red hat enterprise linux 4 - mitweb.mit.edu/rhel-doc/4/rh-docs/pdf/rhel-sg-ja.pdf · 2004-12-08 ·...

Red Hat Enterprise Linux 4

� � � � � � � � � � � � � � � � � ��

Red Hat Enterprise Linux 4: �� ‘

‘2005 : Red Hat, Inc.

Red Hat, Inc.

1801 Varsity Drive Raleigh NC 27606-2072USA Phone: +1 919 754 3700 Phone: 888 733 4281 Fax: +1 919 754 3701 PO Box 13588Research Triangle Park NC 27709 USA

rhel-sg(JA)-4-Print-RHI (2004-09-30T17:12)Copyright © 2005 by Red Hat, Inc. "!�#%$'&)(+*',�-/.10/243�546 V1.0 7'&98;:/<'=%>4?%@BAC:9D)E'F"G%?IHKJ/L)MONQPSRT MO!%U�V%WYXK:YZ"[ ( \%]9!)0%243Y5O6�^9_)`Ia+5O&%b9!4c12IdS>)e"f)M�g�:YZ"[1h http://www.opencontent.org/openpub/-%.%i%j/k%l'!%m4n1M"o%prqCs%t/u'v'g�EOwQx"(Ky9z/{Y|%};~9!%�/�'�'!�V'W9&��Q�4A+:9D�E'Z"[Yh-%.%i%j/k%l'�YAK!%�/�'!%t'u9v%g�E�w�x;(9�;!)�YPCg��'�'�/g��!I�S�'�9!4�'�YM4��E4D1�/(+�/.'�9��"�Y8�!��%.'�9�1A�%� [YF9�K!��K�/�I ;�%>%V/W'[YF/ �H;&��/¡1X;:9D�E'Z"[YhRed Hat ¢/� Red Hat "Shadow Man" £/¤"& Red Hat, Inc. !4¥'¦%�)�K�)8O!4§�!/¦)MO��¨9F;©%ª'�/«1ZOs/&��'«9>4[¬h % �MO%�)XK:'D9E9F%8O!%§/['®'D/!%�/«'&%¯/°1±;j/k/l�!4²9�/³%´�>4[[email protected] µ%_/! GPG fingerprint & :CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E

¶ ¶ ¶¸···¹ ¹ ¹�ºº º/» »»½¼ ¼¼

................................................................................................................................................. i1. ¾r¿�À�Á�Â�Ã�Ä�Å�Æ�Ç�È�É .................................................................................................... ii2. Ê�Ë�Ì�Í ................................................................................................................................ ii3. Î�ÏQÐ�ÂÒÑ)ÓÒÔÖÕ¬×�Ør¾�ÂIÁÚÙ�Ï ¼�ÛÖÜ .............................................................................. iv

3.1. Red Hat Ý�Þ�ß½×�Ø1à�á½â½ã Û .............................................................................. v3.2. Î�ÏrÐ�ÂÒÑ)Ó�ÔäÕ¬×¬å�æÖØ1ç�èêéBã Û .................................................................... v3.3. ÔIÐ�Á�ëÒØ¬ì�í�é�ã Û ............................................................................................ v

4. î�ïðÇ�ñ�à�ò�ó ..................................................................................................................... vi4.1. ôäÙ/¿Úõ/öø÷IÂ ...................................................................................................... vi

I. ù ù ù�ÀÀÀ�úúú�ÑÑ Ñ9Á ÁÁ�ÙÙÙ4ûûû�üüüðýý ýðß ßßêõõõ .................................................................................................................... i1 þ . ù�ÀÒú�Ñ)ÁÚÙ�ÿ�� ............................................................................................................... 1

1.1. ��×��úB¿��Iù�ÀÒú�Ñ)ÁÚÙ�� ¹ .............................................................................. 11.2. ù�ÀÒú�Ñ)Á Ù�� ................................................................................................... 51.3. ��ó ........................................................................................................................ 6

2 þ . �� .................................................................................................................. 72.1. ��÷��¿�Ç�� ....................................................................................................... 72.2. ��÷��Q¿�ÂBù�ÀÒú�Ñ)ÁÚÙ��Ç! �" ....................................................................... 82.3. Îð¿�öð¿�ù�À�ú�Ñ)Á Ù#�ðÇ� �" .............................................................................. 82.4. ��¿�Â�Ð�Á�¿�ÔäÕ¬×��$�%�& PC Ç�ù�À�ú�Ñ9ÁÚÙ ¼�'�ÛÖÜ �" ............................. 10

II. Red Hat Enterprise Linux Ç Ç Ç�ùùù�ÀÀÀ�úú ú½Ñ ÑÑ9Á ÁÁÚÙÙÙYØØØ)(((�óóó Û Û ÛÖÜÜÜ ............................................................... 113 þ . ù�ÀÒú�Ñ)ÁÚÙ/Ç�*�+ ......................................................................................................... 13

3.1. ,�÷�-Q¿�.�Ø)*�+ ÛäÜ .......................................................................................... 134 þ . �Q¿�Â�Ð�Á�¿ÒÔäÕ¬×Bù�ÀÒú�Ñ)Á�Ù .................................................................................... 19

