|
Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
|
|
|
|
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2007.10.11 ¸ñ, 3:32 pm ÁÖÁ¦: ¾ÆÀÌÅÛº£ÀÌ¿Í ¾ÆÀÌÅÛ¸Å´Ï¾Æ µîÀÇ DDoS°ø°Ý °ü·Ã |
|
|
9¿ù(Ãß¼®±â°£)¿¡µµ ÀÌµé »çÀÌÆ®¿¡ ½ÉÇÑ DDoS °ø°ÝÀÌ ÀÖ¾ú´ø °ÍÀ¸·Î ¾Ë°í ÀÖÀ¸¸ç, 10¿ù 8ÀϺÎÅÍ Áö±Ý±îÁö ¼ºñ½º¸¦ °ÅÀÇ ÇÏÁö ¸øÇÏ°í ÀÖ´Ù.
¾ð·Ðº¸µµ¿¡µµ ÀÌÁ¦ ³Ê¹« ¸¹ÀÌ ³ª¿À°í ÀÖÀ¸´Ï ã¾Æº¸¸é ½±°Ô È®ÀÎÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù.
* ¾ÆÀÌÅÛ °Å·¡ »çÀÌÆ® ¶Ç Á¢¼Ó¿À·ù (2007.10.8, ¸ÅÀÏ°æÁ¦)
¡¡ http://news.media.daum.net/digital/it/200710/08/mk/v18392631.html
* ¾ÆÀÌÅÛº£ÀÌ, Á¢¼ÓÀå¾Ö´Â DDoS¿¡ ÀÇÇÑ °Í
¡¡ http://www.gamechosun.co.kr/site/data/html_dir/2007/10/10/20071010000021.html
¡¡ http://www.moneytoday.co.kr/view/mtview.php?type=1&no=2007101018242147907
* ¾ÆÀÌÅÛº£ÀÌ£¢Á¤º¸¡¤µ¥ÀÌÅÍ ¾ÈÀü£¢ Æ®·¡ÇÈ ÆøÁÖ¶§¹®
¡¡ http://www.fnnews.com/view?ra=Sent0901m_01A&corp=fnnews&arcid=0921119322&cDateYear=2007&cDateMonth=10&cDateDay=10&
* ÇØÄ¿¿¡°Ô µ·À» ÁÖ°í ÇØÅ·À» ¸·¾Æ¾ß Çϳª?
¡¡ http://www.gamechosun.co.kr/site/data/html_dir/2007/10/10/20071010000017.html
* ³×À̹ö Áö½ÄÀο¡ °í°´µéÀÌ ¿Ã¸° ³»¿ëµé (10¿ù 8ÀÏ¿¡ ºñÇØ ´äº¯ÀÌ ¸¹ÀÌ ´Ã¾ú´Ù. ^^)
¡¡ http://kin.naver.com/ing/detail.php?d1id=2&dir_id=20103&eid=FgHPgj0XXHemgh9ZMlMrZCrh3cmuRYcu&qb=vsbAzMXbuMW0z77G
¡¡ http://kin.naver.com/ing/detail.php?d1id=1&dir_id=102&eid=Fmgsq5q12Sb1TlSY+qL+vq4Uoi6bplc2&qb=vsbAzMXbuMW0z77G
¡¡ http://kin.naver.com/ing/detail.php?d1id=5&dir_id=506&eid=VEn913oydyH0HzZmd60lfKTMvrl/xLsf&qb=vsbAzMXbuMW0z77G
... µîµî
1. ¸ÕÀú ¾ÆÀÌÅÛº£À̸¦ »ìÆ캸ÀÚ. ¾Æ·¡´Â 10.8ÀÏÀÚ DNS lookupÇÑ °á°úÀÌ´Ù.
¡Ø ³»ºÎ »çÁ¤À» Á¤È®È÷ È®ÀÎÇÒ ¼ö ¾øÀ¸´Ï, ¿ÜºÎ¿¡¼ º¸ÀÌ´Â °á°ú·Î ÃßÃøÇغ» °ÍÀÌ´Ù.
Àοë: |
1. www IP È®ÀÎ
;; ANSWER SECTION:
www.itembay.com. 1167 IN A 211.111.211.96
;; AUTHORITY SECTION:
itembay.com. 3567 IN NS ns1.intellicenter.co.kr.
itembay.com. 3567 IN NS ns2.intellicenter.co.kr.
