ãããã³ã�ãã¹ã¿ãŒâ�� Chapter4
4.1.1 ãããã¯ãŒã¯ç£èŠã�å¿�Šæ§ ãããã¯ãŒã¯ãæ§ç¯ããŠããã¡ããšåäœãããã�«ãªããŸãããããã§ããã§ããããã§ããããšæã£ãŠã»ã£ããããã«ããŠã�ã®ãã�ã»ã»ãããªããšã¯ãããŸããã� ãããã¯ãŒã¯ãéçšããŠã�ãšãããããªãã©ãã«ãçºçããå¯èœæ§ããããŸãããŸããæåã�åå�ãªåž¯åå¹�ãã£ãŠå¿«é©ã«ãããã¯ãŒã¯ãå©çšããããšãã§ããŠã�ãšããŠããã©ãã©ãã¯ã©ã€ã¢ã³ã�PCãå¢ããŠããããã¢ããªã±ãŒã·ã§ã³ããããã垯åå¹�å¿�Šãšãããã�ã«å€æŽã«ãªã£ãããããšããã�ã¯ãŒã¯ã®åž¯åå¹�å§è¿«ããŠããã�ã¯ãŒã¯ãé ããªã£ãŠããŸã�ããããŸããããããŠãæè¿ã§ã¯ãããã¯ãŒã¯ã«å¯Ÿããè�šãšããŠäžæ£ã¢ã¯ã»ã¹ãªã©ãè�ãããŸãã� ãããã¯ãŒã¯ãæ§ç¯ãããããã�ã�ããã§çµããããã�ªããŠãã�åŸãç¶ç¶çã«ãããã¯ãŒã¯ã®ç¶æ³ãç£èŠããŠãããªã�šãäžèšã�ãããªãã©ãã«ã�é¡ãçºçãããšãã«é©å�«å¯Ÿå¿ããããšãã§ããªããªã£ãŠããŸã�Ÿãã� ãã©ãã«ãæªç¶ã«é²ãããããã©ãã«ãçºçãããšãã«çŽ�æ©ãå�ãå�ããè¡ãé©å�ªå¯Ÿå¿ãè¡ããããå°�¥ç�ªãããã¯ãŒã¯æ¡åŒµã®åºæºãšããããã«ãããã¯ãŒã¯ç£èŠã�éåžžã«éèŠ�ã§ãã� ãããã¯ãŒã¯ãç£èŠããæ¹æ³ãšããŠã�
ãªã©ããããŸãã� äžæ£ã¢ã¯ã»ã¹ã®æ€å�ã«ã€ã�Šã¯ãã�4.1.2 äžæ£ã¢ã¯ã»ã¹ã®æ€ç¥ãã«ããããã«ãŸã�ããšã�ã€ãã�æ¹æ³ããããŸãã� ã»ãããã¯ãŒã¯ç®¡ç��ããã³ã«(SNMP) SNMPãå©çšãããšãã«ãŒã¿ã�¹ã€ã�ãšã�£ããã�ã¯ãŒã¯æ©åšã®ç£èŠã�å¶åŸ¡ãè¡ãããšãã§ããããã«ãªããŸããSNMPã¯RFCã§æšæºåãããŠã�Šãã»ãšãã©ã®ãã³ãã®ãããã¯ãŒã¯æ©åšã§å©çšã§ããããã«ãªã£ãŠã�ã»ã©æ®åããŠã�Ÿãã� SNMPã«ã€ã�Šã¯ã�å»ã®ã¡ãŒã«ãã¬ãžã³ãã�ãŒã�ãã�ãžã®è§£èª¬ãåè�«ããŠãã ããã� SNMP SNMP(Simple Network Management Protocol) SNMP(Simple Network Managemnt Protocol)埩ç¿åé¡� ã»MRTG(Multi Router Traffic Grapher)ã«ãããã©ãã£ã�¯éã�ææ¡ MRTGã¯ãSNMPãã�ãŒã¹ã«ããŠã�ŸããSNMPãå©çšããŠãããã¯ãŒã¯ã®è²�è·ãã€ãŸãå®éã®ãã©ãã£ã�¯éãç¥ãããã�ã��ã«ãMRTGã§ãã� MRTGã¯ãããã¯ãŒã¯ã®å©çšç�ãæ¥/é±/幎ããšã«GIFãPNG圢åŒã�ã€ã¡ãŒãžã«ã°ã©ãåããŠWebãã�ãžãçæããŸãã�ã°ã©ãåãããã�ã§ããã�ã£ãšãç®ã§èŠãŠããã�ã®ããšãŠã䟿å©ã§ãã�ããŸããMRTGã¯UNIX/LINUXãWindowsãšã�£ãã»ãšãã©ãã©ã�ãã©ãŒã�ã§åäœããŠç¡åã§å ¥æããããšãã§ããŸãã� MRTGã¯SNMPãã�ãŒã¹ã«ããŠã�ãããåºæ¬ç�«ã¯MIBã§ååŸã§ããã��ã¿ãäž»ãªé �®ãšãªããŸããããã®ä»ã«ããã£ã¹ã¯ã®ç©ºã容éãCPU/ã¡ã¢ãªã®äœ¿çšç�šã�£ãæ å ±ãç£èŠããããšãã§ããŸãã� MRTGã®å ¥æãã€ã³ã¹ãã�ã«ããã³äœ¿ã�¹ã¯ä»¥äžã�ãªã³ã¯ãåç §ããŠãã ããã� MRTGã«ãããããã¯ãŒã¯ç£èŠ� MRTG:Multi Router Traffic Grapher ã»ãã±ã�ãã£ãã㣠ãã±ã�ãã£ããã£ãšã¯ããã®ååã®éããããã¯ãŒã¯äžãæµããããŒã¿(ãã±ã�)ããã£ããã£(æãŸãã)ããŠããã®å�®¹ã解æããããšã§ãããã±ã�ãã£ããã£ãè¡ãããšã«ãã£ãŠã�ã©ã®ã³ã³ãã¥ãŒã¿éã§éä¿¡ãå€ãè¡ãããŠã�ã®ããã©ã®ãããã³ã«ãå€ãæµããŠã�ã®ãããããŒããã£ã¹ããã©ãã£ã�¯ã®å²åã�ã©ããããããšã�£ãããã�ã¯ãŒã¯ã®ããã«è©³çŽ°ãªå§¿ãèŠãããšãã§ããããã«ãªããŸãã� ãã±ã�ãã£ããã£ã¯ãåºæ¬ç�«LANã®ãã©ãã£ã�¯ããã£ããã£ããŸããWANã®ãã©ãã£ã�¯ããã£ããã£ã§ããªã�ãšã¯ãªã�§ãããã¡ã�£ãšé£ããã§ãã� LANãšã�ã°ãã€ãŒãµãããã§ãã�ãã€ãŒãµãããã�åºæ¬ç�ªéä¿¡ãæãåºããŠãã ããã� CSMA/CD ã€ãŒãµãããã§ã¯ãåãã³ãªãžã§ã³ãã¡ã€ã³äžã�ãã¹ãŠã®ã³ã³ãã¥ãŒã¿ã«ã��ã¿(ãã¬ãŒã�)ãå±ããŸãããããŠå �MACã¢ãã¬ã¹ãèŠãŠèªå�ãŠã§ããã°ããã®ã��ã¿ãäžäœã�ãããã³ã«ã§åŠç�ããŠã�ããã§ãã�ã�ãã±ã�ãã£ããã£ã¯ãè�å�ãŠã§ãªã�ãŒã¿ãåä¿¡ããããšã«ãã£ãŠè¡ãããŠã�Ÿãã� ãã ãã�ã³ãªãžã§ã³ãã¡ã€ã³ãç°ãªããã±ã�ã¯ãã£ããã£ã§ããŸããããšã�ããšã¯ãã¹ã€ã�ã§ã¯ä»ã�ãã�ãã«æ¥ç¶ãããŠã�ã³ã³ãã¥ãŒã¿ã®éä¿¡ããã£ããã£ããããšãã§ããªããªã£ãŠããŸã�Ÿãã�ããã§ã¯ããã±ã�ããã£ããã£ããŠãããã¯ãŒã¯ãç£èŠãããšã�ç®ç�æããããšãã§ããªããªãã�ã§ã�ã¹ã€ã�ã§ç¹æ®ãªèšå®�(ã¢ãã¿ãŒãã�ããSPANãã�ããªã©)ãããŠãç¹å®ã�ãã�ãã�ãã¹ãŠã®ãã�ãã�ã��ã¿ãæµãããã�«ããŸãããã®ãã�ãã«ãã±ã�ãã£ããã£ãè¡ãã³ã³ãã¥ãŒã¿ãæ¥ç¶ããããšã«ãªããŸãã� ãã±ã�ãã£ããã£ãè¡ãããã®ãœããã¯ãããããããŸãããUNIXç³»ã®ã·ã¹ã� ã§æãäžè¬ç�ªãœããã¯ãtcpdumpãããããŸããWindowsã§ã¯ãããã移æ€ãããWindumpããšã�ãã�ããããŸãã� å�šãœãããšããŠããã£ãšãæåã§å€æ©è�ãªãã�ãHPã®ãOpen Viewãã§ãã�ã� |