4.1. ��¿�Â�Ð�Á�¿�ÔäÕ¬×Bù�À�ú�Ñ)Á�ÙYØ0/�1 ÛÖÜ ....................................................... 194.2. BIOS �BÏr¿2�)Ýr¿�3rÇ�ù�ÀÒú�Ñ9ÁÚÙ .................................................................. 194.3. ,�Ð4�Q¿Úõ'Ç�ù�ÀÒú�Ñ)ÁÚÙ ................................................................................... 214.4. 5�6�� ............................................................................................................... 264.5. 7�&98�: Ü ��÷��Q¿�Â¬Îð¿�;¬Ð ......................................................................... 324.6. ,�¿�<>=�?äô9@Bß�¾�A�BY¿!? ................................................................................ 354.7. ù�ÀÒú�Ñ)Á ÙC�DFE0G9H!I�JLK�¿!? ..................................................................... 36

5 þ . Î�¿�öð¿�ù�ÀÒú�Ñ)Á Ù ...................................................................................................... 375.1. TCP Wrappers � xinetd Ø)M�&�é�H�Îð¿�;BÐ�Ç�N�û�O�P .................................. 375.2. Q�¿R�TS�÷)Ó�Ç�O�P .............................................................................................. 405.3. NIS Ç�O�P ........................................................................................................... 405.4. NFS O�P ............................................................................................................... 435.5. Apache HTTP Î�¿�öð¿�O�P ................................................................................ 445.6. FTP Ç�O�P ............................................................................................................ 455.7. Sendmail Ç�O�P .................................................................................................... 475.8. Ñ�÷)ÐÒ× ÛäÜ Q�¿R�'Ç�U�V ................................................................................... 48

6 þ . VPN (Virtual Private Network) ....................................................................................... 516.1. VPN � Red Hat Enterprise Linux........................................................................ 516.2. IPsec..................................................................................................................... 516.3. IPsec ß½×BÐR�'¿!? ............................................................................................... 526.4. IPsec W�ÐR�TX (Host-to-Host) (�ó ...................................................................... 526.5. IPsec �Ò÷��Q¿�ÂYX (Network-to-Network) (�ó ............................................... 55

7 þ . ô�@Bß�¾�ALB1¿�? ............................................................................................................. 597.1. Netfilter � iptables .......................................................................................... 607.2. iptables Ç�M�&�Í .............................................................................................. 607.3. Z�ü9[�á iptables ôêÙ?F��Ñ�×�Þ .................................................................... 627.4. FORWARD � NAT Ç�?�¿!? ................................................................................... 637.5. A�Ù#?�Ð\�1á�] Û ã�é IP ¾�õ)^IÐ ......................................................................... 647.6. iptables � Connection Tracking ....................................................................... 657.7. ip6tables .......................................................................................................... 65

7.8. _a`�b9`�cYd�e�f ................................................................................................. 66III. g g g�hh h4i ii�c cckjjjRlll�mm m�n nn�o oo�ppprqqq .............................................................................................................. 69

8 s . tvu�w9`�n�o .................................................................................................................... 718.1. x4y!z�{>|�}�~��k��F��q ................................................................................... 718.2. n�oFm0��o2�k��j�fR��prq ................................................................................... 718.3. �ae��Fm0��pFq ................................................................................................. 73

IV. � � �� v� �� L��r��0�� 0ff f��4��>fff ............................................................................................ 779 s . �� ........................................................................................................................... 79

9.1. ��F�>f�j��m0��o�prq ................................................................................ 799.2. �!fR��9e�f�` IDS .............................................................................................. 799.3. �L��aeL�0�9e�f�` IDS.................................................................................... 82

10 s . ��F�0�>f��>f ................................................................................................ 8510.1. ��F�0�>f��>f�`ao� .......................................................................... 8510.2. ��F�0�>f��>f�¡�¢Fm)£Fq ................................................................... 8510.3. ��F�0�>f��>f�¡�¢Fm)¤�¥�pFq ............................................................ 8710.4. ��F�0m0¦�n�pFq ..................................................................................... 8710.5. cYd>e�f�`�§4¨r�vc�©�ª«c ................................................................................. 8910.6. ��F�0m0¬��pFq ..................................................................................... 90

V. ® ® ®�¯¯ ¯ ................................................................................................................................................ 91A. °�eR±�²�³!´L�a��YeL�>`�µ�¶ ................................................................................... 93

A.1. ·�¸9zL��9��aeL�\�¹��º�» ............................................................................... 93A.2. °veR±�²�³a´!`�g�h�i4c�j¼l ............................................................................... 96

B. ½�¾>¿9q0��L´9�>g�f\��À�Á .............................................................................................. 99C. Â�Ã9Ä�z��eR� ................................................................................................................. 103Å Å Å�ÆÆ Æ

................................................................................................................................................... 115¿ ¿ ¿L�� Ç ÇÇ4È ÈÈ ............................................................................................................................................ 121

É É ÉËÊÊÊÍÌÌ ÌÏÎÎÎ

Red Hat Enterprise Linux Ð�Ñ�ÒLÓkÔ¼Õ¹Ö�×�Ø#ÙFÚLÛ>ÜaÝ !

