Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
*
HanIRCÀÇ #coffeenix ¹æ
[
Àåºñ ¹× ȸ¼± ÈÄ¿ø
]
> Forum <
IT ÀÏÁ¤
N
e
w
!
ÀÚµ¿È ÇÁ·ÎÁ§Æ®
HOME
>
³×Æ®¿öÅ©(network)
>
À¥ ¼¹ö(web, httpd, apache)
µµ¿ò¸»
°Ë»ö :
»çÀÌÆ®
WHOIS
À¥¼¹ö Á¾·ù
WebDAV
(7, ±Û 1, ÀÚ·á 4)
À¥¼¹ö Æ©´×
(5, ±Û 4, ÀÚ·á 2)
À¥¼¹ö »ç¿ë Åë°è ÀÚ·á
(2, ÀÚ·á 1)
Apache SSL / mod_ssl
(4, ±Û 3, ÀÚ·á 2)
Apache ¿¡¼ DoS °ø°Ý ¸·±â (2.x±îÁö Æ÷ÇÔµÈ ±Û)
ÀÛ¼ºÀÏ : 2003/08/26 01:13
±Û¾´ÀÌ : ÁÁÀºÁøÈ£ (
http://coffeenix.net/
)
Á¶È¸¼ö : 6262
[
ÀÌÀüȸé
/
¼öÁ¤
] ºñ¹Ð¹øÈ£ :
ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel,
http://coffeenix.net/
)
ÀÛ¼ºÀÏ : 2003.8.20(¼ö) apache v1.3.x
¼öÁ¤ÀÏ : 2003.8.25(¿ù) apache v2.x ºÎºÐ Ãß°¡
ƯÁ¤ URLÀ̳ª IPÀÏ °æ¿ì³ª ƯÁ¤ÇÑ ºê¶ó¿ìÀú¸¦ ÀÌ¿ëÇÏ¿© DoS(Denial of Service, ¼ºñ½º°ÅºÎ)
°ø°ÝÀÌ µé¾î¿Â´Ù¸é httpd.conf ¿¡¼ SetEnvIf, SetEnvIfNoCase µî°ú Allow, Deny ¼³Á¤À¸·Î
°£´ÜÈ÷ ¸·À» ¼ö ÀÖ°ÚÁö¸¸ ÀÏÁ¤ÇÑ À¯ÇüÀÌ ¾ø´Ù¸é ÇØ°áÁ¡À» ã±â°¡ ½±Áö ¾Ê´Ù.
´ÙÇàÈ÷ Apache¿ë mod_dosevasive ¸ðµâ·Î DoS °ø°ÝÀ» ½±°Ô ¸·À» ¼ö ÀÖ´Ù.
¸çÄ¥Àü 1.7¹öÀü ¹ßÇ¥·Î apache 2.x¿¡¼µµ Á¤»óÀûÀ¸·Î ÀÌ ¸ðµâÀ» ÀÌ¿ëÇÒ ¼ö ÀÖ°Ô µÆ´Ù.
1. mod_dosevasive ¼³Ä¡
http://www.nuclearelephant.com/projects/dosevasive/
¿¡¼ mod_dosevasive (ÇöÀç ÃֽŹöÀüÀº 1.7)À» ¹Þ¾Æ¿Â´Ù.
1) ±âÁ¸¿¡ »ç¿ëÇÏ´ø apache 1.3.x¿¡ ¸ðµâ¸¸ Ãß°¡ÇÒ ¶§
mod_dosevasive.tar.gz À» Ǭ´ÙÀ½ apxs·Î ¼³Ä¡
----------------------------------------------
# tar xvfz mod_dosevasive.tar.gz
# cd dosevasive
#
/bin/apxs -iac mod_dosevasive.c
...
[activating module `dosevasive' in /usr/local/apache/conf/httpd.conf]
cp mod_dosevasive.so /usr/local/apache/libexec/mod_dosevasive.so
chmod 755 /usr/local/apache/libexec/mod_dosevasive.so
...
----------------------------------------------
httpd.confÀÇ LoadModule, AddModule´Â apxs°¡ ¾Ë¾Æ¼ Ãß°¡ÇØÁØ´Ù.
2) apache 1.3.xºÎÅÍ »õ·Î ÄÄÆÄÀÏÇÒ ÇÒ ¶§
mod_dosevasive.tar.gz À» apache_source_Ȩ/src/modules ¿¡ Ǭ ´ÙÀ½
±âÁ¸¿¡ apache ÄÄÆÄÀÏÇÏ´Â °Í°ú µ¿ÀÏÇÑ ¹æ¹ýÀ¸·Î ÇϵÇ, --add-module=... ¿É¼Ç¸¸
Ãß°¡ÇØÁØ´Ù.