2. SOA ·¹ÄÚµå È®ÀÎ
;; AUTHORITY SECTION:
itembay.com. 10790 IN SOA ns1.intellicenter.co.kr. webmaster.intellicenter.co.kr. 2007100802 21600 1800 1209600 43200
|
- Serial ¹øÈ£°¡ 2007100802·Î Ç¥½ÃµÇ¾î Àִµ¥, ÀϹÝÀûÀ¸·Î ³â¿ùÀÏÀ» Ç¥±âÇÏ´Â ÆíÀÌ´Ù.(´Ü¼øÈ÷ ¼ýÀÚÀ̾ »ó°ü¾øÀ½) 10¿ù 8ÀÏ¿¡ DDoS°ø°ÝÀ¸·Î ÀÎÇØ 2¹ø Á¤µµ ¼³Á¤À» º¯°æÇßÀ» °ÍÀ¸·Î º¸ÀδÙ.
- ¼¹ö´Â ÇÁ¸®Áò¿¡ ÀÖ´Ù.
- ÀÚü DNS¼¹ö°¡ ¾Æ´Ï°í, ÇÁ¸®ÁòÀÇ DNS ¼¹öÀÌ´Ù.
- 211.111.211.96À¸·Î´Â Á¢¼Ó¾ÈµÇ°í, ¾ÆÀÌÅÛº£ÀÌ¿¡ ÇÒ´çµÈ °ÍÀ¸·Î º¸ÀÌ´Â ´Ù¸¥ IP·Î´Â Á¢¼ÓµÇ´Â °ÍÀ» º¸¸é 96¹ø IP°¡ »óÀ§´Ü¿¡¼ Â÷´ÜµÇ¾úÀ» °ÍÀÌ´Ù. ÀÌ´Â tracerouteÀÇ °á°ú·Îµµ ÃßÃøÇغ¼ ¼ö ÀÖ´Ù. (ICMP¸¦ ¸·¾Æ¼ Á¤È®È÷ üũ¾ÈµÉ ¼öµµ ÀÖÀ½)
±× ÀÌÈÄ 9ÀÏ~11ÀϱîÁö lookup°á°úÀÌ´Ù.
ÄÚµå: |
1. 10¿ù 9ÀÏ(9ÀÏÀÎÁö 10ÀÏÀÎÁö ±â¾ïÀÌ °¡¹° °¡¹°?)
;; ANSWER SECTION:
www.itembay.com. 1132 IN A 211.111.210.130
;; AUTHORITY SECTION:
itembay.com. 3529 IN NS ns1.intellicenter.co.kr.
itembay.com. 3529 IN NS ns2.intellicenter.co.kr.
2. SOA ·¹ÄÚµå È®ÀÎ
;; AUTHORITY SECTION:
itembay.com. 10755 IN SOA ns1.intellicenter.co.kr. webmaster.intellicenter.co.kr. 2007100900 21600 1800 1209600 43200
|
IPµµ º¯°æµÆ°í, SOA·¹ÄÚµåÀÇ serialµµ 100900À¸·Î º¯°æµÇ¾ú´Ù. ¼¹ö IP³ª, ³×Æ®¿÷ ȸ¼± º¯°æÀ» ÅëÇؼ ¼ºñ½º¸¦ ´Ù½Ã ÇÏ·Á°í ÇßÀ» °ÍÀ¸·Î º¸ÀδÙ. ±×·¯³ª ´Ù½Ã ¸·Èù °ÍÀ¸·Î º¸ÀÌ°í, Áö±Ý±îÁöµµ ¸·Èù °Í °°´Ù.
2. ¾ÆÀÌÅ۸ŴϾƵµ ºñ½ÁÇÑ ÇüÅÂÀÌ´Ù.
Àοë: |
1. www IP È®ÀÎ
;; ANSWER SECTION:
www.itemmania.co.kr. 28800 IN A 211.239.169.39
;; AUTHORITY SECTION:
itemmania.co.kr. 28800 IN NS ns5.cninet.co.kr.
itemmania.co.kr. 28800 IN NS ns6.cninet.co.kr.
|
- SOA ·¹Äڵ带 È®ÀÎÇßÀ¸³ª Serial ¹øÈ£°¡ ´Ü¼ø ¼ýÀÚÇüÅ¿©¼ ¾ðÁ¦ º¯°æÇß´ÂÁö´Â È®ÀÎ ºÒ°¡´É
- ¼¹ö´Â È£½ºÆ®¿þÀÌ¿¡ ÀÖ´Ù.
- ÀÚü DNS¼¹ö°¡ ¾Æ´Ï°í, È£½ºÆ®¿þÀÌÀÇ DNS ¼¹öÀÌ´Ù.