Red Hat Enterprise Linux Ð�Ñ�ÒLÓ�Ô¼Õ�Ö�×�ØTÞ�ß Red Hat Linux à�á9â�ãvâ�ä�å!â�æ!ç�è�é2Ó�ê�âRëì Úví�îvï\ß�ðvñ�ò�óaÐvôrß�õvö�÷4í�øvù9ú�ûaüYâ�óaô�ÔvârýFþ�ÿ��â��vâ��rí�� í�ÚLÛ��aãL×9ÿ��! �"!#%$�& Red Hat Enterprise Linux Ð�Ñ�ÒLÓ�ÔRÕ¹Ö�×�Ø � Þ�ß�vâ�'YÐrÿ�'Yârß(�)�*\ß�+�,-�/.0à�0�1!��2vÿ�3vÒYâ�'4�5��6�7�$\íYà ì98�: �%�rí<;�=?>4ÿ�@A�B â�ç �<C!D ì?E-FHG #$I&J�K-��L�MH��N!O�PI�QIRS B â�çI�T�U-$\ívÜ�� ì Ú�VYß Red HatEnterprise Linux �%W�ù�$Fí�ý>ô�Ô�X�ÞZY�[ ìS\�]!^�� ÷�í �Lì ß_I��`I.)à?a�b ^ ��î�ï A ð�ñLòvóÐ�ô�àZ�c9ú\ûed�f�$Fí�Ü��)ä ��g #%$�&Ü>à�Ö�×�ØTÞZh�i9à�ÚLÛ��Ð�ÑLÒ4ÓkÔ¼Õkj?l ë�3�m�ó��C�D ì<n R ?o EpG -"!#%$�&

• q-r>×�ò�s�t)â�ç• u�v�w• x : �?�9â�y>ô�à?0�1�d�f• Virtual Private Network

• î�ï�z�LÜ>à�Ö�×�ØTÞZh�i9à�ÚLÛ��96�{ ì9| úZ��#�$�&

• Ð�Ñ�Ò4Ó�Ô¼Õk1�b• Red Hat Enterprise Linux à�Ð�ÑLÒLÓ�Ô¼Õ��}�~�$Fí• Ð�Ñ�Ò4Ó�Ô¼Õ��%��~�$Fí• ð�ñ�î�ï �>×�ÿ�ý��ÿFë%�>ôZ��ÿ�ô• ��ÜYàvÖ4×«Ø ìZ�� Lí%��?"9��-"?� Thomas Rude � ì9�� "Z� G #%$�& Thomas Rude ��Þrß%�� àZ��~9àZ��è�éL×�ÿ�ý%��ÿrë��ô��4ÿ�ô�à9��Z� g # G ��&�x�� Z�� G��!� #�$�&ÜYàvÖ4×«Ø Þ Red Hat Enterprise Linux

ì9� "Z ��-��L�M��%� G -"�í�� G !"-#%$�& RedHat Enterprise Linux ��Þ¢¡%£� !T Û)árâ�ã�â�ß9¤�¥rú2û�¦�§rà-L�Mp�9¨Lçrà9árâ9ãrâ � Red HatEnterprise Linux àZT�U��c ìS� "? �àZC�Dvä 8�: �Z*�©9Þ�ß Red Hat Enterprise Linux Ð�Ñ�ÒLÓ�Ô¼ÕÖ�×�Ø0Ú�V?ª�C�D ì Red Hat Enterprise Linux

ìS� "? �àZ«�¬��%o EpG !"�í%h�i9à�Ö�×�Ø%�%�® G ¯ ��?"-&

• Red Hat Enterprise Linux ×4ÿYô¼ë â�ç�Ö4×«Ø ì Þrß�×4ÿYô¼ë â�ç ì j�$Fío E ä�°�±��- -"�#$�&

• Red Hat Enterprise Linux ý�ô�Ô�XZ²�³�ï!´�Ö�×�Ø ì Þ�ß%µ G " Red Hat Enterprise Linux ý>ô�Ô�X²�³�¶�U9à�ï!´Z·�¸9äZ°�±��! !"!#�$�&

• Red Hat Enterprise Linux ýaô9Ô!X�²-³4Ö4×2Ø � Þrß�á�â�ã�âvà->�â�¹ ì ÷ |�º � Red Hat Enter-prise Linux àZ}�~��c ì j G �àZC�D��o EHG !"-#�$�&�Ü>à�Ö�×�Ø ì Þ Red Hat Enterprise LinuxÐvÑrÒ�Ó�Ô ÕTÖ4×«Ø � o E ��! �"�í ( Ð�ÑrÒ4Ó�Ô¼ÕTàZ»�¼�ú�û ) " ¯ � úvà��â�yYôvà E-F ª�½�#��#%$�&

• ôvÔHm�;��L×�ôvÔHm�;vÖ4×«Ø ì9¾¿G rß Red Hat Enterprise Linux Ó9q�rZ�vÿYôvÖ4×«Ø ÞrßYú��pVÀ�Á à9÷�í0á9â�ãvâ�ä 8�:LìÂ ¡e ?�®Z$rí�à ì J G �ZCZD�·�¸�äZÃ�±��! �"-#�$�&HTML ß PDF ß RPM Ä!�9â�Å\þ�ÿYàvÖ4×«Ø ä Red Hat Enterprise Linux Ø ÑrÒSÆrÿ\ë CD ß�èvé-Çrÿ=!×9ÿ>à http://www.redhat.com/docs/

ì ÷�V<#%$�&

ii È È ÈIÉÉÉËÊÊÊ�ÌÌÌ

ÍÍ Í�ÎÎÎÏ�Ð�ÑÒ�ÓÕÔ%Ö?×�ØeÙ!ÚÜÛ%Ý<Ð�ÞßZàËá%â�ã�Ø�ä?å�æ�çéèê!ÚËë�ã<ì?í�ÓÜîZïËð9ñ�òÜÐ�ó%ô�ëõÖSæeö9æË÷<ø%ùúSû�ü Þ�ßZæËýZþeè%Ô Red Hat Enterprise Linux ÿ�ÿ�� ò�à�� þ�� ÿ%ÿ�� òéÔ9í RedHat Enterprise Linux CD #1 �� ñ��õÒ%ñ�Ð http://www.redhat.com/docs/ Ö��<ëkã��

