¾È³çÇϽʴϱî? ¿À´Ã°ú³»ÀÏÀÇ È«¼®¹üÀÔ´Ï´Ù.
¾ð±ÞÇϽŠ·Î±×´Â icmp_redirect ¿Í °ü·ÃµÈ ¸Þ½ÃÁöÀε¥,
icmp_redirect ´Â ¶ó¿ìÅÍ°¡ È£½ºÆ®¿¡°Ô ÃÖÀûÈµÈ °æ·Î¸¦ ¾Ë·ÁÁÖ´Â
¿ëµµ·Î »ç¿ëµË´Ï´Ù. ±×·¯³ª, ÀÌ ±â´ÉÀÌ À߸ø »ç¿ëµÇ¾î °ø°ÝÀÚ°¡
icmp_redirect ÆÐŶÀ» À§Á¶ÇÒ °æ¿ì ½Ã½ºÅÛÀÇ ¶ó¿ìÆà Å×À̺íÀ» ¼öÁ¤ÇÏ¿©
ƯÁ¤ Æ®·¡ÇÈÀÇ °æ·Î¸¦ ¼öÁ¤ÇÒ ¼ö ÀÖ´Â À§ÇèÀÌ ÀÖ½À´Ï´Ù.
µû¶ó¼, Á¤»óÀûÀÎ »óȲ¿¡¼´Â ¾Æ·¡¿Í °°ÀÌ ¼¹öÀÇ interface ¿¡¼
icmp_redirect kernel parameter ¸¦ off ÇÏ½Ç °ÍÀ» ±ÇÀåÇÕ´Ï´Ù.
Âü°í·Î, ¼³Á¤º¯°æÀº echo ³ª sysctl ·Î ÇÏ½Ã¸é µÇ¸ç
0Àº off, 1 Àº on À» ÀǹÌÇÕ´Ï´Ù.
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.accept_redirects = 0
¸Þ½ÃÁö¿Í °ü·ÃµÈ ¼Ò½º´Â ¾Æ·¡ ÆÄÀÏÀ» Âü°íÇϽñ⠹ٶø´Ï´Ù.
/usr/src/linux/net/ipv4/route.c
reject_redirect:
#ifdef CONFIG_IP_ROUTE_VERBOSE
if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about "
"%u.%u.%u.%u ignored.\n"
" Advised path = %u.%u.%u.%u -> %u.%u.%u.%u, "
"tos %02x\n",
NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw),
NIPQUAD(saddr), NIPQUAD(daddr), tos);
#endif
man ÆäÀÌÁö¸¦ º¸¸é route ¶Ç´Â netstat -nr ·Î È®Àνà Flags °¡
D ÀÎ °æ¿ì icmp_redirect ·Î ¶ó¿ìÆà ¸ñ·ÏÀÌ »õ·Ó°Ô »ý¼ºµÇ¾úÀ¸¸ç
M ÀÎ °æ¿ì ¶ó¿ìÆà °æ·Î°¡ º¯°æµÇ¾úÀ½À» ÀǹÌÇÑ´Ù°í ÇÕ´Ï´Ù.
Âü°íÇϽñ⠹ٶø´Ï´Ù.
°¨»çÇÕ´Ï´Ù.
----- Original Message -----
From: "Security" <vraptor6@YAHOO.CO.KR>
To: <sec-info@cert.certcc.or.kr>
Sent: Tuesday, November 04, 2003 9:51 AM
Subject: message logÀε¥ ¹«½¼¶æÀÎÁö..
JAA26334
Sender: owner-sec-info@firebird.certcc.or.kr
Precedence: bulk
¼ö°íÇϽʴϴÙ.
¿©±â ¸ÞÀϸµ¸®½ºÆ®¿¡¼ ¸¹Àº µµ¿òÀ» ¹Þ°í ÀÖ¾î¼ °í¸¿°Ô »ý°¢ÇÏ°í ÀÖ½À´Ï´Ù.
Áú¹®ÀÌ ÀÖ¾î¼ ¹®ÀÇ µå¸³´Ï´Ù.
¾Æ·¡ ¸Þ¼¼Áö´Â /var/log/message ¿¡ ³²¾ÆÀÖ´Â ³»¿ëÀÔ´Ï´Ù. ÀÌ ¸Þ¼¼ÁöÀÇ ÀǹÌ
°¡ ¹«¾ùÀÎÁö ¸ð¸£°Ú³×¿ä..
À¯Áî³ÝÀ» µÚÁ®ºÁµµ ³»¿ëÀÌ ¾È³ª¿Í¼ ¹®Àǵ帳´Ï´Ù. ¸¹Àº µµ¿ò ºÎŹµå¸³´Ï´Ù.
ÇöÀç ½Ã½ºÅÛ : ÇÑÄÄ ¸®´ª½º 3.1 ftp¹öÁ¯
¾Æ·¡´Â ¸Þ¼¼Áö³»¿ëÀÌ°í 61.111.201.XXXÀº Á¦°¡ »ç¿ëÁßÀÎ ½Ã½ºÅÛÀÔ´Ï´Ù.
---------------------------------------------------------------------
Redirect from 211.212.29.aaa on eth0 about 211.212.29.bbb ignored.
Advised path = 61.111.201.XXX -> 211.212.29.bbb, tos 00
Redirect from 211.212.29.aaa on eth0 about 211.212.29.bbb ignored.
Advised path = 61.111.201.XXX -> 211.212.29.bbb, tos 00
----------------------------------------------------------------------
---------------------------------------------------------
sec-info Mailing list Å»Å𸦠¿øÇϽôºÐÀº ¸Þ½ÃÁö º»¹®¿¡
´ÙÀ½°ú °°ÀÌ ¾²½ÅÈÄ <Majordomo@certcc.or.kr>·Î ¸ÞÀÏÀ»
º¸³» ÁÖ½Ã¸é µË´Ï´Ù.
unsubscribe sec-info your-mail-address
---------------------------------------------------------
---------------------------------------------------------
sec-info Mailing list Å»Å𸦠¿øÇϽôºÐÀº ¸Þ½ÃÁö º»¹®¿¡
´ÙÀ½°ú °°ÀÌ ¾²½ÅÈÄ <Majordomo@certcc.or.kr>·Î ¸ÞÀÏÀ»
º¸³» ÁÖ½Ã¸é µË´Ï´Ù.
unsubscribe sec-info your-mail-address
---------------------------------------------------------
|