{"id":478230,"date":"2023-08-09T09:29:27","date_gmt":"2023-08-09T09:29:27","guid":{"rendered":""},"modified":"2023-09-05T11:16:20","modified_gmt":"2023-09-05T11:16:20","slug":"ntp-amplification-attack","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/jp\/wiki\/ntp-amplification-attack\/","title":{"rendered":"NTP\u5897\u5e45\u653b\u6483"},"content":{"rendered":"<h2>\u5c0e\u5165<\/h2>\n<p>\u30b5\u30a4\u30d0\u30fc\u8105\u5a01\u306e\u4e16\u754c\u3067\u306f\u3001\u5206\u6563\u578b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426 (DDoS) \u653b\u6483\u304c\u4f01\u696d\u3084\u7d44\u7e54\u306b\u3068\u3063\u3066\u5f15\u304d\u7d9a\u304d\u5927\u304d\u306a\u61f8\u5ff5\u4e8b\u9805\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u3055\u307e\u3056\u307e\u306a DDoS \u653b\u6483\u624b\u6cd5\u306e\u4e2d\u3067\u3082\u3001NTP \u5897\u5e45\u653b\u6483\u306f\u3001\u60aa\u610f\u306e\u3042\u308b\u653b\u6483\u8005\u304c\u30aa\u30f3\u30e9\u30a4\u30f3 \u30b5\u30fc\u30d3\u30b9\u3092\u59a8\u5bb3\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3059\u308b\u6700\u3082\u5f37\u529b\u3067\u6709\u5bb3\u306a\u624b\u6cd5\u306e 1 \u3064\u3068\u3057\u3066\u969b\u7acb\u3063\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u8a18\u4e8b\u306f\u3001NTP \u5897\u5e45\u653b\u6483\u3092\u6df1\u304f\u7406\u89e3\u3057\u3001\u305d\u306e\u6b74\u53f2\u3001\u5185\u90e8\u52d5\u4f5c\u3001\u7a2e\u985e\u3001\u89e3\u6c7a\u7b56\u3001\u304a\u3088\u3073\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u3068\u306e\u6f5c\u5728\u7684\u306a\u95a2\u9023\u6027\u3092\u63a2\u308b\u3053\u3068\u3092\u76ee\u7684\u3068\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>NTP \u5897\u5e45\u653b\u6483\u306e\u8d77\u6e90\u306e\u6b74\u53f2<\/h2>\n<p>NTP \u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3068\u3057\u3066\u3082\u77e5\u3089\u308c\u308b NTP \u5897\u5e45\u653b\u6483\u306f\u30012013 \u5e74\u306b\u521d\u3081\u3066\u78ba\u8a8d\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u308c\u306f\u3001\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u3068\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c7\u30d0\u30a4\u30b9\u306e\u6642\u523b\u3092\u540c\u671f\u3059\u308b\u305f\u3081\u306b\u4e0d\u53ef\u6b20\u306a\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30bf\u30a4\u30e0 \u30d7\u30ed\u30c8\u30b3\u30eb (NTP) \u30b5\u30fc\u30d0\u30fc\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u3053\u306e\u653b\u6483\u3067\u306f\u3001\u6700\u8fd1\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092\u53d6\u5f97\u3059\u308b\u3088\u3046\u306b\u8a2d\u8a08\u3055\u308c\u305f\u6a5f\u80fd\u3067\u3042\u308b monlist \u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u3078\u306e\u653b\u6483\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u5897\u5e45\u3057\u307e\u3059\u3002\u5927\u5e45\u306a\u5897\u5e45\u7387\u3068\u9001\u4fe1\u5143 IP \u30a2\u30c9\u30ec\u30b9\u306e\u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u6a5f\u80fd\u306b\u3088\u308a\u3001\u3053\u306e\u653b\u6483\u306f\u7279\u306b\u5371\u967a\u3067\u3042\u308a\u3001\u8efd\u6e1b\u3059\u308b\u3053\u3068\u304c\u56f0\u96e3\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<h2>NTP\u5897\u5e45\u653b\u6483\u306e\u8a73\u7d30\u60c5\u5831<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u306f\u3001\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u3068\u3057\u3066\u77e5\u3089\u308c\u308b\u624b\u6cd5\u306b\u4f9d\u5b58\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u624b\u6cd5\u3067\u306f\u3001\u653b\u6483\u8005\u306f\u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc\u306b\u5c0f\u3055\u306a\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3057\u3001\u9001\u4fe1\u5143 