1. �� !! !#"" "%$$ $'&& &�(( (%)))#***�+++-,, ,. Ì0/21%354767809:8�;=<�>?5@A7B�C�Ì�12DE3�4:678:F�GH!È x86 IKJ0L=MONQPQR Intel® ExtendedMemory 64 Technology (Intel® EM64T) S AMD64 TVUKW2JYX�Z[QD7@QIKJ0L=MON�Ì%\^]2_Q`%354a�bQced�f Zg2TYU�hKi�j�k:@�l2m�Ì�n78�6�ÈK>�oVp�@ f Z2g2TKU�h7i�@ Red Hat Enterprise Linux Bq�r s Z0t:A7BuCVv�wQx=\�6%y^ze3�8 d

2. {{ { || | }} } ~~ ~� AKB=C5v5�7�uS0> .Q� @2�Q�7�V>5�79VF�K� qVs >5��%>5NYB0�V>��%3��0�Q1%3�476K87FQ?KS<Ì0��Q�%� Ì09VFSÈ2�7�2� d ?�@2�Q�Q�Q�-È2��Ì%\O�Q�V��62�7�0476K8 a � d �79VF��Q�7�7�K��6%�0> É rV¡ B�t7�2�Q1%35476K8KF5¢Q£-ÈV> .� @Q¤2TV¥e¦%Ì�§ a 4%FQ?7S0v5� \^6K8 a � d ?�@2¨�Ì��1E3�4:6787F��2�:@ ¡ B�I�Ì?È�©Q@YªY«¬9�:�Q�%< a � d

command

‘ Linux ®�¯ q C ( ¢Q£�ÌKªQ��6�ÈV>0°0@2±7@Q²2³%´�ZQT¶µ q·:¸�r TQ¹V®�¯ q C ) ÈV?�@0¨�Ì��Q1\ a � d ?�@2¨�Ì��1E3�4Q6787F�¢£%>�°�@0º»Q¼ev®�¯ q C�½�B q �0¾:¿u\�> [Enter] gQZev�Àb7Á >0°0@V®�¯ q C5v�ÂQ��EFQ?7S^�Q� �a � d ®�¯ q C¬@7Ã�ÌZÈe>Q�:Ä�B�tÅ:9uÆ�@��79eF��17Ç:ÈK�§ a 4uF:?YS:��< a � d ?�@¢:£�È%>2°2@Ç:È-�2®�¯ q CO@QÉ:Ç7�Y��<�>�ÊQ� SK\6 1 n:@Y®�¯ q C�v�ËÌ \ a � d�ÍEÎ�Á >cat testfile ®�¯ q CõÈV>5ÏQÐ:@0ÑÒ:Ó¶µ^´2U s ¦Ì�:F testfile S�8E«¬ÅÔQ@V�7Ä�B�t:@Õ�Ö v��2�EF�@-Ì�×2` \ a � d

Ø5ÙOÚ�Û�Ü‘ �KÄ�B�tQÅ%>�Ó¶µ�´U s ¦OÅ%>�Ý r > RPM Ý M�Þ�ZVX5Å-ÈV>Q?�@2¨�Ì��Q1-\ a � d ?�@ rV¡ Bt-ÈV>0°0@2ÅQÔ7@ .Q� @V�7Ä�B�tßQÓ¶µ�´2U s ¦�� ¸5r TQ¹0à�Ì�áÐQ�VF?KS�v��-\�6:8 a � dÍEÎ�Á >â Z¹Ó'µ^´2U s ¦�@ .bashrc �:Ä�B�t�Ì?ÈY>�°�@0ã:Z�ä:Z0`:@ bash ¸2å t �æ SOçYBE¦ f r �è áE3�4:6:8 a � d

/etc/fstab �KÄ�B�t�ÌZÈV>��79eF ¸5r T¹ÓéKB r PQRE�7Ä�B�t ¸5r T¹@0lQm:� è áE3�4:68 a � dWeb N:Z2éQZ2@7J · �7Ä5B�têë:I:J · ½5¹Yv�×`�eF��ZÊ-Ì?È webalizerRPM v�B q�r-s Zt \�6%y�zY3�8 d

application‘ ?�@�:1�È:IeJ · ½�¹:�2ç q C�ã7ZQä7Z f I ¦�Þ�Z ¸%ì5q �K�KF ( ¸�r T7¹VíQ� s^îKå f ��ÈQ98 ) ?7S�v�� \ a � d�ÍEÎ�Á >

Mozilla v�×` \O6 Web v�ï0ð=\ a � d[key]

‘ gZ7ñ�Z-Còà:@gZ�È�óôQ@eª7«%Ì��01 \ a � d�ÍeÎ�Á >

õ õ õuöö ö�÷ ÷÷7ø øøiii

[Tab] ù2ú ø7ûü�ý2þÿ��Eü�ø�õ 1 �� [Tab] ùú �� ú�� !#"%$�&�')(�*)+-,.+ ��/.0�� ü�1-2�3 � +�(546' �87�9 �:� ��[key]-[combination]

‘ ùú +�;�<)=�>�? õ@%A + ûB^ø:7�C@D�E � �F��G@HJI[Ctrl]-[Alt]-[Backspace] ùú +�;�=�? /LKNM 1 "PO ��Q�R ��S-TL KNM 1 "PO �U�K 3-V�W�X �Y V�Z ú�� ø:[6\ � �F�

