suguru.PDF

Similar documents
PDF

IW2002-B5 1 Internet Week ( ) 9:30 12:30 ( ) Copyright 2002 All Rights Reserved, by Seiji Kumagai ADSL FTTH 24 IP LAN

今企業が取るべきセキュリティ対策とは策

IW2001-B2 1 Internet Week 2001 ( ) Copyright 2001 All Rights Reserved, by Seiji Kumagai IW2001-B2 2 CodeRed Copyright 2001 All Rights

AirMac ネットワーク構成の手引き

AirMac ネットワーク for Windows

橡C22.PDF

橡sirahasi.PDF

1. 2. ( ) Secure Secure Shell ssh 5. (xinetd TCP wrappers) 6. (IPsec) 7. Firewall 2

2004 SYN/ACK SYN Flood G01P014-6

集中講義 インターネットテクノロジー 第5回

1. 2

3. RIR 3.1. RIR Regional Internet Registry APNIC Asia Pacific Network Information Centre RIR RIPE NCC Réseaux IP Européens Network Coordination Centre

Copyright

Web STEPS Web Web Form Cookie HTTP STEPS Web

- 1 -

情報セキュリティの現状と課題

内閣官房情報セキュリティセンター(NISC)


Testing XML Performance

Zurich, CH Brussels, BE Wrocław, PO Toronto, CA Ottawa, CA Herzliya, IL Almaden, US Boulder, US Detroit, US TJ Watson, US Tokyo, JP Tokyo, JP Atlanta,

YMS-VPN1_User_Manual

untitled

PowerPoint プレゼンテーション

perimeter gateway

untitled

Japan Computer Emergency Response Team Coordination Center インシデントレスポンス概論 JPCERT コーディネーションセンター山賀正人 2003/11/ JPCERT/CC

system02.dvi

2 1: OSI OSI,,,,,,,,, 4 TCP/IP TCP/IP, TCP, IP 2,, IP, IP. IP, ICMP, TCP, UDP, TELNET, FTP, HTTP TCP IP

wide93.dvi

IP IP DHCP..

TCP/IP Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.3 Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.4 2

はじめに

2011 I/ 2 1

LAN

Mac OS X Server Windows NTからの移行

1. PKI (EDB/PKI) (Single Sign On; SSO) (PKI) ( ) Private PKI, Free Software ITRC 20th Meeting (Oct. 5, 2006) T. The University of Tokush


2

橡C12電子メール最新技術動向revisd.PDF

/02/ /09/ /05/ /02/ CA /11/09 OCSP SubjectAltName /12/02 SECOM Passport for Web SR

Windows Oracle -Web - Copyright Oracle Corporation Japan, All rights reserved.

Tya-net Thirteen Rules of Use Tya-net Don't violate the intended use of Tya-net. Tya-net Don't let anyone know your passwords. Use strong passwords. M

Si-R30取扱説明書

...i A

XMLを基盤とするビジネスプロトコルの動向

スライド 1


ネットワークセキュリティー

IPSJ SIG Technical Report Vol.2013-OS-127 No.2 Vol.2013-EMB-31 No /12/ SNS(Social Networking Service) SNS Friend News System Friend

guide.PDF

C17.pdf

Zurich, CH Brussels, BE Wrocław, PO Toronto, CA Ottawa, CA Herzliya, IL Almaden, US Detroit, US Tokyo, JP Boulder, US TJ Watson, US Tokyo, JP Atlanta,

C02.pdf

1 Linux UNIX-PC LAN. UNIX. LAN. UNIX. 1.1 UNIX LAN. 1.2 Linux PC Linux. 1.3 studenta odd kumabari studentb even kumabari studentc odd kumabari student

ルータ(IPv6)掲示用池田.PDF

johokiso-internet

GTSC Security Response Team Microsoft Asia Limited ( ) 2

shio_ PDF


1 基本的考え方

. No.1 Copyright: Takahiro Kiu No.1 (UMIN Cente

untitled

untitled

BIG‑IP Access Policy Manager | F5 Datasheet

/07/ /10/12 I

dvi

ICカード利用システムにおいて新たに顕現化したPre-play attackとその対策

"CAS を利用した Single Sign On 環境の構築"

Lync Server 2010 Lync Server Topology Builder BIG-IP LTM Topology Builder IP Lync 2010 BIG IP BIG-IP VE Virtual Edition BIG-IP SSL/TLS BIG-IP Edge Web

Anti-Spam Seminar (IAjapan)

2

Mac OS X Server QuickTime Streaming Server 5.0 の管理(バージョン 10.3 以降用)