IP \u30a2\u30c9\u30ec\u30b9\u3092\u30bf\u30fc\u30b2\u30c3\u30c8\u306e IP \u3068\u3057\u3066\u507d\u88c5\u3057\u307e\u3059\u3002\u305d\u306e\u5f8c\u3001NTP \u30b5\u30fc\u30d0\u30fc\u306f\u5143\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u3088\u308a\u3082\u306f\u308b\u304b\u306b\u5927\u304d\u306a\u5fdc\u7b54\u3067\u30bf\u30fc\u30b2\u30c3\u30c8\u306b\u5fdc\u7b54\u3057\u3001\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30d5\u30e9\u30c3\u30c9\u304c\u767a\u751f\u3057\u3066\u30bf\u30fc\u30b2\u30c3\u30c8\u306e\u30ea\u30bd\u30fc\u30b9\u3092\u5727\u5012\u3057\u307e\u3059\u3002\u3053\u306e\u5897\u5e45\u52b9\u679c\u306f\u6700\u521d\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u30b5\u30a4\u30ba\u306e\u6700\u5927 1,000 \u500d\u306b\u9054\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u3001\u975e\u5e38\u306b\u52b9\u679c\u7684\u306a DDoS \u653b\u6483\u30d9\u30af\u30c8\u30eb\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<h2>NTP\u5897\u5e45\u653b\u6483\u306e\u5185\u90e8\u69cb\u9020<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u306b\u306f\u3001\u6b21\u306e 3 \u3064\u306e\u4e3b\u8981\u306a\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u304c\u542b\u307e\u308c\u307e\u3059\u3002<\/p>\n<ol>\n<li>\n<p><strong>\u30a2\u30bf\u30c3\u30ab\u30fc\uff1a<\/strong> \u653b\u6483\u3092\u958b\u59cb\u3059\u308b\u500b\u4eba\u307e\u305f\u306f\u30b0\u30eb\u30fc\u30d7\u3002\u3055\u307e\u3056\u307e\u306a\u30c6\u30af\u30cb\u30c3\u30af\u3092\u5229\u7528\u3057\u3066\u3001\u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc\u306b\u5c0f\u3055\u306a\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3057\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc:<\/strong> \u3053\u308c\u3089\u306f\u3001monlist \u30b3\u30de\u30f3\u30c9\u304c\u6709\u52b9\u306b\u306a\u3063\u3066\u3044\u308b\u516c\u7684\u306b\u30a2\u30af\u30bb\u30b9\u53ef\u80fd\u306a NTP \u30b5\u30fc\u30d0\u30fc\u3067\u3042\u308b\u305f\u3081\u3001\u653b\u6483\u3092\u53d7\u3051\u3084\u3059\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u76ee\u6a19\uff1a<\/strong> \u653b\u6483\u306e\u88ab\u5bb3\u8005\u306f\u3001\u30ea\u30af\u30a8\u30b9\u30c8\u5185\u3067 IP \u30a2\u30c9\u30ec\u30b9\u304c\u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u3055\u308c\u3066\u304a\u308a\u3001\u5897\u5e45\u3055\u308c\u305f\u30ec\u30b9\u30dd\u30f3\u30b9\u306b\u3088\u308a\u30ea\u30bd\u30fc\u30b9\u304c\u6ea2\u308c\u3001\u30b5\u30fc\u30d3\u30b9\u304c\u4e2d\u65ad\u3055\u308c\u307e\u3059\u3002<\/p>\n<\/li>\n<\/ol>\n<h2>NTP\u5897\u5e45\u653b\u6483\u306e\u4e3b\u306a\u7279\u5fb4\u306e\u5206\u6790<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u3092\u3088\u308a\u6df1\u304f\u7406\u89e3\u3059\u308b\u305f\u3081\u306b\u3001\u305d\u306e\u4e3b\u8981\u306a\u6a5f\u80fd\u3092\u5206\u6790\u3057\u3066\u307f\u307e\u3057\u3087\u3046\u3002<\/p>\n<ul>\n<li>\n<p><strong>\u5897\u5e45\u7387:<\/strong> NTP \u30b5\u30fc\u30d0\u30fc\u306b\u3088\u3063\u3066\u751f\u6210\u3055\u308c\u305f\u5fdc\u7b54\u306e\u30b5\u30a4\u30ba\u3068\u6700\u521d\u306e\u8981\u6c42\u306e\u30b5\u30a4\u30ba\u306e\u6bd4\u7387\u3002\u5897\u5e45\u7387\u304c\u9ad8\u3044\u307b\u3069\u3001\u653b\u6483\u306f\u3088\u308a\u5f37\u529b\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u9001\u4fe1\u5143IP\u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0:<\/strong> \u653b\u6483\u8005\u306f\u30ea\u30af\u30a8\u30b9\u30c8\u5185\u306e\u9001\u4fe1\u5143 IP \u30a2\u30c9\u30ec\u30b9\u3092\u6539\u3056\u3093\u3059\u308b\u305f\u3081\u3001\u653b\u6483\u306e\u767a\u4fe1\u5143\u3092\u8ffd\u8de1\u3059\u308b\u3053\u3068\u304c\u56f0\u96e3\u306b\u306a\u308a\u3001\u3088\u308a\u9ad8\u3044\u30ec\u30d9\u30eb\u306e\u533f\u540d\u6027\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u6d2a\u6c34:<\/strong> \u3053\u306e\u653b\u6483\u306f\u3001\u5897\u5e45\u3055\u308c\u305f\u5927\u91cf\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u30bf\u30fc\u30b2\u30c3\u30c8\u306b\u5927\u91cf\u306b\u9001\u308a\u8fbc\u307f\u3001\u5e2f\u57df\u5e45\u3092\u6d88\u8cbb\u3057\u3001\u30ea\u30bd\u30fc\u30b9\u3092\u904e\u5270\u306b\u6d88\u8cbb\u3057\u307e\u3059\u3002<\/p>\n<\/li>\n<\/ul>\n<h2>NTP\u5897\u5e45\u653b\u6483\u306e\u7a2e\u985e<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u306f\u3001\u4f7f\u7528\u3055\u308c\u308b\u7279\u5b9a\u306e\u6280\u8853\u307e\u305f\u306f\u305d\u306e\u5f37\u5ea6\u306b\u57fa\u3065\u3044\u3066\u5206\u985e\u3067\u304d\u307e\u3059\u3002\u4e00\u822c\u7684\u306a\u30bf\u30a4\u30d7\u3092\u3044\u304f\u3064\u304b\u793a\u3057\u307e\u3059\u3002<\/p>\n<table>\n<thead>\n<tr>\n<th>\u653b\u6483\u30bf\u30a4\u30d7<\/th>\n<th>\u8aac\u660e<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>\u76f4\u63a5NTP\u653b\u6483<\/td>\n<td>\u653b\u6483\u8005\u306f\u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc\u3092\u76f4\u63a5\u30bf\u30fc\u30b2\u30c3\u30c8\u306b\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u53cd\u5c04\u653b\u6483<\/td>\n<td>\u653b\u6483\u8005\u306f\u8907\u6570\u306e\u4e2d\u9593 NTP \u30b5\u30fc\u30d0\u30fc\u3092\u4f7f\u7528\u3057\u3066\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u3078\u306e\u653b\u6483\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u53cd\u5c04\u304a\u3088\u3073\u5897\u5e45\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>NTP \u5897\u5e45\u653b\u6483\u306e\u4f7f\u7528\u65b9\u6cd5\u3001\u554f\u984c\u3001\u304a\u3088\u3073\u89e3\u6c7a\u7b56<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u306f\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7ba1\u7406\u8005\u3068\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5c02\u9580\u5bb6\u306b\u91cd\u5927\u306a\u8ab2\u984c\u3092\u3082\u305f\u3089\u3057\u307e\u3059\u3002\u4e3b\u8981\u306a\u554f\u984c\u3068\u89e3\u6c7a\u7b56\u306b\u306f\u6b21\u306e\u3088\u3046\u306a\u3082\u306e\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<ul>\n<li>\n<p><strong>\u554f\u984c\uff1a<\/strong> \u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc \u2013 \u591a\u304f\u306e NTP \u30b5\u30fc\u30d0\u30fc\u306f\u53e4\u3044\u8a2d\u5b9a\u3067\u69cb\u6210\u3055\u308c\u3066\u304a\u308a\u3001monlist \u30b3\u30de\u30f3\u30c9\u304c\u60aa\u7528\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p><strong>\u89e3\u6c7a\uff1a<\/strong> \u30b5\u30fc\u30d0\u30fc\u306e\u5f37\u5316 \u2013 \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7ba1\u7406\u8005\u306f\u3001monlist \u30b3\u30de\u30f3\u30c9\u3092\u7121\u52b9\u306b\u3057\u3001\u4e0d\u6b63\u306a NTP \u30af\u30a8\u30ea\u3092\u9632\u3050\u305f\u3081\u306b\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u3092\u5b9f\u88c5\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u554f\u984c\uff1a<\/strong> IP \u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0 \u2013 \u9001\u4fe1\u5143 IP \u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u306b\u3088\u308a\u3001\u653b\u6483\u8005\u3092\u8ffd\u8de1\u3057\u3001\u8cac\u4efb\u3092\u8ffd\u53ca\u3059\u308b\u3053\u3068\u304c\u56f0\u96e3\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p><strong>\u89e3\u6c7a\uff1a<\/strong> \u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0 \u2013 \u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30a4\u30f3\u30b0\u30ec\u30b9 \u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3092\u4f7f\u7528\u3059\u308b\u3068\u3001\u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u3055\u308c\u305f\u9001\u4fe1\u5143 IP \u30a2\u30c9\u30ec\u30b9\u3092\u6301\u3064\u53d7\u4fe1\u30d1\u30b1\u30c3\u30c8\u3092\u30c9\u30ed\u30c3\u30d7\u3057\u3001\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\u306e\u5f71\u97ff\u3092\u8efd\u6e1b\u3067\u304d\u307e\u3059\u3002<\/p>\n<\/li>\n<li>\n<p><strong>\u554f\u984c\uff1a<\/strong> \u653b\u6483\u306e\u8efd\u6e1b - NTP \u5897\u5e45\u653b\u6483\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u691c\u51fa\u3057\u3066\u8efd\u6e1b\u3059\u308b\u3053\u3068\u306f\u3001\u30b5\u30fc\u30d3\u30b9\u306e\u53ef\u7528\u6027\u3092\u78ba\u4fdd\u3059\u308b\u305f\u3081\u306b\u975e\u5e38\u306b\u91cd\u8981\u3067\u3059\u3002<\/p>\n<p><strong>\u89e3\u6c7a\uff1a<\/strong> DDoS \u4fdd\u8b77\u30b5\u30fc\u30d3\u30b9 \u2013 \u7279\u6b8a\u306a DDoS \u4fdd\u8b77\u30b5\u30fc\u30d3\u30b9\u3092\u5229\u7528\u3059\u308b\u3068\u3001NTP \u5897\u5e45\u653b\u6483\u3092\u52b9\u679c\u7684\u306b\u691c\u51fa\u3057\u3066\u8efd\u6e1b\u3067\u304d\u307e\u3059\u3002<\/p>\n<\/li>\n<\/ul>\n<h2>\u4e3b\u306a\u7279\u5fb4\u3068\u985e\u4f3c\u7528\u8a9e\u3068\u306e\u6bd4\u8f03<\/h2>\n<table>\n<thead>\n<tr>\n<th>\u5b66\u671f<\/th>\n<th>\u8aac\u660e<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>NTP\u5897\u5e45<\/td>\n<td>monlist \u30b3\u30de\u30f3\u30c9\u3092 DDoS \u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\u306b\u60aa\u7528\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>DNS\u5897\u5e45<\/td>\n<td>DNS \u30b5\u30fc\u30d0\u30fc\u3092\u60aa\u7528\u3057\u3066 DDoS \u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u884c\u3044\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>SNMP\u5897\u5e45<\/td>\n<td>SNMP \u30b5\u30fc\u30d0\u30fc\u3092\u60aa\u7528\u3057\u3066 DDoS \u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u884c\u3044\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>UDP \u30d5\u30e9\u30c3\u30c9\u653b\u6483<\/td>\n<td>\u5927\u91cf\u306e UDP \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3067\u30bf\u30fc\u30b2\u30c3\u30c8\u3092\u5727\u5012\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<tr>\n<td>TCP SYN \u30d5\u30e9\u30c3\u30c9\u653b\u6483<\/td>\n<td>TCP \u30cf\u30f3\u30c9\u30b7\u30a7\u30a4\u30af\u3067\u306e SYN \u30ea\u30af\u30a8\u30b9\u30c8\u3067\u30bf\u30fc\u30b2\u30c3\u30c8\u3092\u5727\u5012\u3057\u307e\u3059\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>NTP\u5897\u5e45\u653b\u6483\u306b\u95a2\u3059\u308b\u5c55\u671b\u3068\u4eca\u5f8c\u306e\u6280\u8853<\/h2>\n<p>\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u304c\u9032\u5316\u3059\u308b\u306b\u3064\u308c\u3066\u3001\u30b5\u30a4\u30d0\u30fc\u8105\u5a01\u3082\u9032\u5316\u3057\u307e\u3059\u3002 NTP \u5897\u5e45\u653b\u6483\u3092\u8efd\u6e1b\u3059\u308b\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u306f\u6539\u826f\u3055\u308c\u7d9a\u3051\u3066\u3044\u307e\u3059\u304c\u3001\u653b\u6483\u8005\u306f\u65b0\u305f\u306a\u653b\u6483\u30d9\u30af\u30c8\u30eb\u306b\u9069\u5fdc\u3057\u3066\u767a\u898b\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5c02\u9580\u5bb6\u306b\u3068\u3063\u3066\u3001\u6700\u65b0\u306e\u30c8\u30ec\u30f3\u30c9\u3092\u5e38\u306b\u628a\u63e1\u3057\u3001\u65b0\u305f\u306a\u8105\u5a01\u304b\u3089\u4fdd\u8b77\u3059\u308b\u305f\u3081\u306e\u9769\u65b0\u7684\u306a\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u3092\u958b\u767a\u3059\u308b\u3053\u3068\u304c\u4e0d\u53ef\u6b20\u3067\u3059\u3002<\/p>\n<h2>\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u3068 NTP \u5897\u5e45\u653b\u6483<\/h2>\n<p>\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306f\u3001NTP \u5897\u5e45\u653b\u6483\u3092\u8efd\u6e1b\u3059\u308b\u4e0a\u3067\u91cd\u8981\u306a\u5f79\u5272\u3092\u679c\u305f\u3057\u307e\u3059\u3002\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306f\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3068 NTP \u30b5\u30fc\u30d0\u30fc\u306e\u9593\u306e\u4ef2\u4ecb\u8005\u3068\u3057\u3066\u6a5f\u80fd\u3059\u308b\u3053\u3068\u3067\u3001\u53d7\u4fe1 NTP \u8981\u6c42\u3092\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3057\u3066\u691c\u67fb\u3057\u3001\u6f5c\u5728\u7684\u306a\u60aa\u610f\u306e\u3042\u308b\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304c\u8106\u5f31\u306a NTP \u30b5\u30fc\u30d0\u30fc\u306b\u5230\u9054\u3059\u308b\u524d\u306b\u30d6\u30ed\u30c3\u30af\u3067\u304d\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u5897\u5e45\u653b\u6483\u306e\u30ea\u30b9\u30af\u304c\u8efd\u6e1b\u3055\u308c\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5168\u4f53\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u304c\u5411\u4e0a\u3057\u307e\u3059\u3002<\/p>\n<h2>\u95a2\u9023\u30ea\u30f3\u30af<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u3068 DDoS \u4fdd\u8b77\u306e\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f\u3001\u6b21\u306e\u30ea\u30bd\u30fc\u30b9\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<ol>\n<li><a href=\"https:\/\/us-cert.cisa.gov\/ncas\/alerts\/TA14-013A\" target=\"_new\" rel=\"noopener nofollow\">US-CERT \u30a2\u30e9\u30fc\u30c8 (TA14-013A) \u2013 NTP \u5897\u5e45\u653b\u6483<\/a><\/li>\n<li><a href=\"https:\/\/tools.ietf.org\/html\/rfc5905\" target=\"_new\" rel=\"noopener nofollow\">IETF \u2013 \u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30bf\u30a4\u30e0 \u30d7\u30ed\u30c8\u30b3\u30eb \u30d0\u30fc\u30b8\u30e7\u30f3 4: \u30d7\u30ed\u30c8\u30b3\u30eb\u3068\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u306e\u4ed5\u69d8<\/a><\/li>\n<li><a href=\"https:\/\/www.cloudflare.com\/learning\/ddos\/ntp-amplification-ddos-attack\/\" target=\"_new\" rel=\"noopener