GUI3 3 3NV VV�� ú ú ú 1 1 1�]] ] ú ú ú 4 4 4)^^^ ø ø ø�___7üüü�``` ù ù ù 4 4 46'''

‘ GUI+ 3V�� ú 1�] ú 4 WNX�a@b " Vdc%b ^ ø)� > E%ü�eFf � a �N�-g õFJA +�h ø.7�C �.��i +�h ø:7�C�D�E �-j ü�k = , E:õ�l�m + GUI

W�X � , i�ø�_7ü�l�m +�n�o �%p��NqKø� > E �-j�� ( r ]s &�t s &J4 aF1 " ú)� c¬ø:uLv � E�w ��g�x�y )��GFHJIL

4@&F( ú V:z ú�{Qú ��|�}��Eü-~)��ø.� 4L� ú c��%ü2ûB�ø � w j ~)��õ)�� 4 4 4L�� ú ú ú c c c%�� r ]s &�t s &:4 �� :� �F�

GUIW W W�X XX@%��Qõõõ�bbb " " " V V VFccc�bbb ^ ^ ^�++ +�� N�� ú ú ú ^ ^ ^��

‘i + 7NC _Kü:�QõF , E �� b�V �-�L� ú +��^N��+�n�o%� ~ j B.i-~��7 �.� �F� GUIW�X ^ ø�_:ü ,)+ ��g � &@( s & �eü-~. ,.+��L� ú +�� \ 7�9FD%E � �@�%G�H�I@GNOME

� ú��8�� ^�+ 11 1-222J333 � � � ø�õ@.�%ö%b " VFc�b * ø:�� +@� ] � � U V �6' ��d�)i-~ / �ü��F�� :� ��:� �@�� V _F\ � ��GUI

��L� ú �� Q�R �Eü8¡�� _:ü-~:�5õ@8A + G + ûB�ø�7�C �J� ��(�@¢ � ^�+ )

� � � 3 3 3�VVV � � �N�� ú ú ú t t t � � ��VVV =>� � � U U U�K KK�M MM�£££ => Emacs

~�¤�¥ / Emacs` ù 46'§¦�!6" ��J� 0¨�:� ��

GUIW W W�X XX@%��Qõõõ�bbb " " " V V VFccc�bbb ^ ^ ^�++ +Ntt t � � ��VVV

‘i + 7�C:õ

GUIW�X ^�+L&@( s & / �ü t ��V ^ ø:` ù 46'§ _:ü�i-~.�%9 �:� ��%G�H�I[ [ [Vüüü t ��V�� © ø:7�9 � wNb�])��ª ú« ø�[6\ � �F�

computer output

‘i + 7NC + ` ù 4#' õ@ ¦ M�ú � s�z ú@« a YJ¬ VdcOø:N�Eü�®N¯ x�y � ] � � U V �#' ø:79�D�EEüJ` ù 46' ��9 �:� ��8G�H�ILlsYJ¬ VFc�õ 1 ° +�!#"%$�&d')(�+�*:± �87�9 �� F��G@HJI

Desktop about.html logs paulwesterberg.pngMail backupfiles mail reportsY:¬ Vdc +�²N³N´Nµ ~ �8� 7N9dD�E%ü�f � (

i + k = õF !¶"8$�&�'�(�+L*)±)õ@ ^ C +�h ø.7

9�D�E � �F�

prompt

‘ Y V�· � ú � ��¸L¹)/ _7ü�i-~.�89�� U V ��' õ�i + 7�C / 9FD%E � �@�%G�H�I@$

#

[stephen@maturin stephen]$

leopard login:

user input‘ YJ¬ V�c M 3-V � GUI

W�X ^�+ ` ù 46'�t s &:4 ø-�º ú�»:ú N��x v:ENI xd�%x-j ` ù 4' õ@i + ûLB�ø:7�C �J� �F��A + G / õ@ text i + 7�C / 9FD%E �Nj-� ��

iv ¼ ¼ ¼d½½½¿¾¾¾LÀÀÀ

Á�Â@Ã@Ä�Å�Ã@Æ@ÂÈÇ8ÉFÊ@Â@ËdÌdÍ�ÂÈÇ�ÊLÎ�ÏFÐ�ÑFÒ�Ä@ÓLÔ@ÕLÖ6× À�¼�Ø boot: ÏdÐ�Í�ÏÈÇÓ Ø text Ù�Ú�Û Ö�×�Ü�Ý�Þ�ßdàJá�Ö@âã�ä%å�æ�ç�èNé‘ ê Í:Ï�Î Ù-ë8ì�íNî6ë�ìLï ×JÃNÆ�Â¨Ç5Ó�Ö�â�ð�á@à Ø%ñ Ê�ò�Ê�Þ�ó ¾ ×�ô�ÊFõJÓ ãdä�åFæLö�÷ ×Ã-Æ�Â¶Ç ¼�ø Ë�ùFú À.ûNü#ë á�ÖdâJý-Ë�þ-Ó ¼dØJÿ version-number ��¼�ø Ë û�ü Ó�� ÷

ì-ï á�Ö�â/usr/src/ � version-number � / Þ�� Ê Î�� Ê Â Ë ô� �� Ç�� ÓÖ�â ÿ version-number ��¼@Ø�ø Ë@ÁJÂ�Ã�Ä À Ì-ÍJÂ¨Ç¿Ê�Î ë�ì�ï ×��Ê��Î�Ë��Ê��Í À� àJá�Ö�â

