Unlock instant, AI-driven research and patent intelligence for your innovation.

Vulnerability detection method and device

A vulnerability detection and vulnerability technology, applied in the computer field, can solve the problems of error-prone, low efficiency of manual detection, etc.

Inactive Publication Date: 2019-02-01
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, manual detection is inefficient and error-prone

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device
  • Vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The inventor found through research that the standard NTP service provides a monlist query function. Specifically, after receiving the monlist query request, the NTP server can obtain the IP addresses of the last 600 clients that have time-synchronized with the NTP server, and convert these IP addresses Split to form multiple response packets, and return these response packets to the client. For example, the number of response packets may be 100, and each response packet may include 6 IP addresses.

[0037] The attacker can forge the source IP address of the NTP request, and send a monlist query request to the NTP server through the forged source IP address. When the NTP server has vulnerabilities, these forged source IP addresses cannot be filtered or screened. Therefore, the The IP address sends a large number of response packets to the real source IP address, for example, 100 UDP packets can be sent to the real source IP address. In this way, the attacker can send a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a vulnerability detection method and device. An Internet protocol (IP) address of a network time protocol (NTP) server is obtained. Attack load is sent to theNTP server according to the IP address of the NTP server. Target load comprises a target address. If the target address receives a response packet sent by the NTP server and memory space occupied bythe response packet is greater than or equal to preset bytes, this explains that the NTP server executes an instruction in the attack load, generates the response packet of which occupied memory spaceis greater than or equal to the preset bytes according to the attack load, and sends the response packet to the target address, namely, the NTP server does not detect or filter the attack load, and at this time, it is considered that a vulnerability exists in the NTP server. According to the embodiment of the invention, vulnerability detection for the NTP server can be automatically finished, somanual detection is avoided, and vulnerability detection efficiency and accuracy are improved.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a method and device for detecting vulnerabilities. Background technique [0002] The Network Time Protocol (Network Time Protocol, NTP) is one of the standards for time synchronization in the Internet. The NTP server can send an NTP message including the current time to the client, so that other devices can adjust the time after receiving the NTP message. Realize the time synchronization between the client and the NTP server. [0003] The standard NTP service provides a monlist query function, also known as MON_GETLIST, which can be used to monitor the service status of the NTP server. When the client sends a monlist query to the NTP server, the NTP server can return the recent service status to the client. Specifically, after receiving the monlist query request, the NTP server can obtain the last 600 clients that have synchronized time with the NTP server The Interne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/57
CPCG06F21/577H04L63/0236H04L63/1416H04L63/1433H04L63/1466
Inventor 陈栋
Owner ZHENGZHOU YUNHAI INFORMATION TECH CO LTD