nofollow\">Cloudflare \u2013 NTP\u5897\u5e45\u653b\u6483<\/a><\/li>\n<li><a href=\"https:\/\/oneproxy.pro\/jp\/ddos-protection\/\" target=\"_new\" rel=\"noopener\">OneProxy \u2013 DDoS \u4fdd\u8b77\u30b5\u30fc\u30d3\u30b9<\/a> (OneProxy \u304c\u63d0\u4f9b\u3059\u308b DDoS \u4fdd\u8b77\u30b5\u30fc\u30d3\u30b9\u3078\u306e\u30ea\u30f3\u30af)<\/li>\n<\/ol>\n<h2>\u7d50\u8ad6<\/h2>\n<p>NTP \u5897\u5e45\u653b\u6483\u306f\u3001\u305d\u306e\u9ad8\u3044\u5897\u5e45\u7387\u3068\u30bd\u30fc\u30b9 IP \u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u6a5f\u80fd\u306b\u3088\u308a\u3001DDoS \u653b\u6483\u306e\u5206\u91ce\u306b\u304a\u3044\u3066\u4f9d\u7136\u3068\u3057\u3066\u91cd\u5927\u306a\u8105\u5a01\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u30aa\u30f3\u30e9\u30a4\u30f3 \u30b5\u30fc\u30d3\u30b9\u306e\u5fa9\u5143\u529b\u3092\u78ba\u4fdd\u3059\u308b\u306b\u306f\u3001\u305d\u306e\u5185\u90e8\u306e\u4ed5\u7d44\u307f\u3092\u7406\u89e3\u3057\u3001\u5f37\u529b\u306a\u7de9\u548c\u6226\u7565\u3092\u63a1\u7528\u3059\u308b\u3053\u3068\u304c\u91cd\u8981\u3067\u3059\u3002\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u306e\u9032\u6b69\u306b\u4f34\u3044\u3001NTP \u5897\u5e45\u653b\u6483\u3068\u6226\u3046\u306b\u306f\u3001\u65b0\u305f\u306a\u8105\u5a01\u306b\u5bfe\u3057\u3066\u5e38\u306b\u8b66\u6212\u3057\u3001\u4fdd\u8b77\u306e\u305f\u3081\u306b\u30d7\u30ed\u30ad\u30b7 \u30b5\u30fc\u30d0\u30fc\u306a\u3069\u306e\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u3092\u6d3b\u7528\u3059\u308b\u3053\u3068\u304c\u4e0d\u53ef\u6b20\u306b\u306a\u308a\u307e\u3059\u3002<\/p>","protected":false},"featured_media":478231,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-478230","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>NTP Amplification Attack: An Overview<\/mark>","faq_items":[{"question":"What is the NTP Amplification Attack?","answer":"<p>The NTP Amplification Attack is a type of Distributed Denial of Service (DDoS) attack that takes advantage of vulnerable Network Time Protocol (NTP) servers to flood a target with amplified traffic. Attackers spoof the target's IP address and send small requests to NTP servers that support the monlist command, resulting in massive responses that overwhelm the target's resources.<\/p>"},{"question":"How did the NTP Amplification Attack originate?","answer":"<p>The NTP Amplification Attack was first identified in 2013. It stemmed from a vulnerability in NTP servers with the monlist command enabled. Attackers realized they could exploit this vulnerability to launch powerful DDoS attacks with a high amplification factor.<\/p>"},{"question":"How does the NTP Amplification Attack work?","answer":"<p>The NTP Amplification Attack uses reflection and source IP spoofing. Attackers send small requests to vulnerable NTP servers, pretending to be the target's IP address. The NTP servers then respond with much larger responses, flooding the target with amplified traffic, leading to service disruption.<\/p>"},{"question":"What are the key features of the NTP Amplification Attack?","answer":"<p>The NTP Amplification Attack is characterized by its high amplification factor, which can be up to 1,000 times the initial request's size. It also employs source IP spoofing, making it difficult to trace the attackers. Furthermore, the attack floods the target with a massive volume of traffic.