----------------------------------------------
./configure --prefix=/usr/local/apache \
--enable-module=all --enable-shared=max \
--add-module=src/modules/dosevasive/mod_dosevasive.c <-- Ãß°¡ÇÔ
make
make install
----------------------------------------------
3) apache 2.x¿¡ ¸ðµâ¸¸ ºÙÀÏ ¶§
/bin/apxs -iac mod_dosevasive20.c
2. ¼³Á¤
httpd.conf ¿¡ ¾Æ·¡ ¼³Á¤ÀÌ ÀÖ´ÂÁö È®ÀÎÇÑ´Ù.
apache 1.3.x
----------------------------------------------
...
LoadModule dosevasive_module libexec/mod_dosevasive.so
...
AddModule mod_dosevasive.c
----------------------------------------------
apache 2.x
----------------------------------------------
LoadModule dosevasive20_module modules/mod_dosevasive20.so
----------------------------------------------
httpd.conf¿¡´Â ´ÙÀ½°ú °°ÀÌ ¼³Á¤À» Ãß°¡ÇÑ´Ù.
( ´Ü, ¾Æ·¡ ¼³Á¤ Áß¿¡ apache 2.xÀÏ ¶§´Â < IfModule mod_dosevasive20.c> ·Î )
----------------------------------------------
< IfModule mod_dosevasive.c>
DOSHashTableSize 3097
DOSPageCount 3
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 30
< /IfModule>
----------------------------------------------
DOSHashTableSize 3097
hash tableÀÇ Å©±â. IP, URIµîÀ» ºÐ¼®Çϱâ À§ÇÑ °ø°£À¸·Î ¾²ÀÌ´Â °Í °°Àºµ¥ Á¤È®È÷´Â
¸ð¸£°Ú´Ù. Á¢¼ÓÀÌ ¸¹Àº ¼¹öÀÌ¸é ¼öÄ¡¸¦ ³ôÀδÙ.
DOSPageCount 3
DOSPageInterval 1
DOSPageInterval¿¡¼ ÁöÁ¤ÇÑ ½Ã°£(ÃÊ´ÜÀ§)µ¿¾È °°Àº ÆäÀÌÁö¸¦ 3¹ø ¿äûÇÑ °æ¿ì
ÇØ´ç Ŭ¶óÀ̾ðÆ® IP¸¦ ºí·°Å·ÇÑ´Ù. ºí·°Å·µÇ´Â µ¿¾È¿¡ »ç¿ëÀÚ¿¡°Ô´Â 403(Forbidden)
Äڵ尡 Àü¼ÛµÈ´Ù.
DOSSiteCount 50
DOSSiteInterval 1
DOSSiteInterval¿¡¼ ÁöÁ¤ÇÑ ½Ã°£µ¿¾È ¾î´À ÆäÀÌÁö³ª À̹ÌÁöµç ¿äû °Ç¼ö°¡ 50¹øÀ» ³Ñ´Â
°æ¿ì ÇØ´ç Ŭ¶óÀ̾ðÆ® IP¸¦ ºí·°Å·ÇÑ´Ù. 403ÄÚµå º¸³»´Â °ÍÀº ¸¶Âù°¡Áö.
HTML ³»¿¡ À̹ÌÁö°¡ 10°³ÀÌ¸é ¿äû °Ç¼ö´Â HTMLÆ÷ÇÔÇÏ¿© 11¹øÀÌ µÇ¹Ç·Î À̹ÌÁö°¡ ¸¹Àº
»çÀÌÆ®´Â ¼ýÀÚ¸¦ Å©°ÔÇÑ´Ù.
DOSBlockingPeriod 30
ºí·°Å·µÈ IP´Â 30Ãʵ¿¾È Á¢¼ÓÀ» ÇÒ ¼ö ¾ø´Ù.
3. ¸ðµâ »ç¿ëÀ» ÁßÁöÇÏ·Á¸é
Â÷´Ü ±â´ÉÀ» ÀÌ¿ëÇÏÁö ¾Ê±â À§ÇØ
DOSPageCount 0
DOSSiteCount 0
¿Í °°ÀÌ ÇÏ¸é ¸ðµâ ³»ºÎÀÇ default°ªÀ» ÀÌ¿ëÇؼ µ¿ÀÛÇϹǷΠLoadModule, AddModule¸¦
ÁÖ¼® ó¸®ÇÏ´Â ¹æ¹ýÀ» ½á¾ßÇÑ´Ù. ¶Ç´Â Count°ªÀ» »ó´çÈ÷ Å« ¼ö¸¦ ÁöÁ¤ÇÒ ¼öµµ ÀÖ°Ú´Ù.