4.1.2 äžæ£ã¢ã¯ã»ã¹ã®æ€ç¥ ã€ã³ã¿ãŒãããã�誰ãæ¥ç¶ããŠã�ã®ãããããŸãããæ®å¿µãªããšã«å¿�¡ã�ŠãŒã¶ãããŠãããŸããŸãªäžæ£ã¢ã¯ã»ã¹ã�€ã³ã¿ãŒãããã«å ¬éãããŠã�ãµãŒããžã®æ»æ�è¡ã£ãŠã�Ÿãã� ã€ã³ã¿ãŒãããã«æ¥ç¶ãããŠãŒã¶ãšããŠã¯ããã�ãäžæ£ã¢ã¯ã»ã¹ã�»æ�ãè�ããå®ãå¿�ŠããããŸãããã�ãªã�šã�ãµãŒãã¹ãæ£åžžã«æäŸããããšãã§ããªããªã£ãããäžæ£ã¢ã¯ã»ã¹ã®èžã¿å°ã«ãªã£ãŠããŸã£ãŠç€ŸäŒçãªä¿¡çšã倱ã£ãŠããŸã�ã�ããããŸãã� ãã�ããã«ã¯ããŸãäžæ£ã¢ã¯ã»ã¹ãæ€ç¥ããªããã°ã�ãŸãããæ€ç¥ããäžã§é©å�ªå¯Ÿå¿ãå®æœããããšãéèŠã«ãªã£ãŠããŸãã� äžæ£ã¢ã¯ã»ã¹ãæ€ç¥ããæ¹æ³ãšããŠã�äŸµå ¥æ€ç¥ã·ã¹ã� (IDS:Intrusion Detection System)ããããŸãã�IDSã®çš®é¡ãšããŠ
ãã�2çš®é¡ããããŸããããããã©ã�ã£ãäžæ£ã¢ã¯ã»ã¹ã»æ»æ�æ€ç¥ããããšãã§ããã®ããç°ãªã£ãŠããã®ã§ãç¹åŸŽããã¡ããšç�§£ããäžã§é©å�ªã¿ã€ãã�IDSãéžæããŸãã� IDSãäžæ£ã¢ã¯ã»ã¹ã»æ»æ�æ€ç¥ããä»çµ�¿ã¯ã�ã·ã°ããã£æ€å�ãšåŒã°ããŠã�Ÿããã·ã°ããã£ãšã¯ãäžæ£ã¢ã¯ã»ã¹ã»æ»æ��ãã¿ãŒã³ã®ããšãæããŠã�Ÿãããã®ã·ã°ããã£ãIDSã«ãããããç»é²ããŠããã�ã·ã°ããã£ã«äžèŽãããã¿ãŒã³ãæ€å�ãããšããããäžæ£ã¢ã¯ã»ã¹ã»æ»æ�šã¿ãªããŠç®¡ç��žèŠåãåºããããæ»æ�èªåçã«é²åŸ¡ãããããããšãã§ããããã«ãªããŸãã� ã§ããããã«æ³åãã€ããšããã�ã·ã°ããã£ã«äžèŽããªã�»æ�ã¿ãŒã³ã«ã¯å¯Ÿå¿ã§ããŸãããããã�ããŠã£ã«ã¹å¯ŸçãšãŸã£ããåãåé¡ã§ãã�ã� å�šã®IDSã¯ã�åžžã«å¹æã§ãããœããã�ãã§æ°çŸäž�ããŠããŸã�ã®ãããã«ãããŸãããªããªãå人ã�žå°èŠæš¡ã®ãããã¯ãŒã¯ã§å°å�ããã®ã¯ã�åžžã«é£ããã§ãã�ããããªäººã®ããã«ãæ©è�ã¯ããã»ã©é«ããããŸããããããªãŒã§æã«å ¥ãIDSãœããããããŸãããSnortããšåŒã°ãããœããããšãŠãæåã§ãã�ã� ãšããããåããsnort+ACID(αversion) ã»ãã¥ãªã�£ã«é¢ããŠã¯ããæ¥çµNETWORKãã�é£èŒãéåžžã«ãããããããŠã�ãšæããŸãããã®é£èŒã�ãæ¶ç©ºã®äŒæ¥ã®ã»ãã¥ãªã�£æ�œè��察話圢åŒã§é²ããããŠã�ŠãããŸããŸãªã»ãã¥ãªã�£äžã�åé¡ç¹ãæ³å®ããŠãããã«å¯Ÿãã察åŠæ³æ¹ããŸãšããããŠã�Ÿãã� ããã¯ãã³ãã�ã¯ãCD-ROMã«ãŸãšããããäºå®ãªã®ã§ããããã賌èªããæ¹ã¯ããã¯ãã³ãã�ã®CD-ROMãåè�«ããŠã�ã�ããã°ã�ããã�ªã�ãªãšæããŸãã� ãæ¥çµNETWORKãåæãç¥ããã»ãã¥ãªã�£å¯Ÿç� |