á�� Ø�� ó-Ë� "! À ð ï�ìFØ�ñ Ê�ò-ÊNË�#�$dÅ�%�&'� ¾À)( ð+*NË�#�$", ä ÞLß�à�á�Ödâ�Á:ÂNÃ�Ä À- Öd×�.NÝ"/ À)06½8ìFØ21 ÷43.÷ Ë�576 ¼@Ø # üFØ"8 Í�Ç Ø .�Ý Ø #�$ Ø�9�: Ë";�Ê4�.Þ2< ï�ì-ï áÖ�â%þ æ�= Ø

>> >@???Linux A�BDCFEFG / HIEIGKJMLMN"OQPSR2TSUKPKV ROSE W rOsE AYX@Z�VSPDR2T

[[ [I\\\K]]]/usr/share/doc/ ^�_a`Ib ]FcQd AKB'eYf@g�h d'i�\ f ]kjFl�man�o)p�qsrutQvFjKwsx'y'xIz�{�x}|�~)�M�\)]��Y� P n'o�p PaRKT

�� I��DHCP �F�)�@� ial JS�I�}O��M�I�KBF� x �I��A DHCP ^ jF��\ JD�I�I�@R q PQ�I�@� mSn Pa�'�)T

>> >I��S�IxM�I� A root �M�I +OkZ p �M¡ mIp T — esf'g@hM¢'£ xF�@¤)d B root ¥Y¦�§ \K] � �I� JSR qS¨ � ��©�qWYªD«F¬@A�BS �@xF®'jM¯'j ¥M¦�§ \K] JS°@±+O o ¡ mMp T

²² ²I³³³¨ � Z Red Hat Enterprise Linux

rIj g"_DeK´ \Qµ�¶ Ja·'¸MR q@¹�ºY»Dn�¼kn�½ >@� O o2»aµ�mMp Ta¾ xFr'jg"_De)´ \ JS·'¸FR q WS^ j�¿sxFÀIÁ B@eQfIg@hFÂIÃ xMÄIÀ JaÅ »kÆ@n'��© VsPSRKT

Ç Ç ÇÉÈÈ ÈQÊ ÊÊuË ËËv

3. ÌÌ ÌÎÍÍ Í�ÏÏ ÏÑÐÐ ÐÓÒÒ Ò�ÔÔ ÔÎÕÕ ÕÓÖÖ Ö}×××ÙØØØ�ÚÚÚÛÐÐ ÐÝÜÜ ÜßÞÞ Þ�ÍÍ ÍÙàààâáááäãããå4æ2ç4èâéIêâëÝì�í2Ë)îÝï�ðÝñ�åuòâó�ç�ô�õÝö"÷âøIù}úKû)ü"ý�þ"ÿ��'å��"ò ø��âí�øIË"û+è �ç��Ýñ��4Ë��

Red HatË ��å4æ2ç4èâéIêâëÝì�í��2ûuè ��Mæ"Ë ��ñ�� "!�ï��#%$�&('�)* ��+�%,.-�/+ï%�+#

• Red Hat 0.132 í4�%,.-./uï%�•å�æKç}è4éFê4ë�ì@í%546+�%7489��ï:�

•ë�ç4��;<�%=4>?��ï%�

Red Hat Enterprise Linux��Ç7ÈMÊ��@�A��B4CuË3��9DDDuøøøFûû û�DDDFêêê(EEE+òòòFFF"úúú�ííí�øø ø:��G4H?�I�

Red HatË�.�.�Éñ�J.K��4L.M9N�ðÉïO�"#��DDD}øøøIûûû"DDDIêêê4EEEuòòò+FFF"úúú+íí íÝøøø@Ë�P+ñ�L�MâË Q"R��4��&�'�>"S��O,�-/��@å�æKç�è4éMê4ë�ì'í4��û+èO��Yæ�Ë��âñ4T�U:� * S2ï%�V#

��9DDDuøøøFûû ûVDDDFêêê(EEE+òòò<FFF�úúú�ííí�øøø( W Duø:X�ò4è2ûuè��"ç4��4� )

* ��'�>+S��Y�Z * S�-�/ [�\4ËKÇV�%]^ !IËhttp://www.redhat.com/register/

*Red Hat

&4_�í4` 2 í%��+�%,.-9a�T�U�b * S�ï:�V#

3.1. Red Hat c c cVdd d�eee+fff<ggg(hhh+ii i�jjj+kkk(lllm�n &Red Hat 0�1�2 í��-�/ [�\+Ç<�O��oDDDuøøøMûûû+DDDFêêê(EEE+òòòFFF�úúú"ííí�øø ø:��ïOB�Ç4_�í4` 2 í * û puùuí�ø&(q�r+�%,.-9aOT�U:� * S2ï%�V#

https://www.redhat.com/apps/activate/newlogin.html

Red Hat 0.132 í *(s4t &(u9v�Ë�û�è��ç * S�ñ(Pa@Ë3-"!�ï%� :

• Red Hat Network wx Ë�P�ñ�ö�÷�øFùuú)û3&+û+DYê4y�ò7ø%�:EV`�ò<z(�'ü�ý• Red Hat

��è {(p(|�å.��ò ø%�+�}��4í4ø%��~<��DOF%��ò�çRed Hat 0�1�2 í��O��ð��o�)ï�R�B�[�\uÇV��_�í�` 2 í * Red Hat 0�1�2 í��.�4�Ýñ�T�U%� * S"ï�+#https://rhn.redhat.com/help/forgot_password.pxt