4. Â÷´ÜÇÏ´ÂÁö Å×½ºÆ®
°£´ÜÇÑ Å×½ºÆ® Åø·Î test.plÀ» Á¦°øÇÑ´Ù.
12¹ø° ÁÙ¿¡
printf("%03d ", $_ );
¸¦ Ãß°¡ÇÏ°í
apache¸¦ ½ÇÇà½ÃŲ ´ÙÀ½ perl test.plÀ» Çغ¸¸é 200 OK, 403 Forbidden µÈ °ÍÀ» ½±°Ô
È®ÀÎÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù.
DOSPageCount, DOSSiteCount ¼öÄ¡¸¦ ³Ê¹« ³·°Ô Çϸé Á¤»óÀûÀÎ Á¢¼Ó¿¡ ´ëÇؼµµ Â÷´ÜµÉ ¼ö
ÀÖÀ¸¹Ç·Î ÁÖÀÇÇØ¾ß ÇÑ´Ù. ¼öÄ¡¸¦ ³·Ãß°í, °°Àº ÆäÀÌÁö¸¦ reload(Ctrl+R)¸¦ ¿©·¯¹øÇß´õ´Ï
¹Ù·Î 403 ÆäÀÌÁö°¡ µîÀå.
403 ÆäÀÌÁö¸¦ º°µµ·Î ¸¸µå´Â °ÍÀÌ ÁÁÀ» µí ½Í´Ù. httpd.conf¿¡ ErrorDocument 403 ... ¼³Á¤
À¸·Î htmlÀ» ¸¸µé¾îµÎ¸é ¹æ¹®ÀÚ¿¡°Ô µµ¿òÀÌ µÇÁö ¾ÊÀ»±î...
ÀÌÁ¨ ab, lynx µîÀ¸·Î °Ô½Ã¹° Á¶È¸¼ö¸¦ ¼ø°£ÀûÀ¸·Î ¿Ã¸°´Ù°Å³ª, ½Ã½ºÅÛ ·Îµå¸¦ Áõ°¡½ÃÅ°´Â
°Í±îÁöµµ ¾î´ÀÁ¤µµ ¸·À» ¼ö ÀÖÀ» °ÍÀÌ´Ù.
¡Ø syslog ·Î ·Î±× ³²±â´Â ±â´É°ú DOSEmailNotify, DOSSystemCommand ¿É¼ÇÀº Á¦´ë·Î Àû¿ë
µÇÁö ¾Ê¾Æ ÀÌ ±Û¿¡ ÀûÁö ¾Ê¾Ò´Ù. Á¤»óµ¿ÀÛÀÌ È®ÀÎµÇ¸é ±× ¶§ Ãß°¡ÇÒ °ÍÀÌ´Ù.
Ä¿ÇǴнº Ä«Æä ÃÖ±Ù ±Û
[05/07]
#gpt_question_subje
[04/25]
±¹°¡
[04/24]
º¸Çè
[04/22]
Re: OpenSSL Ãë¾àÁ¡ Á¤¸®, Logjam(·Î±×Àë)¿¡¼ Heartbleed±îÁö
[04/21]
LET¡¯S START WITH ON
[04/21]
º¸Çè
[04/20]
Á¦ÁÖ
[04/20]
±¹³»
[04/19]
Á¦ÁÖ
[04/18]
??? ?????
[04/17]
???? onion ?????? -
[04/11]
±¹°¡
[04/10]
Stride Into Dream:
[03/20]
Re: ¿Â¶óÀΰÔÀÓÀÇ Á¾ÁÖ±¹ ´ëÇѹα¹
[10/20]
Cross Compiler ±ò
N
e
w
! ÃÖ±Ù¿¡ µî·ÏÇÑ ÆäÀÌÁö
KiCad EDA Suite project (Free/Libre/Open-Source EDA Suite) (CAD)
¿ÀÇÂij½ºÄÉÀ̵å ijµå (OpenCASCADE CAD)
QCad for Windows --- GNU GPL (Free Software)
The Hello World Collection
IPMI¸¦ È°¿ëÇÑ ¸®´ª½º ¼¹ö°ü¸®
DNS ¼³Á¤ °Ë»ç
nagiosgraph ¼³Ä¡ ¹æ¹ý
Slony-I ¼³Ä¡ ¹æ¹ý (postgresql replication tool)
Qmail±â¹ÝÀÇ Anti spam ½Ã½ºÅÛ ±¸ÃàÇϱâ
clusterssh
[ ÇÔ²²ÇÏ´Â »çÀÌÆ® ]
¿î¿µÁø :
ÁÁÀºÁøÈ£(truefeel)
, ¾ß¼ö(yasu), ¹ü³ÃÀÌ, sCag
2003³â 8¿ù 4ÀÏ~