DNS¿Í °ü·ÃµÈ ±Ã±ÝÇÑ Á¡µéÀ» Áú¹®ÇØ ÁÖ¼¼¿ä. ´ã´çÀÚ°¡ Áï½Ã ´äº¯ÇØ µå¸®°Ú½À´Ï´Ù. ¡Ø DNS¿Í °ü·ÃµÈ ³»¿ëÀÌ ¾Æ´Ò °æ¿ì »èÁ¦µÉ ¼ö ÀÖ½À´Ï´Ù.
Á¦ ¸ñ
RE : cache poisoning ??
±Û¾´ÀÌ
º¯»óö
Á¶È¸
3220
°Ô½ÃÀÏÀÚ
2009-03-31 ¿ÀÈÄ 2:28:30
cache poisoning À̶õ ¹«¾ùÀԴϱî?
DNS ÇÁ·ÎÅäÄÝ ÀÚüÀÇ Ãë¾à¼ºÀ¸·Î ij½Ã DNS¿¡ ÀúÀåµÈ Äõ¸® Á¤º¸°¡ À§, º¯Á¶µÇ´Â °ÍÀ» ¸»ÇÕ´Ï´Ù. Áï, dns server³»ÀÇ Ä³½¬±â´É¿¡ À߸øµÈ DNS Á¤º¸¸¦ Èê·Á º¸³» Á¤»óÀûÀÎ »çÀÌÆ®¸¦ ´Ù¸¥ »çÀÌÆ®ÀÇ ip·Î º¯Á¶½ÃÅ°´Â ¹æ¹ýÀÔ´Ï´Ù.
¹ß»ý¿øÀÎ
¨ç º» Ãë¾àÁ¡Àº DNS¿¡¼ DNS transaction ID¿Í source port number¸¦ ºÎ¿©ÇÒ ¶§,
¿¹»óÇϱ⠽¬¿î ÀÓÀÇÀÇ °ªÀ» »ý¼ºÇϱ⠶§¹®¿¡ ¹ß»ýÇÔ
¨è ÇØ´ç ½Å±Ô Ãë¾àÁ¡µéÀº ±âÁ¸ ¾Ë·ÁÁø ³»¿ëÀ» ±â¹ÝÀ¸·Î È¿À²ÀûÀÎ °ø°ÝÀÌ °¡´ÉÇϵµ·Ï ÇÔ
¿µÇâ
¨ç °ø°ÝÀÚ´Â ÇØ´ç Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© DNS Äõ¸® Á¤º¸¸¦ º¯°æÇÒ ¼ö ÀÖÀ½
¨è °ø°Ý ¼º°ø ½Ã, DNS Äõ¸® µ¥ÀÌÅÍ º¯°æ, »èÁ¦ µîÀÇ ÀÛ¾÷ °¡´É (ÇǽÌ, ¾Ç¼ºÄÚµå À¯Æ÷µî¿¡
¾Ç¿ëµÉ ¼ö ÀÖÀ½)
Ãë¾àÁ¡ È®ÀÎ ¹æ¹ý
¨ç ´ÙÀ½ ¸í·É ½ÇÇà
$ dig @aaa.bbb.ccc.ddd +short porttest.dns-oarc.net TXT
¨è Ãë¾àÇÑ °æ¿ì ÀÀ´ä ³»¿ë
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "aaa.bbb.ccc.ddd
is POOR: 26 queries in 4.0 seconds from 1 ports with std dev 0.00"
¨é Á¤»ó DNS È®ÀÎ °á°ú
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"IP-of-GOOD is GOOD: 26 queries in 2.0 seconds from 26 ports with std
dev 17685.51"
ÇØ°á¹æ¾ÈÀº
¨ç Upgrade
ij½Ã/¸®Á¹ºù DNS ¼¹ö·Î »ç¿ëµÇ´Â ½Ã½ºÅÛÀ» ¿î¿µ ÁßÀ̶ó¸é, ÇØ´ç º¸¾È Ãë¾àÁ¡¿¡
´ëºñÇÏ°í, ½Ã½ºÅÛ ¼º´É Çâ»óÀ» À§ÇÏ¿© °¢ º¥´õ»çÀÇ Ãë¾àÁ¡ÀÌ ÆÐÄ¡µÈ ÃֽŹöÀü
Bind·Î Upgrade
¨è ÆÐÄ¡°¡ µÈ ¹öÀü
BIND 9.3.5-p1, BIND 9.4.2-p1, BIND 9.5.0-p1
¨é ÆÐÄ¡°¡ ¾î·Á¿ï °æ¿ì
- ½Å·ÚÇÒ ¼ö Àִ ȣ½ºÆ®¿¡ ´ëÇؼ¸¸ recursive query¿¡ ´ëÇÑ ÀÀ´äÀÌ °¡´ÉÇϵµ·Ï
¼³Á¤ÇÒ °ÍÀ» ±Ç°í
- Recursion ±â´ÉÀÌ ÇÊ¿äÇÏÁö ¾ÊÀ» °æ¿ì, Disable(ºñÈ°¼ºÈ)½Ãų °ÍÀ» ±Ç°í
- º¸¾È Àåºñ(¹æȺ®, ħÀÔŽÁö½Ã½ºÅÛ, ħÀÔ¹æÁö½Ã½ºÅÛ µî), ³×Æ®¿öÅ© Àåºñ µî¿¡¼
- DNS ¼ºñ½º¸¦ »ç¿ë ÁßÀ̶ó¸é, ºñÈ°¼ºÈ(disable) ½Ãų °ÍÀ» ±Ç°í
- ƯÈ÷ BIND´Â ¹æȺ®°ú ¶ó¿ìÅÍ¿¡¼ DNS ¼ºñ½º·Î ÀÚÁÖ »ç¿ëµÇ±â ¶§¹®¿¡, ¸¸ÀÏ
ÇÊ¿ä·Î ÇÏÁö ¾Ê´Â ¼ºñ½º¶ó¸é, ºñÈ°¼ºÈ ½Ãų °ÍÀ» ±Ç°í
¨ê ÇØ´ç Ãë¾àÁ¡Àº ij½Ã/¸®Á¹ºùÀ» ÇÏÁö ¾Ê´Â DNS¿¡´Â ¿µÇâÀ» ÁÖÁö ¾ÊÀ½
Upgrade Áö¿ø ¾È³»
¨ç ³ÝÇǾƿ¡¼´Â ±× µ¿¾È ÃàÀûµÈ ±â¼ú°ú ÁÖ¿ä±â¾÷ µî¿¡¼ °ËÁõµÈ DNSÄÁ¼³Æà ¼ºñ½º¸¦
¹ÙÅÁÀ¸·Î ±Í»ç¿¡ À̹ø DNS cache poisoning ¾÷±×·¹ÀÌµå ¹× DNS °ü·Ã ±â¼úÀûÀÎ
Áö¿øÀ» Á¦°øÇØ µå¸³´Ï´Ù.
¨è ¾÷±×·¹À̵å´Â ¿ø°ÝÁö¿ø, ¹æ¹® Áö¿øÀÌ ÀÖÀ¸¸ç ½Åû¼ø¼¿¡ µû¶ó ¼øÂ÷ÀûÀ¸·Î Áö¿øÇØ
µå¸³´Ï´Ù.
=========================== ¿øº»±Û ===========================
DNS¸¦ °øºÎÇÏ´Ù º¸´Ï "cache poisoning" À̶ó´Â ¸»ÀÌ ³ª¿À´øµ¥..
cache poisoning ¹¹°¡¿ä??
Open source web analytics