¥Í¥Ã¥È¥ï¡¼¥¯¥×¥í¥°¥é¥ß¥ó¥°ÆÃÏÀ

橡C16.PDF

電子メールのセキュリティ

FirePass Edge Client TM Edge Client LAN Edge Client 7.0 Edge Client Edge Client Edge Client Edge Client Edge Client Edge Client LAN Edge Client VPN Wi

Teradici Corporation # Canada Way, Burnaby, BC V5G 4X8 Canada p f Teradici Corporation Teradi

1 OS OS OS Macintosh

第1章 調査の概要

Macintosh HD:Users:ks91:Documents:lect:nm2002s:nm2002s03.dvi

<Documents Title Here>

Win XP SP3 Japanese Ed. NCP IPSec client Hub L3 SW SRX100 Policy base VPN fe-0/0/0 vlan.0 Win 2003 SVR /

untitled

ScreenOS 5.0 ScreenOS 5.0 Deep Inspection VLAN NetScreen-25/-50/-204/-208 HA NetScreen-25 HA Lite NetScreen-25 NetScreen-50) ALG(Application Layer Gat

Windows と Linux のセキュリティ: 噂の真相

worm hoihoi

Si-R180 ご利用にあたって

( )

Cisco Aironet 1130AG アクセス ポイント クイック スタート ガイド

8 P2P P2P (Peer-to-Peer) P2P P2P As Internet access line bandwidth has increased, peer-to-peer applications have been increasing and have great impact

Dec , IS p. 1/60

Broadband Internet I / 1 1 I / 1 2

橡c03tcp詳説(3/24修正版).PDF

"CAS を利用した Single Sign On 環境の構築"

Oracle Identity Managementの概要およびアーキテクチャ

3_39.dvi

IT講習会

i TCP/IP NIC Intel 3com NIC TCP/IP *1 20 IPv4 IPv6 IPv6 TCP/IP TCP/IP *1 3

VNSTProductDes3.0-1_jp.pdf

Transcription:

ThinkQuest2002 Suguru Yamaguchi (c) 2002 1 ThinkQuest2002 Suguru Yamaguchi (c) 2002 2 Internet: Global and Ubiquitous Infrastructure for Communication Society Internet Technology CATV Cable Modem TCP/IP ATM Optical Fiber Copper Cable WDM/SDH ThinkQuest2002 Suguru Yamaguchi (c) 2002 3 ISDN Communication Technology WWW Computer literacy, Non stop business on the Internet in domestic & international arena What is illegal offline remains illegal online Illegal and harmful content on the InternetCOMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS ThinkQuest2002 Suguru Yamaguchi (c) 2002 5 ThinkQuest2002 Suguru Yamaguchi (c) 2002 6 1

Computer Security Incidents. / / http://www.npa.go.jp/hightech/arrest_repo/kenkyo_2000.htm ThinkQuest2002 Suguru Yamaguchi (c) 2002 7 ThinkQuest2002 Suguru Yamaguchi (c) 2002 8 http://www.jpcert.or.jp/stat/reports.html Statistics@JPCERT/CC 3,000 2,500 2,000 1,500 96/10-96/12 97/04-97/06 97/10-97/12 98/04-98/06 98/10-98/12 99/04-99/06 99/10-99/12 00/04-00/06 00/10-00/12 01/04-01/06 01/10-01/12 1,000 500 0 1996Q4 1997 1998 1999 2000 2001 2002Q1 Number of Reports Est. 2002 ThinkQuest2002 Suguru Yamaguchi (c) 2002 9 ThinkQuest2002 Suguru Yamaguchi (c) 2002 10 Statistics@CERT/CC! 45000 40000 35000 30000 25000 20000 15000 10000 5000 0 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 38,000 ATTACKS 13,300 BLOCKED Protection 24,700 SUCCEED Detection 988 DETECTED 23,712 UNDETECTED Reaction 267 REPORTED 721 NOT REPORTED Number of Reports Est. 2001 (3Q) ThinkQuest2002 Suguru Yamaguchi (c) 2002 11 GAO/AIMD-96-84 Defense Information Security ThinkQuest2002 Suguru Yamaguchi (c) 2002 12 2

! Port Scanning & Probe. Port scanning shellcode SPAM Denial of Services (DoS) DoS ThinkQuest2002 Suguru Yamaguchi (c) 2002 13 ThinkQuest2002 Suguru Yamaguchi (c) 2002 14 CodeRed 15 ThinkQuest2002 Suguru Yamaguchi (c) 2002 15 ThinkQuest2002 Suguru Yamaguchi (c) 2002 16 Buffer Overflow Attack wuftp, Netscape Enterprise Server, Microsoft IIS,. (boundary check) Internet Worm (1988) Buffer Overflow Attack Buffer ( ) Boundary Check ThinkQuest2002 Suguru Yamaguchi (c) 2002 17 ThinkQuest2002 Suguru Yamaguchi (c) 2002 18 3

