ȨÁÖ¼Ò⠷α×ÀΠȸ¿ø°¡ÀÔ ³» ÇѱÛÁÖ¼Ò °ü¸® °í°´¸¸Á·¼¾ÅÍ Åä·Ð°Ô½ÃÆÇ »çÀÌÆ®¸Ê °í°´ ÁöÅ´ÀÌ
Ȩ / DNSÄÁ¼³Æà / DNS (³×Æ®¿öÅ©) ÃֽŠ´º½º
 
DNSC ¼Ò°³ ¹× Ư¡
DNSC ¼­ºñ½º ¾È³»
nBIND(BIND) ¼Ò°³
nBIND(BIND) ´Ù¿î·Îµå
¹¯°í ´äÇϱâ
DNS(³×Æ®¿öÅ©) ÃÖ±Ù ¼Ò½Ä
¹®ÀÇÇϱâ
ÀÚÁÖ ¹¯´Â Áú¹®°ú ´äº¯
°í°´ ¹®ÀÇ °Ô½ÃÆÇ
 
Á¦¸ñ  [NOTICE] BIND DNS ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
 

¡à °³¿ä
o ISC´Â BIND DNS¿¡¼­ ¹ß»ýÇÏ´Â ¿ø°Ý ¼­ºñ½º °ÅºÎ(Denial of Service) Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥

¡à ³»¿ë
o DNS64¿Í ¡°break-dnssec yes;¡± ¿É¼ÇÀ» µ¿½Ã¿¡ »ç¿ëÇÏ´Â °æ¿ì, ƯÁ¤ÇÏ°Ô Á¶ÀÛµÈ ÁúÀǸ¦ º¸³» ¼­¹ö ±¸µ¿À» ÁߴܽÃų ¼ö ÀÖ´Â
Ãë¾àÁ¡(CVE-2017-3136) [1]
- ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
¡¤ BIND 9.8.0 ~ 9.8.8-P1, 9.9.0 ~ 9.9.9-P6, 9.9.10b1 ~ 9.9.10rc1, 9.10.0 ~ 9.10.4-P6, 9.10.5b1 ~ 9.10.5rc1,
9.11.0 ~ 9.11.0-P3, 9.11.1b1 ~ 9.11.1rc1, 9.9.3-S1 ~ 9.9.9-S8
o DNS ij½Ã°¡ ƯÁ¤ÇÑ ¼ø¼­¸¦ °®´Â CNAME ¶Ç´Â DNAME ·¹Äڵ尡 Æ÷ÇÔµÈ ÀÀ´äÀ» ¼ö½ÅÇÒ ¶§, ¼­¹ö ±¸µ¿ÀÌ Áß´ÜµÉ ¼ö ÀÖ´Â
Ãë¾àÁ¡(CVE-2017-3137) [2]
- ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
¡¤ BIND 9.9.9-P6, 9.9.10b1 ~ 9.9.10rc1, 9.10.4-P6, 9.10.5b1 ~ 9.10.5rc1, 9.11.0-P3, 9.11.1b1 ~ 9.11.1rc1,
9.9.9-S8
o rndc µî °ü¸®¿ë Åë½Åä³ÎÀ» ÅëÇØ null command¸¦ ¼ö½Å ½Ã ¼­¹ö ±¸µ¿ÀÌ Áß´ÜµÉ ¼ö ÀÖ´Â Ãë¾àÁ¡(CVE-2017-3138) [3]
- ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
¡¤ BIND 9.9.9 ~ 9.9.9-P7, 9.9.10b1 ~ 9.9.10rc2, 9.10.4 ~ 9.10.4-P7, 9.10.5b1 ~ 9.10.5rc2, 9.11.0 ~ 9.11.0-P4,
9.11.1b1 ~ 9.11.1rc2, 9.9.9-S1 ~ 9.9.9-S9

¡à ÇØ°á ¹æ¾È
o BIND ¹öÀü ¾÷±×·¹À̵带 ÅëÇÑ Á¶Ä¡
- BIND 9.9.9-P8, 9.10.4-P8, 9.11.0-P5, 9.9.9-S10, 9.9.10rc3, 9.10.5rc3, 9.11.1rc3 ¹öÀüÀ¸·Î ¾÷±×·¹À̵å
o ¼³Á¤¿¡ ÀÇÇÑ Á¶Ä¡
- CVE-2017-3136 : DNS64¿Í ¡°break-dnssec yes;¡± ¼³Á¤À» µ¿½Ã¿¡ »ç¿ëÇÏÁö ¾Êµµ·Ï Á¶Ä¡

¡à ¿ë¾î Á¤¸®
o DNS64 : IPV4 -> IPv6 Àüȯ±â¼ú Áß ÇϳªÀÎ NAT64(Network Address Translation between IPv6 and IPv4) ¸ÞÄ¿´ÏÁòÀ»
Áö¿øÇϱâ À§ÇÑ DNS Ç¥Áرâ´É


[Âü°í»çÀÌÆ®]
[1] https://kb.isc.org/article/AA-01465
[2] https://kb.isc.org/article/AA-01466/
[3] https://kb.isc.org/article/AA-01471

¡à Ãâó
o https://www.boho.or.kr/
 
 

   BIND DNS ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í  2017-05-22 °ü¸®ÀÚ

 
ÀÌÀü±Û   ÀÌÀü ±ÛÀÌ ¾ø½À´Ï´Ù. 
´ÙÀ½±Û   BIND ½Å±Ô Ãë¾àÁ¡ ¹ß°ß¿¡ µû¸¥ Á¶Ä¡ ±Ç°í  

Çѱ¹¾îEnglishJapanese Á¦ÈÞÁ¦¾È ÀÎÀçä¿ë ¼­ºñ½º ¾à°ü ¹× Á¤Ã¥ °³ÀÎÁ¤º¸Ã³¸®¹æħ Ã¥ÀÓÇÑ°è ¹× ¹ýÀû °íÁö À̸ÞÀϹ«´Ü¼öÁý °ÅºÎ
´ëÇ¥ÀüÈ­ : 02-3665-0123   °í°´»ó´ã : 02-2165-3000   FAX : 02-2671-5613   e¸ÞÀÏ : °í°´»ó´ã@³ÝÇǾÆÄß
°³ÀÎÁ¤º¸ ¾Ç¿ë ½Å°í : reportabuse@ibi.net Copyright (C) 1995 - 2024 Netpia, Inc. All rights reserved.