1 Internet Week 2001 ( ) kuma@isid.co.jp 2 CodeRed 1
3 (EXCEED ) se cu ri ty? 4? 2
5 Web IP Web MP3 6 3
7 1.5Mbps8Mbps 500 MP3 CM VoD 8 4
ADSL (Asymmetric Digital Subscriber Line) () CATV FWA (Fixed Wireless Access) FTTH (Fiber To The Home) Ethernet 9 10 ISP ISP ISP 5
() 11 ISP ISP ADSL FTTH ADSL FTTH CATV LAN 12 6
1/22/3 13 14 IDF IDF IDF IDF MDF 7
1.5Mbps128kbps 100Mbps300 15 16 8
17 VLAN 18 LAN?? 9
LAN 19 2.4GHz(IMS) 11Mbps PCMCIA USB» RC4» http://airsnort.sourceforge.net/ 20 10
21 2000 1 Web 2001 7Sircam PC 2001 8CodeRed 2001 9Nimda 22 Web 11
23 http://www.ipa.go.jp/security/txt/2001_11.html Sircam 24 Sircam http://www.ipa.go.jp/security/topics/sircam.html 10 16 C MS-Word MS-Excel» Outlook, Outlook Express Web 12
25 26 ISP PC 13
CodeRed 27 2001 7 19CERT/CC» http://www.cert.org/advisories/ca-2001-19.html 26 IIS Index Server CERT/CC 2001 6 19» http://www.cert.org/advisories/ca-2001-13.html 2001 6 18» http://www.microsoft.com/japan/technet/security/prekb.asp?s ec_cd=ms01-033 CodeRed 28 IP IP CodeRed IIIP LAN 14
CodeRed 29 URL=http://www.security.nl/misc/codered-stats/ 30 CodeRedPC IIS Windows 2000 Professional IIS PC 15
LAN PC PC LAN 31 CodeRed 32 16
Nimda 33 Nimda» http://www.ipa.go.jp/security/topics/newvirus/nimda.html + InternetExplorer OutLook IIS Web CodeRed II CodeRed Microsoft? 34!?!? 17
1? 35 vs. 36 18
37»»» 38 19
39 40 20
PCLAN? OK? PC?? PC? 41 Web IP 42 21
43 SPAM 44» ID» 22
Web 45 2000 1 46 Q2 23
47 48 SPAM SPAM!! 24
49? 50? 25
??!!? 51 52 26
() 53 M () 54 27
? 55 56 28
57 CGI(Common Gateway Interface) 58 29
59»»»? 60 LAN () 30
61 62 31
63 PC PC PC PC PC PC PC PC PC PC 2.5HD50Mbps? 64 32
65 CodeRed IIS» 66?? 33
67 5 2 1 4 6 3 Denial of Service 68 DoS DDoS Distributed DoS DoS 34
?? ISP ISP LAN 69» DES, TripleDES, ISEA, RC2, RC4, MISTY, FEAL, CAST» RSA, Diffie-Hellman, ElGamal» SHA-1,MD5 70 35
»» 71 72 36
73 () ()() 1024 2048 4096 74 37
75 Virtual Private Network»»» 76 38
Virtual Private Network() VPN 77 VPN ISP 155Mbps172G(1.7TB/ )» 78 39
? 79 128 160 80 X Y 40
81 Public Key Infrastructure PKI CA (Certificate Authority) 82 41
PKI Web VPN 83? ( ) 1,500 / /!! 84 42
»?? 85 86 43
87 88 WWW (DB) DB WWW 44
SSL 89 Secure Sockets Layer»» SSL? 90 SSL»» DB»?» 45
91 92 46
PC X PC Y ISP A ISP B ISP C ISP D ISP H IX: Internet exchange ISP: Internet Service Provider ISP E ISP F ISP G Web Z ISP K ISP J 93 PC 94 2. 3. ISP ISP 1. PC PC 4. 47
95 2. 3. ISP ISP PC PC 1. 4. PGP(Pretty Good Privacy) S/MIME(Secure/MIME)» MIME Multipurpose Internet Mail Extensions 96 48
49 97 98
Unsolicited Commercial Email SPAM SPAM? FAXDM? 99 Cookie Web?»? Cookie IP 100 50
101 102 51
IP 103 IP JPNIC?»» 104? Web» 52
105 SSGS 106 53
107 108 http://www.jipdec.or.jp/security/privacy/»»»» 54
IDN International Domain Name.jp.com URL Web IDN IDN?? 109 110 55
111 112 56
!? 113 FD OK NTT?? 114 57
115 Web 116 IP PC 58
117 118 59
119 ID URL 120 http://www.ipa.go.jp/security/index.html JPCERT/CC http://www.jpcert.or.jp/ http://www.kantei.go.jp/jp/it/security/index.html http://www.meti.go.jp/kohosys/topics/10000098/ The SANS (System Administration, Networking, and Security) Institute http://www.sans.org/ 60