4.2.1 ãã°å�ã®å¿�Šæ§ ãªãããã�ãã©ãã«ãçºçããå�Žåã«ã¯ããŸãæåã«ã�ã¹ãããšã¯ãã©ãã«ã®åå ãçªãæ¢ããããšã§ããäžå£ã«çªãæ¢ãããšã�£ãŠãããã©ãã«ãçºçããå�Žæã�ã©ãã«ã®çŸè±¡ããã©ãã«ã®åœ±é¿ãªã©ã�ã�ãªããšãèŠãŠã�ãªããŠã¯ã�ãŸããã� ãã�ãããªãã©ãã«ã®åå ã®è¿œæ±ã«éåžžã«åœ¹ã«ç«ã€ã®ãããµãŒããã«ãŒã¿ãåé�ãŠã�ãã°æ��±ã§ãã� ãã°æ��±ãæ£ããåéããŠãå�æããããšã«ãã£ãŠãã©ãã«çºçæã«é©å�ªå�å�ãè¡ã£ãŠã察åŠãè¡ãããšãã§ããããã«ãªããŸãã� ãŸãããã©ãã«çºçæã�ãã§ã¯ãªããŠã�æ£åžžæããã°ããã¡ããšç£èŠããŠããããšã«ãã£ãŠããã©ãã«ã®äºå�ã�žæ£ã¢ã¯ã»ã¹ãæ€å�ããããšãã§ããããã«ãªããŸãã� ãSyslogã� UNIXã®ã·ã¹ã� ã§ã¯ãsyslogãšã�ä»çµ�¿ããããã·ã¹ã� ããã³ãµãŒãã¹ã®ç¶æ ãã©ã®ãŠãŒã¶ã�©ã®IPã¢ãã¬ã¹ãæã€ã³ã³ãã¥ãŒã¿ããã°ã€ã³ãããããšã�£ããã�ªèªèšŒæ��±ããã°ãšããŠååŸããããšãã§ããŸãã� syslogã§ã¯ãèšå®ã�ã¬ãã«ã«å¿ããŠãã°ãã¡ã€ã«ãžã®èšé²ãã³ã³ãœãŒã«ãžã®åºåãå¥ã®ãµãŒããžã®ãã°ã®è»¢éãã管ç��žã®èŠåãè¡ããšã�£ãèšå®ãå¯èœã§ãã� ãã€ãã³ããã¥ãŒã¢ã� WindowsNT/2000ã§ã¯ãã€ãã³ããã¥ãŒã¢ã«ãã£ãŠãã·ã¹ã� ãã»ãã¥ãªã�£ãã¢ããªã±ãŒã·ã§ã³ã®ãã°ãèŠãããšãã§ããŸãã� ã·ã¹ã� ãã°ã«ã¯ããµãŒãã¹ã®éå§ãã�ã€ã¹ãã©ã€ãã�èµ·åãšã�£ããã�ªãã°ãèšé²ãããŸããã¢ããªã±ãŒã·ã§ã³ãã°ã¯ãåäœäžã®ã¢ããªã±ãŒã·ã§ã³ã«é¢ãããã°ãèšé²ãããŠã�Ÿããã»ãã¥ãªã�£ãã°ã«ã¯ãèšå®ãããç£æ»ã«åŸã£ãŠãã°ãªã³ãããŠãŒã¶ã®ãã°ãªã©ãèšé²ãããŸãã� ããã�ã¯ãŒã¯æ©åšã®ãã°ã� ã«ãŒã¿ã�¹ã€ã�ãšã�£ããã�ã¯ãŒã¯æ©åšã«ãããŠã¯ãsyslogããµãã�ããããŠã�æ©åšããããŸãããã�ã¯ãŒã¯æ©åšã®å�šã«ãã°ãä¿åããããšãã§ããŸãããå¥ésyslogãµãŒããžãã°æ��±ãéä¿¡ããŠãäžæ¬ã§ãã°ã管ç�ãããšãå¯èœã§ãã� ããããŠååŸãããã°æ��±ã¯ãè�倧ã«ãªã£ãŠããŸã�Ÿãã�ãã�ãã°ãæ¯æ¥ç®¡ç��調ã¹ããšã�ã®ã¯ã�åžžã«å€§ããªè²�æ�«ãªã£ãŠããŸã�Ÿãã� ãã°æ��±ã®äžã®ã©ã®æ��±ãäžå¿�«èŠãŠã�ã®ããšã�ããšããã£ãããšæ±ºããŠããããšã倧äºã§ãã� ãããŠãåŸãããã°æ��±ãåç §ããããšãã§ããããã«ãå®æç�«ãã°ãã¡ã€ã«ããã�¯ã¢ã��ããŠããããšã倧äºãªãã€ã³ãã§ãã� |
