NTP Network attack and solution (3 kinds)

Source: Internet
Author: User

1 Data analysis

Packet analysis


2 Workaround (script)

Method 1:

You can fix the problem by upgrading the existing NTP to NTP-4.2.8P10

#! /bin/bash
Mkdir-p/home/zyb/tools
Cd/home/zyb/tools
#wget http://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p10.tar.gz
Yum install gcc gcc-c++ openssl-devel libstdc++* libcap*
Cp-ar/etc/ntp/etc/ntp.bak
Cp/etc/ntp.conf/etc/ntp.conf.bak
Cp/etc/init.d/ntpd/etc/init.d/ntpd.bak
Cp/etc/sysconfig/ntpd/etc/sysconfig/ntpd.bak
Cp/etc/sysconfig/ntpdate/etc/sysconfig/ntpdate.bak
Yum Erase NTP ntpdate-y
Install-v-m710-o ntp-g ntp-d/var/lib/ntp
TAR-XF ntp-4.2.8p10.tar.gz
CD NTP-4.2.8P10
./configure--prefix=/usr--bindir=/usr/sbin--sysconfdir=/etc--enable-linuxcaps--with-lineeditlibs=readline- DOCDIR=/USR/SHARE/DOC/NTP-4.2.8P9--enable-all-clocks--enable-parse-clocks--enable-clockctl

Make
Make install

/bin/cp/etc/init.d/ntpd.bak/etc/init.d/ntpd
/bin/cp/etc/sysconfig/ntpd.bak/etc/sysconfig/ntpd
/bin/cp/etc/sysconfig/ntpdate.bak/etc/sysconfig/ntpdate
/bin/mv/etc/ntp.bak/etc/ntp
/bin/cp/etc/ntp.conf.bak/etc/ntp.conf
Service NTPD Start
NTPD--version


Method 2:

Turn off the NTPD service

Service NTPD Stop


Method 3:

Close NTPD corresponding port

Iptables-i INPUT--dport 123-j DROP


3 questions

MAKE[4]: Entering directory '/HOME/ZYB/TOOLS/NTP-4.2.8P10/SNTP '
CCLD SNTP
/usr/bin/ld:cannot Find-lcap
Collect2:ld returned 1 exit status
MAKE[4]: * * * [SNTP] Error 1
MAKE[4]: Leaving directory '/HOME/ZYB/TOOLS/NTP-4.2.8P10/SNTP '
MAKE[3]: * * * [install-recursive] Error 1
MAKE[3]: Leaving directory '/HOME/ZYB/TOOLS/NTP-4.2.8P10/SNTP '
MAKE[2]: * * * [install] Error 2
MAKE[2]: Leaving directory '/HOME/ZYB/TOOLS/NTP-4.2.8P10/SNTP '
MAKE[1]: * * * [install-recursive] Error 1
MAKE[1]: Leaving directory '/HOME/ZYB/TOOLS/NTP-4.2.8P10 '
Make: * * * [install] Error 2

Workaround:
The simplest way:

Yum groupinstall "Compatibility Libraries" "Base" "Development Tools"





Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.