IW2002-B5 1 Internet Week ( ) 9:30 12:30 ( ) Copyright 2002 All Rights Reserved, by Seiji Kumagai ADSL FTTH 24 IP LAN

1 Internet Week 2002 20021218() 9:3012:30 () kuma@isid.co.jp ADSLFTTH 24 IP LAN LAN LAN 2 1

? 3? 4 e-japan 20053000 20051000 2

IP»» 5 CATV DSL FTTH LAN 6 620(20029) CATV 180DSL 422FTTH 12 14 3

MP3CD CM VoD 7 8 100» 15500 124» 1124 2001CodeRed»» 4

CodeRed 9 URL=http://www.security.nl/misc/codered-stats/ CodeRed 10 (Worm) IP IP CodeRed II IP ISP 5

»»»»»» 11 12 6

() CATV LAN IP 13 (JPCERT) 14 2002-09-17 OpenSSL Apache/mod_ssl 2002-06-28 DNS resolver 2002-06-27 OpenSSH 2002-06-20 Apache Web 2002-05-24 TCP 1433 2002-02-14 SNMPv1 2001-10-09 CDE ToolTalk 2001-09-19 80 (HTTP) 2001-08-31 BSD OS lpd 2001-08-21 Linux telnetd 2001-08-08 Microsoft IIS "Code Red II" 2001-08-06 "Code Red" Worm 2001-07-30 "Code Red" Worm 2001-07-27 telnetd 2001-07-27 SSH 2001-07-25 Microsoft IIS 2001-07-19 Microsoft IIS Worm 2001-07-04 Solaris NIS ypbind 2001-06-27 Solaris http://www.jpcert.or.jp/at/ 7

Web IP!! 15 SPAM 16 8

17 18 Q2 9

? 19 Passive Attack Web Web Web 20 10

21 CATV Ethernet DSL DSLEthernet FTTH ONU(Optical Network Unit)Ethernet EthernetPC 1PC IP PPPoE 22 ISP ONU NAT ISP ONU ISP ONU 11

NAT? 23 Network Address Translation IP IP NAT 24 ADSL FTTH LAN ADSLFTTH CATV LAN ISP ONU Ethernet homepna VDSL 12

25 CATV LAN? 26 13

? 27 22 VLAN 28 14

29 LAN Web 1 30 1 1???? 15

31 2 (NAT)? 32 () SPI» State-full Packet Inspection 16

33 34 17

SPI 35 IP ADSL!» 200212 36 PC PC PC ISP PC PC PC ISP PC PC PC ISP 18

1 37 38 19

39 Web 40 ISP 20

41 ISP PC ISP CodeRed 42 2001719CERT/CC» http://www.cert.org/advisories/ca-2001-19.html 26 IISIndex Server CERT/CC 2001619» http://www.cert.org/advisories/ca-2001-13.html 2001618» http://www.microsoft.com/japan/technet/security/prekb.asp?s ec_cd=ms01-033 21

LAN PC PC LAN 43 CodeRed 44 22

Nimda 45 Nimda» http://www.ipa.go.jp/security/topics/newvirus/nimda.html + InternetExplorerOutLookIIS Web CodeRed II CodeRed Sircam 46 http://www.ipa.go.jp/security/topics/sircam.html 1016 C MS-WordMS-Excel» Outlook, Outlook Express Web 23

Klez 47 http://www.ipa.go.jp/security/topics/newvirus/klez.html Windows32 Outlook Outlook OutlookExpress 6 C BugBear 48 http://www.ipa.go.jp/security/topics/newvirus/bugbear.html»» (tbb,eml,mbx,nch) 24

Microsoft? 49 YES!?!? 50»»» 25

vs. 51 52 26

53 54 27

OS 55 1? 56 28

Windows Update 57 Windows Windows 58 Web 29

59 CGI(Common Gateway Interface) 60 30

61» 62 31

63?? 64 5 2 1 4 6 3 32

65? LAN ISP PPP!! 66 (SSH)» http://www.ipsec.co.jp/ SSL» http://www.orangesoft.co.jp/wstunnel/index.html 33

SSL 67 Secure Sockets Layer»» Web» 68? 34

? 69? ISP ISP LAN VPN 70 Virtual Private Network LAN VPN NAT NAT 35

VPN? 71 VPN LAN VPN VPN LAN 72 802.11b2.4GHz(IMS) 11Mbps PCMCIAUSB» RC4» http://airsnort.sourceforge.net/ 36

LAN 73 4 MAC 3 LAN 1 MAC SSID LAN LAN or 2 WEP 5 WEP 74 ISAAC 2001130 Internet Security, Applications, Authentication and Cryptography http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html 2001330 http://www.cs.umd.edu/%7ewaa/wireless.pdf http://www.cisco.com/japanese/warp/public/3/jp/produ ct/product/wireless/ao350ap/prodlit/1327_pp.html#a0 02 37

?? 75 802.1x/EAP 76 SSH SSL LAN LAN or 802.1x/EAP!! 38

2. 77 3. POP/SMTP over SSL ISP ISP PC PC 1. 4. PGP(Pretty Good Privacy) S/MIME(Secure/MIME)» MIME Multipurpose Internet Mail Extensions 78 39

40 79 80

» DES, TripleDES, ISEA, RC2, RC4, MISTY, FEAL, CAST» RSA, Diffie-Hellman, ElGamal» SHA-1,MD5 81? 82 41

83 128160 84 X Y 42

PKI 85 Public Key Infrastructure Web VPN 86 DB WWW WWW (DB) 43

SSL? 87 SSL»» DB»?» 88 44

89 Unsolicited Commercial Email SPAM SPAM? FAXDM? 90 45

SPAMer 91 SPAM SPAMer SPAMer SPAMer 92 46

Cookie Web?»? Cookie IP 93 94 47

95 Netscape7.0 IP 96 IP JPNIC?»» 48

97? Web» 98 Self Service Gas Station? 49

99 100 http://www.jipdec.or.jp/security/privacy/»»»» 50

101 URL http://www.ipa.go.jp/security/index.html JPCERT/CC http://www.jpcert.or.jp/ http://www.kantei.go.jp/jp/it/security/index.html http://www.meti.go.jp/kohosys/topics/10000098/ 2003 BP BP 1,480 102 51