4.3.1 ãã©ãã«åå ãããã¯ãŒã¯ã§çºçãããã©ãã«ã¯ãããŸããŸãªãã�ããããŸãã�人çºç�ªãã¹ããã�ã¯ãŒã¯æ©åšã�µãŒãã�ç©ç�ãªæ�ãèšå®å€æŽã«ãšããªã�ã¹ãªã©ãªã©ããããŸãã� ããã§ã¯ããã©ãã«ã®åå ãäŒéè·¯(ãããã¯ãŒã¯èªäœ�)ã®ãã©ãã«ãã¯ã©ã€ã¢ã³ã端æ«ã®ãã©ãã«ãã«ãŒã¿ã®ãã©ãã«ããµãŒãã�ãã©ãã«ã«ãããŠããã©ãã«ã®åå ãèŠãŠã�ãŸãã� ãäŒéè·¯(ãããã¯ãŒã¯èªäœ�)ã®ãã©ãã«ã� ã�ŸãŸã§ã€ãªãã£ãŠã�ã®ã«ãæ¥ã«ã€ãªãããªããªã£ãŠããŸã£ãã�ã»ã»ãšã�ãšãã«ããããããšã�ããªèšå®ã確èªããããšãããŸããããããªãšãã«ãæå€ãªç²ç¹ãšãªãã�ãããã�ã¯ãŒã¯ã®ç©ç�ãªãã©ãã«ã§ãã� ããšãã�ãã±ãŒãã«ãNICã�ããã¹ã€ã�ã®ãã�ãããæããŠããŸã£ãŠã�ãããããã¹ã€ã�ã®é»æºãæããŠã�ããã±ãŒãã«èªäœãæç·ããŠããŸã£ãããšã�£ãããšãèµ·ãããŸãã� ãŸãã�ãã©ãã«ã·ã¥ãŒãã�ååãšããŠãç©ç�±€ãã調ã¹ãã�ãšã�ããšãå¿�ããŠãã ãããäœãæ§åãå€ã ãªãšæã£ããããããããšèšå®ã確èªããããããã±ãŒãã«ãæããŠã�ªã�ããããã¹ã€ã�ã®é»æºã�ãã¡ããšå ¥ã£ãŠã�ããã±ãŒãã«èªäœãæç·ããŠã�ªã�ãšã�ããšããŸã確èªããããšããçµå±ã¯ãã©ãã«ã解決ããè¿éã«ãªããŸãã� ãã¯ã©ã€ã¢ã³ã端æ«ã®ãã©ãã«ã� ãããã¯ãŒã¯äžã�ã¯ã©ã€ã¢ã³ã端æ«ã«ãã©ãã«ãçºçãããšãã«ã¯ããŸãç¹å®ã�ã¯ã©ã€ã¢ã³ã端æ«ã�ããªã®ãããããšãä»ã�ã¯ã©ã€ã¢ã³ãã§ãåããã�ªããšãèµ·ãã£ãŠã�ã®ãããŸã確èªããŸããã�� ç¹å®ã�ã¯ã©ã€ã¢ã³ãã ãã�ãã©ãã«ã§ããã°ããã®åå ã¯NICã®äžè¯ã�ã©ã€ãã�äžè¯ãOSã®é害ãã¯ã©ã€ã¢ã³ã端æ«ã®ãã�ããŠã§ã¢é害ãªã©ãè�ãããŸãã� ãã«ãŒã¿ã®ãã©ãã«ã� ã«ãŒã¿ã®ãã©ãã«ãšããŠãæãå€ãã®ã�ã«ãŒã�£ã³ã°ã®èšå®ãã�Ÿããã£ãŠã�ªã�ããšããããããŸããã«ãŒã¿ã®ã«ãŒã�£ã³ã°ã��ãã«ã確èªããŠãæ£ãããããã¯ãŒã¯æ��±ãã«ãŒã�£ã³ã°ã��ãã«ã«å ¥ã£ãŠã�ãã©ã�ã確èªããŸãã� ãããæ£ããã«ãŒã�£ã³ã°æ��±ãå�ã£ãŠã�ªããã°ã¹ã¿ã�£ã�¯ã«ãŒãã�èšå®ãã«ãŒã�£ã³ã°ãããã³ã«ã®èšå®ãèŠçŽãå¿�ŠããããŸãã� ãŸããã«ãŒã¿ã§ãã±ã�ãã£ã«ã¿ãªã³ã°ãè¡ã£ãŠã�å Žåããã±ã�ãã£ã«ã¿ãªã³ã°ã®èšå®ãã¹ã«ãã£ãŠãç¹å®ã�ãã�ããã¢ãã¬ã¹ã«å¯Ÿããéä¿¡ãã§ããªããªã£ãŠããŸã�šã�ããšããããèµ·ãããã¡ãªãã©ãã«ã§ãã� ããµãŒãã�ãã©ãã«ã� ãµãŒãã�ãã©ãã«ã®å ŽåããŸãã�ã¯ã©ã€ã¢ã³ã端æ«ãšåãããšãçã£ãŠã¿ãŸããã�ã€ãŸããNICã�ã©ã€ãã�äžè¯ãOSã®é害ããããŠãã�ããŠã§ã¢æ�ã§ãã� ãµãŒããã€ã³ã¿ãŒãããã«å¯ŸããŠãµãŒãã¹ãå�éããŠã�å Žåã«ã¯ãäžæ£ã¢ã¯ã»ã¹ãDoS(Deninal of Service)æ»æ�šã�£ãå¯èœæ§ããããŸãããã�ãäžæ£ã¢ã¯ã»ã¹ã�»æ��ãIDSã�ã¡ã€ã¢ãŠã©ãŒã«ãã«ãŒã¿ããµãŒãè�äœã�ãã°ã確èªããããšã«ãã£ãŠå€æããããšãã§ããŸãã� |