OS Solaris sadmindbuffer overflow Worm sadimind Solaris Worm Windows IIS IIS IIS ThinkQuest2002 Suguru Yamaguchi (c) 2002 19 ThinkQuest2002 Suguru Yamaguchi (c) 2002 20 DDoS Distributed DoS Attack DoS 20002: YahooCNN ebay, Amazon DDoS 19998 trinoo DDoS FBI ISP DDoS Zombie 1. 2. trigger ThinkQuest2002 Suguru Yamaguchi (c) 2002 21 ThinkQuest2002 Suguru Yamaguchi (c) 2002 22 DoS Growth of Internet Users in Japan CodeRed DoS DoS? DoS DoS Nimda? WIDE Project ThinkQuest2002 Suguru Yamaguchi (c) 2002 23 ThinkQuest2002 Suguru Yamaguchi (c) 2002 24 4

DDoS Host Network link Lessons from our reports (rootkit ) () ( ) ThinkQuest2002 Suguru Yamaguchi (c) 2002 25 ThinkQuest2002 Suguru Yamaguchi (c) 2002 26 DoS Computer Literacy Scripty kids?»»»» ThinkQuest2002 Suguru Yamaguchi (c) 2002 27 ThinkQuest2002 Suguru Yamaguchi (c) 2002 28 TFM2K CodeRed, Nimda ISP DDoS Agent MTA SPAM ThinkQuest2002 Suguru Yamaguchi (c) 2002 29 ThinkQuest2002 Suguru Yamaguchi (c) 2002 30 5

ThinkQuest2002 Suguru Yamaguchi (c) 2002 31 ThinkQuest2002 Suguru Yamaguchi (c) 2002 32 (audit) Integrity management ThinkQuest2002 Suguru Yamaguchi (c) 2002 33 ThinkQuest2002 Suguru Yamaguchi (c) 2002 34 CISO (Chief Information and Security Officer) CISO HRM (Human Resource Management) and other RM Public Relations and Publicity activities. ThinkQuest2002 Suguru Yamaguchi (c) 2002 35 ThinkQuest2002 Suguru Yamaguchi (c) 2002 36 6

ThinkQuest2002 Suguru Yamaguchi (c) 2002 37 ThinkQuest2002 Suguru Yamaguchi (c) 2002 38 RFC 2196 Site Security Handbook (threat) ThinkQuest2002 Suguru Yamaguchi (c) 2002 39 ThinkQuest2002 Suguru Yamaguchi (c) 2002 40 GAO report [AIMD -98-68] Executive guide Information Security Management -- Learning from Leading Organizations -- 1. 2. 3. (accountable) 4. 5. 10 12 13 6. 14 15 16 7. ThinkQuest2002 Suguru Yamaguchi (c) 2002 41 ThinkQuest2002 Suguru Yamaguchi (c) 2002 42 7

ThinkQuest2002 Suguru Yamaguchi (c) 2002 43 / (risk assessment) : {Tn} : P(Tn) : V(Tn) V(Tn)P(Tn) ThinkQuest2002 Suguru Yamaguchi (c) 2002 44 (1). / / ThinkQuest2002 Suguru Yamaguchi (c) 2002 45 ThinkQuest2002 Suguru Yamaguchi (c) 2002 46 (2) : Web..»». (3) (passive attack) (eavesdropping, wire tapping) (traffic analysis) (active attack) (packet stream modification) (Denial of Service) (masquerading) (unauthorized access),, replay attack. ThinkQuest2002 Suguru Yamaguchi (c) 2002 47 ThinkQuest2002 Suguru Yamaguchi (c) 2002 48 8

(4).. ThinkQuest2002 Suguru Yamaguchi (c) 2002 49 ThinkQuest2002 Suguru Yamaguchi (c) 2002 50,,,,... 1 ThinkQuest2002 Suguru Yamaguchi (c) 2002 51 ThinkQuest2002 Suguru Yamaguchi (c) 2002 52 (1) ThinkQuest2002 Suguru Yamaguchi (c) 2002 53 9

