\u7279\u6027\uff0c\u4f7f\u7528mode6\u63a7\u5236\u62a5\u6587\uff0c\u5e76\u4e14\u5b9e\u73b0\u4e86\u63e1\u624b\u8fc7\u7a0b\u6765\u963b\u6b62\u5bf9\u7b2c\u4e09\u65b9\u4e3b\u673a\u7684\u653e\u5927\u653b\u51fb\u3002<\/p>\n
\u64cd\u4f5c\u6b65\u9aa4\uff1a<\/p>\n
echo \"disable monitor\" >> \/etc\/ntp.conf\r\n<\/pre>\n
\u91cd\u542fntp\u670d\u52a1<\/p>\n
\u9a8c\u8bc1\uff1a<\/strong><\/span><\/div>\n
\u8fd0\u884c # ntpdc\r\nntpdc> monlist\r\n***Server reports data not found\r\nntpdc>\r\n<\/pre>\n
\u6b64\u65f6monlist\u5df2\u7ecf\u88ab\u7981\u6b62\u4e86\uff0c\u4e5f\u4e0d\u4f1a\u5f71\u54cd\u5176\u65f6\u95f4\u540c\u6b65 \u3002\u6216\u8005\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u589e\u52a0\u4ee5\u4e0b\u4e24\u884c\u5e76\u91cd\u542fntp\u670d\u52a1\uff1a<\/p>\n
restrict default kod nomodify notrap nopeer noquery\r\nrestrict -6 default kod nomodify notrap nopeer noquery\r\n<\/pre>\n
\n
\u539f\u6587\u6765\u81ea\uff1ahttp:\/\/www.361way.com\/ntp-cve-2013-5211\/3941.html<\/a><\/p>\n
\u672c\u6587\u5730\u5740\uff1a https:\/\/lrxjmw.cn\/ntp-bug-xifu.html<\/a>\u7f16\u8f91\uff1a\u5f20\u96c4\uff0c\u5ba1\u6838\u5458\uff1a\u9004\u589e\u5b9d<\/span><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"
CVE-2013-5211\u6f0f\u6d1e\u8bf4\u660e\uff1a CVE-2013-5211\u6700\u65e9\u516c\u5e03\u662f2014\u5e741\u670810\u65e5\uff0c\u7531\u4e8eNTP\u672c\u8eab […]<\/p>\n","protected":false},"author":643,"featured_media":117012,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[55],"tags":[],"class_list":["post-117011","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-thread"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/117011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/643"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=117011"}],"version-history":[{"count":4,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/117011\/revisions"}],"predecessor-version":[{"id":117041,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/117011\/revisions\/117041"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/117012"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=117011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=117011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=117011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}