4.4.1 å蚺ã��ã« ãããã¯ãŒã¯ã®ãã©ãã«çºçæã®å�å�ã«ãã䜿ãããããŒã«ãšããŠã�ãPINGã�ããããŸãã� PINGã«ãã£ãŠãç®ç��ãã¹ã�(PCãã«ãŒã¿)ãšã®æ¥ç¶æ§ããããã©ã�ã確èªããããšãã§ããŸããããã«ãã£ãŠçµè·¯äžã�ã©ãã§ãã©ãã«ãçºçããŠã�ã®ããšã�ããšãç¥ãããšãã§ããŸãã� PINGã¯ICMPãšã�ãããã³ã«ãå©çšããŠãç®ç��ãã¹ãã«ãéã£ãå�容ããã®ãŸãŸéãè¿ããŠããšã�ã¡ã�»ãŒãžãéä¿¡ããŸãããã®ã¡ã�»ãŒãžã®è¿äºãè¿ã£ãŠããã°ãã¡ããšéä¿¡ãã§ãããã ãšã�ããšããããããã§ãã� PINGã®è©³ããåäœã«ã€ã�Šã¯ããã¡ããã芧ãã ããã� ICMP(Internet Control Message Protocol)ãã��� PINGã«ãããã©ãã«ã·ã¥ãŒãã�次ã®ããã«è¡ããŸããã�� ãŸããç®ç��ãã¹ããŸã§éä¿¡ãã§ããªããªã£ãŠããŸã£ããšããŸãããã�ã£ããšãã�æé��šããŠã�
以äžã�æé��§ã���ªã«ç¢ºèªããŠæçµçã«ç®ç��ãã¹ãã�é ç·ãTCP/IPã®èšå®ã確èªããŠã�ãŸããã�� ãŸããPINGã¯IPã¢ãã¬ã¹ã�ãã§ãªãã�ã¹ãåã§è¡ãããšããããŸãã�IPã¢ãã¬ã¹ã§ã®PINGã¯æåããã®ã«ãã�ã¹ãåã§ã¯å€±æããå�Žåã«ã¯DNSã®åå解決ãããŸããã£ãŠã�ªã�ã±ãŒã¹ãè�ãããŸãã�ã§ãDNSã®èšå®ã確èªããŸããã�� ã»ãã¥ãªã�£äžã�ç�±ããã«ãŒã¿ã�µãŒãã§ã¯ãICMPãåãä»ããªã�ã�«èšå®ãããŠã�å ŽåããããŸããããã®å Žåã�ãPINGã«ããæ¥ç¶æ§ã®ç¢ºèªãè¡ãããšãã§ããŸããã� ãTracerouteã� TracerouteãPINGãšåæ§ã«ICMPãå©çšããå蚺ã��ã«ã§ããTracerouteã«ãã£ãŠãç®ç��ãã¹ããŸã§ã®éä¿¡çµè·¯ã確èªããããšãã§ããŸããTracerouteã¯ãIPãããã®TTLãšã�ãã£ãŒã«ããã�Ÿãå©çšããããšã«ãã£ãŠãç®ç�Ÿã§ã®éä¿¡çµè·¯ããããããã«ãªããŸãã� ãã§ã«ã¡ã«ãã¬ãã�ãŒã�ãã�ãžã§è§£èª¬ããŠã�ã®ã§è©³ããããšã¯ãã¡ããã芧ãã ããã� ICMP(Internet Control Message Protocol)ãã��� Tracerouteã�ICMPãå©çšããŠã�ãããå�Žåã«ãã£ãŠã¯ã�Ÿãåäœããªã�ãšããããšã�ããšãå¿�«ãšããŠããå¿�ŠããããŸãã� ãTelnetã� PINGãTracerouteã§ç¹ã«åé¡ããªã��ã«ããããµãŒãã¹ã«ã�ãã¢ã¯ã»ã¹ã§ããªã�šã�å Žåã«ã¯ãTelnetã«ãã£ãŠç¢ºèªããããšãã§ããŸãã� éåžžã®Telnetã§ã¯ãç®ç��ãã¹ãã�ãã�ãçªå·23ã«å¯ŸããŠã¢ã¯ã»ã¹ããŸããã�23ã§ã¯ãªããŠã�ç¹å®ã�ãã�ãçªå·ã«å¯ŸããŠã¢ã¯ã»ã¹ããããšãã§ããããã«ãªããŸãã� ããšãã�ãWebãµãŒãã§ãã¡ããšHTTPãåäœããŠã�ãã©ã�ã確èªããããã«ã¯ã� telnet [WebãµãŒãã�IPã¢ãã¬ã¹] 80 ãšã�å ·åã«ãç®ç��ãµãŒãã�IPã¢ãã¬ã¹ã®åŸã«ãã�ãçªå·ãæå®ããŸãã�HTTPã�ãã§ãªããFTPãSMTPãªã©ãã�ä»ã�ãµãŒãã�ãµãŒãã¹ã®ç¢ºèªãåæ§ã«è¡ãããšãã§ããŸãã� ãã ããã€ã³ã¿ãŒãããäžã�ãµãŒãã«å¯ŸããŠãã�ãããªãã�ãçªå·ãæå®ããTelnetãè¡ãããšã¯ãã�ãã¹ãã£ã³ãããŠã�ããšãšåãã«ãªã£ãŠããŸã�Ÿããäžæ£ã¢ã¯ã»ã¹ãšåéã�ããªã�ã�«æ³šæããå¿�ŠããããŸãã� ãnslookupã� DNSãµãŒãã�ãã�ã¹ãåãšIPã¢ãã¬ã¹ã®åå解決ãè¡ã£ãŠã�Ÿããããã®åå解決ããã¹ãããããã�ã��ã«ãnslookupã§ãã� éåžžã®ãã¹ãåããIPã¢ãã¬ã¹ã解決ããæ£åŒãã�ãã§ãªããIPã¢ãã¬ã¹ãããã¹ãåã解決ããé�Œãã®ã�¹ããè¡ãããšãã§ããŸãã� |
4.5.1 æ��±åéãšå¯ŸåŠæ¹æ³� ãã©ãã«å¯Ÿå¿ãšåæ§ã«ãã»ãã¥ãªã�£ã«é¢ãã察åŠããã�ã¯ãŒã¯ãæ§ç¯ããåŸã«ç¶ç¶ããŠã�ãªããã°ã�ãªã�ãšã§ãã�æ¥ã�ããŸããŸãªOSã�¢ããªã±ãŒã·ã§ã³ã«ã»ãã¥ãªã�£ãã�ã«ãçºèŠãããŠã�Ÿãã�ããããæŸçœ®ããŠããŸã�šãäžæ£ã«ã¢ã¯ã»ã¹ãããŠããŸã£ãããäžæ£ã¢ã¯ã»ã¹ã®èžã¿å°ã«ãªã£ãŠããŸã�±éºæ§ããããŸãã� ãã�ããã�ã·ã¹ã� ããã³ãããã¯ãŒã¯ç®¡ç���ãOSã�¢ããªã±ãŒã·ã§ã³ã®ã»ãã¥ãªã�£ãã�ã«ã�°ããã³ã³ãã¥ãŒã¿ãŠã£ã«ã¹ãæ°ããäžæ£ã¢ã¯ã»ã¹ã®æå£ãªã©ã«ã€ã�Šç¶ç¶çã«æ��±åéãè¡ãå¿�Š�ããããŸãã� å€ãã®å Žåãåºæ¬ç�ªãã§ã�¯ãè¡ãããšã«ãã£ãŠäžæ£ã¢ã¯ã»ã¹ãé²åŸ¡ããããšãå¯èœã§ããããšãã�ãSMTPãµãŒãã§ä»ã�ãã¡ã€ã³ããŠã®ã¡ãŒã«ãäžç¶ããªã�ã�«ããã°ãã¹ãã ã¡ãŒã«ã®èžã¿å°ã«ãªãããšãé²ãããšãã§ããŸãããŸããOSã�¢ããªã±ãŒã·ã§ã³ã¯ã€ã³ã¹ãã�ã«ããæã�ã�ã©ã«ãã�èšå®ã§åäœããããšãå¿�Šã�ãªã�µãŒãã¹ã皌åããŠã�ããšããããŸãããã�ã�å¿�Šã�ãªã�µãŒãã¹ãåæ¢ãããŠãããšããããã«é¢é£ããã»ãã¥ãªã�£ãã�ã«ã®åœ±é¿ãåããªããŠãã¿ãŸãã� ãããŠãæ¥ã��管ç�«ãããŠãåºæ¬ç�ªããšãéèŠã§ããããšãã�ã� ã»äžèŠãªãŠãŒã¶ã¢ã«ãŠã³ãã�ããã«åé€ ã»ãŠãŒã¶ã«åçŽãªãã¹ã¯ãŒãã䜿çšãããªã� ã»ãã¹ã¯ãŒããå®æç�«å€æŽããã� ãšã�£ãããåºæ¬ç�ªããšãæ�ã£ãŠã�ãšãããããäžæ£ã¢ã¯ã»ã¹ãããŠããŸã�±éºæ§ããããŸãã� ããã�£ãã»ãã¥ãªã�£å¯Ÿçãè¡ãã«åœãã£ãŠãå¿�ãã¡ããšããã»ãã¥ãªã�£ããªã·ãŒãæã€ããšãéèŠã§ããã»ãã¥ãªã�£ããªã·ãŒã¯ãã©ã®ãããªãµãŒãã¹ãæäŸããã©ã®ãããªãµãŒãã¹ã¯æäŸããªã��ããšã�åºæ¬æ¹éã«å�ããŠãæ¥ããã®ç®¡ç�œå¶ã� å ±åéã®æ¹æ³ã�äœå¶ããããäžæ£ã¢ã¯ã»ã¹ããã£ãå�Žåã�察åŠæ¹æ³ãªã©ãå«ãŸããŠã�Ÿãã� ã»ãã¥ãªã�£ããªã·ãŒã¯ã�£ãã決ãããå€ããªã�ã®ãšæã人ããã£ããã�ã®ã§ããããããªããšã¯ãããŸãããã»ãã¥ãªã�£ããªã·ãŒãç¶æ³ã«å¿ããŠæè»ã«å€æŽããŠã�ããšãå¿�Šã§ãã� |
4.6.1 察åŠæ¹æ³� ããŸããŸãªå¯Ÿçãè¡ã£ãŠããäžæ£ã¢ã¯ã»ã¹ãããå¯èœæ§ã¯ãŒãã§ã¯ãããŸãããäž�äžãäžæ£ã¢ã¯ã»ã¹ãããŠããŸã£ãå�Žåã�ã以äžã�ãããªå¯ŸåŠãå¿�Šãšãªã� ãŸãã� ãåå�ã®ç¹å®ã� äžæ£ã¢ã¯ã»ã¹ãçºèŠããå�Žåããããã¯ãŒã¯ãéããŠææãããŠã£ã«ã¹ã«ææããå Žåã«ã¯ãä»ã�ã³ã³ãã¥ãŒã¿ã�µã€ããžè¢«å®³ãåº�ãããšãé²ãããã«ãã·ã¹ã� ããã�ã¯ãŒã¯ããå�é¢ãããšãå¿�Šã«ãªãããšããããŸãããã�ã¯ãŒã¯ã®ã±ãŒãã«ãæã�ŠããŸã£ãããããšã�ããšã§ãã�ã� ãã�äžã§ãäžæ£ã¢ã¯ã»ã¹ã®åå ãç¹å®ããŸããããã§ã�æ¥ããããåŠäœã«ãã°ããã¡ããšåéããŠãå®æç�ªãã§ã�¯ãè¡ã£ãŠã�ã�ãšã�ããšãå¹ã�ŠããŸãããã°ãã¡ã€ã«ã¯ãæ¹ããã»åé€ãããŠã�å¯èœæ§ãããã�ã§ã�100%ä¿¡é Œã§ããããã§ã¯ãããŸããããåŸã��調æ»ã®ããã«äžæ£ã¢ã¯ã»ã¹æã�ãã°ãã¡ã€ã«ã¯ãã¡ããšä¿åããŠãããŸãã� ãã·ã¹ã� ã®åŸ©æ§ã� åå ãç¹å®ããåŸãã·ã¹ã� ã®åŸ©æ§ãè¡ããŸãã�ææªã®ã±ãŒã¹ã§ã¯ãã·ã¹ã� å šäœã�åã€ã³ã¹ãã�ã«ãå¿�ŠãšãªããŸãã埩æ§ããå Žåã«ã¯ãæ£ç¢ºãªä¿¡é Œã§ããæ��±ã«åŸã£ãŠè¡ããªããã°ã�ãŸããã� ãäºåŸå�ç�ã� ããã�äžæ£ã¢ã¯ã»ã¹ã®èžã¿å°ã«ãªã£ãŠããŸã£ãããçžæå�ã«äºæ ã説æ�ããªããŠã¯ã�ãŸããããŸããIPã¢ãã¬ã¹ãªã©ããäžæ£ã¢ã¯ã»ã¹ãè¡ã£ãã¯ã©ã�«ãŒãç¹å®ãããã�«åªåããŸãã� ãŸãã�åçºé²æ¢ã®ããã«ã»ãã¥ãªã�£ããªã·ãŒãæ¹ããŠè�çŽã�ããšãéèŠã§ããã»ãã¥ãªã�£ã¬ãã«ãåäžãããã��ã«ãå°å�ããããå©çšè�«å¯Ÿããæè²ãè¡ããã»ãã¥ãªã�£ã«å¯Ÿããæèãåäžãããããšãªã©ãå«ãŸããŸãããããŠãå¿�Šãªãã�æ��±å ±æã�ããã«é©å�ªæ©é¢ã«å¯Ÿããå ±åãè¡ããŸãã� |
4.6.2 ç³å� åããããªæå£ã®äžæ£ã¢ã¯ã»ã¹ãé²æ¢ãããã被害ã®æ¡å€§ãé²ãããã«ã¯æ��±ã®å ±æãéèŠ�ã§ãã代衚ç�ªæ©é¢ã¯æ¬¡ã®éãã§ãã�
|
ã¡ãŒã«ãã¬ãžã³ã®è³Œèªã¯ãã¡ãâ�
ããã�ã¯ãŒã¯ã®ãã¹ããã�ãŸãããïŒã� ã賌èªããŸãããïŒ� | |
(C) Copyright 2000-2002 Gene All Right Reserved