3.2. � � �o�� 9��?��O��o�� fff(��<��gg g3��"��4k kk(lllå4æ2ç4èâéIêâëÝì�í�5�6uÇ��N�ð�B��?DO��òVF2Ë�7�R��/}ï��+#��?DO��òVF2Ë�å4æ2ç�èâéêâëÝì�í�5�6��7�R��/(-�/ [�\4Ë2ÇV��å�æ2ç4è�éIêâë�ì�í�Çuûuè ��Fæ"Ë3-VR��./}ï��.& * TO&�')+Ç3�4�?�I�(��/uï%�.�<#� � �oDDD}øøøIûûû�DDDIêêê�EEEuòòòVFFF"úúú"íííÝøøø *4� Êo�'ð�B.C+�"ï B"Ç

http://www.redhat.com/register/* åâæ�ç�è�é@êë�ì@í%546+�%7�89��ï%�+#

3.3. � � �4�� < oggg(¡¡¡<¢¢ ¢£��4kkk(lllRed Hat Network Registration Client

* ë�ç��;V��=�>�� 2û�DIê�y"ò ø��7�'��I�âë�ç4��;�&2ü"ý�%,�-�/uï%�+#:=4>4¤4¥+Ç3 ¦ !: +!�ï%�+#

1.� � �9DDDuøøøFûûû+DDDMêêê(EEE+òòò<FFF�úúú�í íí�øøø}&�@�A<§"Ë ,�-oa

— ¨ª© © © ò ò ò?��FùùùuúúúKûûû�þþ þ�ÿ ÿÿ.&&&(« ««4¬¬¬9%&�_"êâëÝì�í�U¨ ë ë ë�ççç��;; ;(& &&3� ��9DDD%��òòò�FFF�®®®�¯¯¯<��%«««�¬¬¬":&(_�ê�ëâì@íKË�°�úD'è��:7�ð4ï%�V#2.� � �?DDD�øøø@ûûû9DDD@êêê4EEE}òòò+FFFuúúú+íííÉøøø±&�Y+Z�²ÝË(,-�a

— 2 2 2 í í í �{{{<�� )òòò�³o�KëëëKççç.��.;;;´´ ´�òòò�||| ->Red

Hat Network&() *3µ õ�ï%�+#

vi ¶ ¶ ¶�···}¸¸¸�¹¹¹

3. º º º"»»».¼¼¼±½½ ½<»»»�¾ ¾¾3¿¿¿�ÀÀÀÁÁ Á(Â ÂÂ(Ã ÃÃV¼¼¼ÅÄ(Æ�Ç È¹�É.Ê"Ë — root Ì.À3Í.À4Î<ÏOÐÃ+Ñ%Ò3Ó�Ã ¹�Ô.Ä<ÏOÐÃ+ÑÕ:Ö.×9Ø�Ù%ÚVÛ• /usr/bin/up2date --register

4. ÜÜ Ü?ÝÝ ÝßÞÞ Þ�àà à?áá á?ââ â?ãã ãRed Hat Enterprise Linux º4äåæIç�èÅé.Ó9Ñ}¶<ê Red Hat Enterprise Linux Ì.À(Í.À�¹Oë¹�ì4í+î Óï æ�À�Ê�ð�ñ�À�¼ Õ�ò�ó�Ú�ô�õ�ö Ë Red Hat ÄVÏ<÷�»�¼�øVÃ�¼�Ä�ù�ú�Î Ú�Û�û�Ø�ü�ý À�þ�ÿ.º�ä<å<æç�è��.Ä9æ�æIÀ��¹��ê� 3Ä�� Õ é�Ó"ÑI¹�� Ø��oØ � ü��(Ù%ÚVÛ4.1. � � �� !!!#"""�$$ $Red Hat Enterprise Linux º"ä�å�æ(ç è�éoÓ Ñ(¹&%('*)+�-,�.0/21"ÿßê23�Ä�é?Ó£Ñ(¹54 Ø �6-7 Ä98&:-;�Ê=<>�5?A@(B+C98&D*E FHG9I ü?Û rhel-sg ¹04 Ú ô-J ñ9À ¼ õ�Ø � Bugzilla(http://bugzilla.redhat.com/bugzilla/) ¹ òLK�ÕNMPOü+Ø�Ù%ÚVÛQ é.Ó9Ñ}Ä ID

Õ�R ?�SHTU Ø � ü .�G0FPV�Ë MPO�ü+ØOÙ%Ú<Ûrhel-sg(JA)-4-Print-RHI (2004-09-30T17:12)

3OÄ ID ¹�V>WOê MPX�YLZ Ä4é�Ó9ÑÅÄP[�\.ÊP]�ÀÁ>^%Ã Õ \_ ÚVô 3 õ )(Î �4Ù�Ú+Û6�7&`9ÕPMHa ü .HG*Fb/�1V¹�¶+ê Î �.ô GLcPd�e&f¹ M�gAh AF�G2I üÛ éÓ�Ñ±Ä�%�W�¹(í ü �¶<êji�k¹�l�;�Î �4ô VË�êOº&m�n5^%Ãpo�q+êpr4È�Äst Õju5v � MPg(h 2FjGLI ü�Û