<\/p>"},{"question":"What types of NTP Amplification Attacks exist?","answer":"<p>There are two main types of NTP Amplification Attacks:<\/p><ol><li><p>Direct NTP Attack: Attackers directly target a vulnerable NTP server to launch the attack.<\/p><\/li><li><p>Reflective Attack: Attackers use multiple intermediate NTP servers to reflect and amplify the attack traffic towards the target.<\/p><\/li><\/ol>"},{"question":"How can organizations protect against NTP Amplification Attacks?","answer":"<p>To defend against NTP Amplification Attacks, organizations should consider the following solutions:<\/p><ul><li><p><strong>Server Hardening:<\/strong> Administrators should disable the monlist command on NTP servers and implement access controls to prevent unauthorized queries.<\/p><\/li><li><p><strong>Network Filtering:<\/strong> Employ network ingress filtering to drop incoming packets with spoofed source IP addresses, reducing the impact of reflection attacks.<\/p><\/li><li><p><strong>DDoS Protection Services:<\/strong> Utilize specialized DDoS protection services to detect and mitigate NTP Amplification Attacks effectively.<\/p><\/li><\/ul>"},{"question":"How is NTP Amplification Attack related to proxy servers?","answer":"<p>Proxy servers can be used as intermediaries between clients and NTP servers to filter and inspect incoming NTP requests. By doing so, they can block potential malicious traffic before it reaches vulnerable NTP servers, reducing the risk of amplification attacks and enhancing overall network security.<\/p>"},{"question":"What are the future perspectives and technologies related to NTP Amplification Attack?","answer":"<p>As technology evolves, attackers are likely to find new ways to exploit NTP servers and launch amplified attacks. Cybersecurity professionals must stay updated with the latest trends and develop innovative technologies for safeguarding against emerging threats effectively.<\/p>"},{"question":"Where can I find more information about NTP Amplification Attacks and DDoS protection?","answer":"<p>For further insights into NTP Amplification Attacks and DDoS protection, you can refer to the following resources:<\/p><ol><li><a href=\"https:\/\/us-cert.cisa.gov\/ncas\/alerts\/TA14-013A\" target=\"_new\">US-CERT Alert (TA14-013A) - NTP Amplification Attacks<\/a><\/li><li><a href=\"https:\/\/tools.ietf.org\/html\/rfc5905\" target=\"_new\">IETF - Network Time Protocol Version 4: Protocol and Algorithms Specification<\/a><\/li><li><a href=\"https:\/\/www.cloudflare.com\/learning\/ddos\/ntp-amplification-ddos-attack\/\" target=\"_new\">Cloudflare - NTP Amplification Attacks<\/a><\/li><li><a href=\"https:\/\/oneproxy.pro\/ddos-protection\" target=\"_new\">OneProxy - DDoS Protection Services<\/a> (Link to the DDoS protection services offered by OneProxy)<\/li><\/ol>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki\/478230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/wiki\/478230\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/media\/478231"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/jp\/wp-json\/wp\/v2\/media?parent=478230"}],"curies":[{"name":"\u3046\u30fc\u3093","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}