- 211.239.169.39·Î´Â Á¢¼Ó¾ÈµÇ°í, ¾ÆÀÌÅ۸ŴϾƿ¡ ÇÒ´çµÈ °ÍÀ¸·Î º¸ÀÌ´Â ´Ù¸¥ IP·Î´Â Á¢¼ÓµÇ¾ú´Ù(10.8ÀÏ »óȲ). ±×·¯³ª ¾îÁ¦ºÎÅÍ´Â ´Ù¸¥ IP·Îµµ Á¢¼ÓÀÌ ¾ÈµÇ¾ú´Ù.
ÄÚµå: |
1. www·Î traceroute
traceroute to www.itemmania.co.kr (211.239.169.39), 30 hops max, 38 byte packets
... »ý·« ...
4 211.239.208.97 (211.239.208.97) 4.763 ms 3.387 ms 4.400 ms
5 211.239.208.65 (211.239.208.65) 5.905 ms 5.393 ms 5.213 ms
6 211.115.197.185 (211.115.197.185) 5.655 ms 6.640 ms 5.639 ms
7 *
2. ´Ù¸¥ IP·Î traceroute (2007.10.10ÀÏ)
traceroute to 211.239.169.?? (211.239.169.??), 30 hops max, 38 byte packets
... »ý·« ...
4 211.239.208.97 (211.239.208.97) 3.268 ms 3.260 ms 3.245 ms
5 211.239.208.65 (211.239.208.65) 6.153 ms 5.736 ms 7.514 ms
6 211.115.197.57 (211.115.197.57) 5.999 ms 6.119 ms 5.510 ms
7 211.115.208.244 (211.115.208.244) 5.162 ms 5.306 ms 5.943 ms
8 *
3. ´Ù¸¥ IP·Î traceroute (2007.10.11ÀÏ)
... »ý·« ...
26 211.115.208.242 (211.115.208.242) 5.596 ms 5.888 ms 6.843 ms
27 211.115.208.244 (211.115.208.244) 5.514 ms 5.384 ms 5.431 ms
28 211.115.208.242 (211.115.208.242) 6.133 ms 5.617 ms 5.748 ms
29 211.115.208.244 (211.115.208.244) 5.316 ms 5.333 ms 5.361 ms
30 211.115.208.242 (211.115.208.242) 5.532 ms 5.523 ms 5.910 ms
|
- ´Ù¸¥ IP·Î´Â À¥ÆäÀÌÁö±îÁö Á¢¼ÓÀÌ µÈ »óȲÀ̾ú°í, traceroute °á°ú°¡ ´Ù¸¥ °ÍÀ» º¸¸é »óÀ§´Ü¿¡¼ IP¸¦ Â÷´ÜÇßÀ» °ÍÀ¸·Î º¸ÀδÙ.
- 11ÀÏ¿¡´Â ´Ù¸¥ ¿©·¯ IP·Î tracerouteÇÑ °á°ú, ¶ó¿ìÆà ·çÇÁ°¡ ¹ß»ýÇÏ°í ÀÖ´Ù. µû¶ó¼ ÇöÀç´Â ¾ÆÀÌÅ۸ŴϾÆÀÇ ¸ðµç IP·ÎÀÇ Á¢±ÙÀÌ ¾ÈµÇ´Â °ÍÀ¸·Î º¸¸é µÉ °Í °°´Ù.
3. °ø°ÝÀ» ±â¼úÀûÀ¸·Î ¸·±â ¾î·Á¿ì´Ï Àå¾Ö½Ã°£À» ÁÙ¿©¾ßÇÒ °ÍÀÌ´Ù.
1. ȸ¼± ´ë¿ªÆøÀÌ ÁÁ°í, ¹éº» Àåºñ°¡ ÁÁÀº °÷À¸·Î ÀÌÀüÇÏ´Â°Ô (ÀÌÀüÇÒ ¼ö¸¸ ÀÖ´Ù¸é... ^^)
2. ¼¹ö¸¦ ¿©·¯±ºµ¥ ºÐ»êÇغ¼ ¼ö Àִµ¥, ¿©·¯ °÷¿¡ ³×Æ®¿÷ ȸ¼± È®º¸¿Í ½Ã½ºÅÛÀÇ ±¸¼º º¯°æÀ¸·Î ¹®Á¦·Î ½±Áö ¾ÊÀº ºÎºÐÀÌ´Ù.