(2) Incident Response, response ThinkQuest2002 Suguru Yamaguchi (c) 2002 55 ThinkQuest2002 Suguru Yamaguchi (c) 2002 56 JPCERT/CC http://www.jpcert.or.jp/ed/ ThinkQuest2002 Suguru Yamaguchi (c) 2002 57 ThinkQuest2002 Suguru Yamaguchi (c) 2002 58 Firewall VPN NAT Proxy clearing house WWW etc. Firewall VPN Proxy NAT ThinkQuest2002 Suguru Yamaguchi (c) 2002 59 ThinkQuest2002 Suguru Yamaguchi (c) 2002 60 10

Firewall(1) Firewall (2) "Choke & Gate" style Choke Filtering Gate Services Access Control Firewall-segment DMZ (Demilitarized Zone) DNS httpd sendmail Firewall ( ) filtering gateway external gateway Filtering Gateway socks VPN (Virtual Private Network) VPN VPN FireWall A B C VPN FireWall D ThinkQuest2002 Suguru Yamaguchi (c) 2002 64 TCP TCP SMTP(mail), NNTP(news) UDP DNS, phone FTP FTP PASV FTP Ncftp control control FTP client data FTP server FTP client data FTP server Firewall Firewall 11

FTP Proxy HTTP HTTP control data WWW client Proxy Server Firewall WWW Serve WWW VPN SSH ThinkQuest2002 Suguru Yamaguchi (c) 2002 69 ThinkQuest2002 Suguru Yamaguchi (c) 2002 70 (authentication) (entity) Entity: ( ) ID (bio -metrics) ThinkQuest2002 Suguru Yamaguchi (c) 2002 71 ThinkQuest2002 Suguru Yamaguchi (c) 2002 72 12

UNIX Password System 8 (/etc/passwd) weak password) 2 Reusable Password replay attack One Time Password ThinkQuest2002 Suguru Yamaguchi (c) 2002 73 ThinkQuest2002 Suguru Yamaguchi (c) 2002 74 Challenge-Response System 1234543 challenge response Challenge Response System (2) challenge response response Message Digest (e.g. S/KEY) response SecureID ThinkQuest2002 Suguru Yamaguchi (c) 2002 75 ThinkQuest2002 Suguru Yamaguchi (c) 2002 76 Message Digest 16 Secure Hashing Algorithm MD4, MD5, SHA1 S/KEY MD n+1 (k) MD n (k) Pass-phrase Seed pass-phrase Seed pass-phrase UNIX Password sult k: pass-phrase seed 13

S/KEY S/KEY Challenge-Reply system MD n (k) Challenge: n-1 Seed Reply: MD n-1 (k) Dictionary Mapping 16 User ID suguru Count and Seed 29 vax15 One Time Password cat sun gaur tuft noun soon host: vax S/KEY database suguru: 30 vax15 tang fun fish moon smug gray Token Card ( SecurID (by Security Dynamics) SafeWord (by Secure Computing) Challenge/Response X9.9 SecureNetKey (by AssureNet) Challenge/Response ( ) ThinkQuest2002 Suguru Yamaguchi (c) 2002 81 ( public key) ( secret key) Digital Signature WWW HTTP HTTPS HTTPSSSL(Secure Socket Layer) / TLS (Transport Layer Security) ThinkQuest2002 Suguru Yamaguchi (c) 2002 84 14

SSL Secure Socket Layer 2 DES, Triple DES, RC2, RC4 MD5, SHA1 RSA SSL - 1 X.509 ID ThinkQuest2002 Suguru Yamaguchi (c) 2002 85 ThinkQuest2002 Suguru Yamaguchi (c) 2002 86 SSL - 2 Biometrics ThinkQuest2002 Suguru Yamaguchi (c) 2002 87 ThinkQuest2002 Suguru Yamaguchi (c) 2002 88 Biometrics (2) biometrics Token card password system (authentication) (authorization) PKIX ThinkQuest2002 Suguru Yamaguchi (c) 2002 89 ThinkQuest2002 Suguru Yamaguchi (c) 2002 90 15

SSH1 & SSH2 SSH1(MITM BSD r command full compatible port forwarding SSH ThinkQuest2002 Suguru Yamaguchi (c) 2002 91 ThinkQuest2002 Suguru Yamaguchi (c) 2002 92 DES/RSA SSH SSH Protocol Architecture draft-ietf-secsh-architecture-07.txt encryption, integrity, compression host authentication user authentication ThinkQuest2002 Suguru Yamaguchi (c) 2002 93 ThinkQuest2002 Suguru Yamaguchi (c) 2002 94 ssh2 /home/suguru/.ssh2/id_dsa_1024_a /home/suguru/.ssh2/id_dsa_1024_a.pub passphrase SSH passphrase Port Forwarding SSH SSH client/ssh server SSH firewall outbound ThinkQuest2002 Suguru Yamaguchi (c) 2002 95 ThinkQuest2002 Suguru Yamaguchi (c) 2002 96 16

Port Forwarding SSH client Application Server SSH server Application Server SSH BSD r command rlogin rsh SSH CVS SSH Port Forwarding firewall friendly ThinkQuest2002 Suguru Yamaguchi (c) 2002 97 ThinkQuest2002 Suguru Yamaguchi (c) 2002 98 PGP (Pretty Good Privacy) S/MIME Ssh ThinkQuest2002 Suguru Yamaguchi (c) 2002 100 Monitoring Monitoring IDS (Intrusion Detection System) Footprint IDS ThinkQuest2002 Suguru Yamaguchi (c) 2002 102 17

: - - - ThinkQuest2002 Suguru Yamaguchi (c) 2002 103 ThinkQuest2002 Suguru Yamaguchi (c) 2002 104,,,... /, (JPCERT/CC),...,,, etc...!? ThinkQuest2002 Suguru Yamaguchi (c) 2002 105 ThinkQuest2002 Suguru Yamaguchi (c) 2002 106 (1) (2) JPCERT/CC ThinkQuest2002 Suguru Yamaguchi (c) 2002 107 ThinkQuest2002 Suguru Yamaguchi (c) 2002 108 18

(), ),,,,, /,,,,... JPCERT/CC ThinkQuest2002 Suguru Yamaguchi (c) 2002 109 ThinkQuest2002 Suguru Yamaguchi (c) 2002 110 JPCERT/CC Japan Computer Emergency Response Team Coordination Center 199610 1992 FIRST CSIRT CSIRT Computer Security Incident Response Team 198811 Morris worm CERT/CC (Computer Emergency Response Team Coordination Center) CERTCC-KR ( ) AusCERT ( ) CERT -Renater ( ) ThinkQuest2002 Suguru Yamaguchi (c) 2002 111 ThinkQuest2002 Suguru Yamaguchi (c) 2002 112 FIRST http://www.first.org/ Forum of Incident Response and Security Teams 1990CERT/CC CSIRT http://www.first.org/team-info/ (Incident Response) JPCERT/CC (Web/FTP) ML ThinkQuest2002 Suguru Yamaguchi (c) 2002 113 ThinkQuest2002 Suguru Yamaguchi (c) 2002 114 19

80 80 80 80 7 0 7 0 70 70 6 0 6 0 60 60 50 5 0 50 5 0 40 NORTH 40 4 0 A S I A 4 0 AMERICA PACIFIC 30 TROPICOFCANCER 3 0 30 TROPICOFCANCER OCEAN 20 20 10 P A C I F I C 10 AFRICA EQUATOR INDIAN O C E A N SOUTH OCEAN 10 10 AMERICA 10 10 20 TROPICOFCAPRICORN 20 20 TROPOFCAPRICORN 20 AUSTRALIA 3 0 30 0 303 0 30 40 40 40 50 50 50 60 70 60 40 50 GREENLAND 40 50 60 70 O C E A N GREENLAND E U R O P E 60 60 70 70 70 50 60 30 40 40 5 0 60 60 30 20 EQUATOR 3 40 50 JPCERT/CC : ( ) : JPCERT/CC Structure of JPCERT/CC JPCERT/CC board committee steering committee secretariat 12 full-time staff (9 engineers) Two way communications advisory Vendors Leaders from the Public and Private Sectors Internet Service Providers ThinkQuest2002 Suguru Yamaguchi (c) 2002 115 ThinkQuest2002 Suguru Yamaguchi (c) 2002 116 Security Response Process (1) FIRST member A T L A N T I C JPCERT/CC Incident Response JPNIC (Whois DB ) ISPs & Vendors info @jpcert.or.jp Private Sector Constituency Bulletin Alerts Knowledge Base Patches Web / E-Mail Coordination Research Development IPA/ISEC ThinkQuest2002 Suguru Yamaguchi (c) 2002 117 ThinkQuest2002 Suguru Yamaguchi (c) 2002 118 (2) ThinkQuest2002 Suguru Yamaguchi (c) 2002 119 ThinkQuest2002 Suguru Yamaguchi (c) 2002 120 20

JPCERT/CC JPCERT/CC Our Contact E-mail: info@jpcert.or.jp Hotline: 03-5575-7762 Fax: 03-5575-7764 WWW: http://www.jpcert.or.jp/ Mailing List: http://www.jpcert.or.jp/announce.html ThinkQuest2002 Suguru Yamaguchi (c) 2002 121 ThinkQuest2002 Suguru Yamaguchi (c) 2002 122 21

2024 © docsplayer.net プライバシー | 利用規約 | フィードバック