3. ÀÌÁ¤µµÀÇ ±Ô¸ð ¼ºñ½º ¾÷ü¶ó¸é ÀÚü DNS¼¹ö¸¦ ¿î¿µÇϴ°Ô.
www IP¸¦ ±âÁØÀ¸·Î °ø°ÝÀ» ÁÖ·Î ÇÏ°ÚÁö¸¸ ¸¸¾à¿¡ DNS IP¸¦ È®ÀÎÇؼ UDP °ø°ÝÀÌ µé¾î¿Â´Ù¸é Ÿ °í°´»ç¿¡µµ ½É°¢ÇÑ ¼ºñ½º Àå¾Ö°¡ »ý±æ ¼ö ÀÖÀ» °ÍÀÌ´Ù. DNS ¼¹ö IP¸¦ »óÀ§´Ù¿¡¼ ¸·´Â´Ù¸é? DNS lookupÀ» ¸øÇÏ´Ï ±× DNS¼¹ö·Î ¼ºñ½ºÇÏ´Â ¸ðµç °í°´ÀÇ ¼ºñ½º Áß´ÜÀÌ »ý±æ °ÍÀÌ´Ù.
¶ÇÇÑ, DNS¸¦ ÅëÇؼ Àå¾Ö ½Ã°£À» ÁÙÀÏ ¼ö ÀÖ´Ù.
4. ¾ÇÀÇÀû UDP, ICMP °ø°ÝÀ̶ó¸é, ÇöÀç´Â ¾Æ´Ï´õ¶óµµ ÃßÈÄ¿¡ TCP 80À¸·Î À¥ÆäÀÌÁö¸¦ °ú´ÙÇÏ°Ô È£ÃâÇÏ¿© À¥¼¹öÀÇ load¸¦ ³ôÀÌ´Â ÇüÅ·Π¼ºñ½º Àå¾Ö°¡ ¹ß»ýÇÒ ¼ö ÀÖ´Ù. www ¼¹ö°¡ ¿©·¯ ´ëÀÏ °ÍÀε¥, ±× Áß ¸î´ë¿¡´Â ÃÖ¼ÒÇÑ À¥·Î±×¸¦ »ó¼¼È÷(referer, ºê¶ó¿ìÀú¸í, ... µî) ³²°Ü, ºñÁ¤»óÀûÀÎ ¿äûÀÌ ¹ß»ýÇÏ´ÂÁö È®ÀÎÀ» ÇÏ°í, ¾ÇÀÇÀû °ø°ÝÀÇ °øÅëÁ¡ÀÌ ÀÖ´Ù¸é 403 forbiddenÀ¸·Î ó¸®ÇÒ ¼ö ÀÖµµ·Ï ¼³Á¤ÀÌ ÇÊ¿äÇÏ´Ù.
¹°·Ð ·Î±×·®Àº ¾öû³ª±âµµ ÇÏ°ÚÁö¸¸, ½Ã°£ ¶Ç´Â ºÐ´ÜÀ§±îÁö ·Î±×ÆÄÀÏÀ» ÂÉ°³°í, ·ÎÅ×À̼ÇÀ» ÇÑ´Ù¸é Å©°Ô ¹®Á¦°¡ »ý±â´Â ¾ÊÀ» °ÍÀÌ´Ù.
5. °ú´Ù°Ô DNS lookup À» ÇÏ´Â IP¸¦ Â÷´ÜÇÑ´Ù.
dnstop(DNS top, CLI¸ðµå ÇÁ·Î±×·¥) °°Àº DNS Åë°èÅøÀ» ÀÌ¿ëÇؼ, ¾î¶² IP¿¡¼ lookupÀ» ÇÏ´ÂÁö query°Ç¼ö¿Í ºñÀ²À» È®ÀÎÇÒ ¼ö ÀÖ´Ù. ÀÌÅøÀ»
ÅëÇؼ lookupÀ» ÇÏÁö ¾ÊÀ» ¸¸ÇÑ IP¿¡¼ ³ôÀº ºñÀ²·Î ¿äûÀÌ µé¾î¿Â´Ù¸é IPÂ÷´Ü Çغ»´Ù. ÁÖ·Î www·Î °ø°ÝÀÌ µé¾î¿À´Âµ¥, ÀÌ www IP¸¦ º¯°æÇϰųª ´Ù¸¥ ȸ¼±À¸·Î ¼ºñ½º¸¦ ¿Å±â°Ô µÇ¸é ¹Ù·Î ÇØ´ç IP·Î ´Ù½Ã µé¾î ¿À´Â °æ¿ì°¡ ÀÖ´Ù°í
ÇϹǷÎ, ÀÌ·± ºÎºÐµµ °í·ÁÇغ¼¸¸. ^^
¡Ø ³»ºÎ »çÁ¤À» Á¤È®È÷ È®ÀÎÇÒ ¼ö ¾øÀ¸´Ï, ¿ÜºÎ¿¡¼ º¸ÀÌ´Â °á°ú·Î ÃßÃøÇغ» °ÍÀÌ´Ù. |
|
À§·Î |
|
|
|
|
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ´ä±ÛÀ» ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù ¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù
|
Powered by phpBB © 2001, 2005 phpBB Group
|