I. w w wyxx x{zzz}|| |�~~ ~�� y��

��5��5�>�p��b��2�b��5�>��0�� ¡�¢�£A¤¦¥5§� ¨H©0�P��ª« ¥�¬�A¤p¥ «&® �2¯ ® 5��°�±�²��³5´bµ�³�¶�³ ® ��·�¸�¹�º�»�¼��2�b½�¾&�Nª « ¥2¿ «5À ª�ÁHÂ(¤�¥ «�® �5¯

Ã Ã Ã5Ä ÄÄ1 Å Å Å . � � �� &� ��&��¦��A�� ÇÆ ÆÆÈ ÈÈ .......................................................................................................................... 12 Å Å Å . É É ÉÊ ÊÊ ¹ ¹ ¹(ËËË¦ÌÌÌ�ÍÍ ÍPÎ ÎÎ ............................................................................................................................. 7

Ï1Ï

.Ð Ð ÐÒÑÑÑÔÓÓ ÓÖÕÕÕØ×××ÚÙÙ Ù�ÛÛ ÛÒÜÜ ÜÝ�Þ�ß�à5á�â�ãAä¦Ý�Þ>å�æ-çbè�é�ê�ë�ì2ábí�î�ï5ð�ñ�òHó&ô�õ>ö&÷jø�ù>úNû0ü�ý�þLÿ��ù��è�� þ�þ��2ñ�Ý�Þ�� >õ5ö&÷jø�ù>ú��ÿ��ù�� è� �!5á#"�$�ï2ð�%�&�ô'��)(�*��>äpþ�+�Ý�Þ ��,)-��.�/�0�1�2��3��ù�,�4#��á#5Aä76�8�9+ä�ñ�Ý�Þ�è�:�à&ô3;�<=�übý2ð>�?>ô31@&3%A&��A��CB D�E�FG��H�I5á#J�� (LK ��ï�+�M�N�OP��Q�R��þ��S�THè

IT�32�ù�-ô�Uù�V�W>ô�X�Y Z�[&ô�X)\�ú3��-�ï2ð�è�]5ñ)^_��`bajè�Ý�Þ�/ c��P��N� �d2ñ#e�[�'�:Hàb��'=f)�ï_+�gbýP�7h�i3]>ñ�j�kP'&ÿ��ùA��l�mHè�nù�o��L%Afqp�r&ô3'��#(A*�( KP�bïA+

äts+äPñu^G�#`Gabè�Ý�Þ�/ c��(é�ê�v�ù�w�ùbX�x�� (

)�5ñ3��A��bá#y�zL[�'bXbèb��{�|)(�}f�ñ#~�I2ñ#��2ñ#�� èL�3d�è�� s�fbô��áL��ýP�L�7]ï�+#0�� '��A��è7 �!�7N��

( �� è�'PK)��P�7��+ä�(*ä)�7�Nþ7� )]7��PýP( K��bï_+��A�L�� è7B�Du�Hè7�7�+äþ��=��ä�(5ñ)^b��`babè�� 2á#¡P¢�ï2ð#£�¤ [�'7��¥ �>ñ7¦L��ù>õ>ö&÷§'_abè�� ]�*�'LKõ>öH÷pø�ùLú#��¨�©�ï0ð�ª�ô)0��'u«�¬>át�®�ð�gP�t]�¯�ðP��°��Pý�(PK �pï_+

1.1. ±± ±�²² ²�³³ ³�´´ ´�µµ µ·¶¶ ¶�¸¸ ¸�¹¹ ¹·´´´»ºº º�¼¼¼¾½½ ½�¿¿ ¿LÀÀ Àÿ��ù��)��A��)��Á [�'�Â�Ã ]5ñ�ÿ��ù��Ä�Å�/�ë�ì�Æ�h�è�ÇuÈAK3É��#\�ô)Ê `]AK��ïG+�Ë�Ì�Þ ÍP/PÎ <�'�ëHìP�&èA\&úu�P-P'=a�è�ÏPh(á�ÿP� �P�Pù_�P,3-P� .�/2õ0öL÷�øù5úô3Ð�ÑAä�(LK&ð�Ý�Þ�� 5ñ�Ý�Þ Ò�ù��á#Ó�� [�Ô��è�Î�< '�Õ�Ö ]L¯&ðL��{�|)(LKL��ï�+TCO(Total

Cost of Ownership)ñ

QoS(Quality of Service)'Ga�ñ�K_6�×LsHè�ÂPÃ�/�Ø�Ù �bË�Ì [�'�Ú�Û�õ3-�Â�Ã��ä�(�ÂAK��pý2ð�%A&�ô7'��)(�*��>äpþ�+�gA&�ä¦þ�Ø�ÙP]5ñ�Ý�Þ ��Ò�ù��è7Ü�k��/�Ý�Â�� 'bajè�Þß á)à�á��un��â��àLU7��-�Ï�h2ÿ)- ÷ è7��Õ=��ä�(��ã2ä3�bï�+�ä�å�æ�çPè�'bapè�Ý�ÞP]��5ñ�Ò�ù�NèuÝ�Â��G��P�7$�é�ô)×�'��Lð�g��X�¯�f��jï_+

1.1.1. ê ê ê�ëëë_ìììLííí�îîî=ïï ï�ððð_ñññbííí=òòò�óó ó»ôôô�õõõLöööA÷÷ ÷Gøøøùb6bè�ú�O�è�� 5ñMatthew Broderick û�ü è��ý�� L\7þ=��V�ÿ��Ó��è�-�ù��Hù5ÿ��ù��ô�@f��>ñ��&ôAX ��0á�_g&ä�_&bôu'��(*ä)��&

"Wargames"��K_&��0á�_|�(�K�ð ��KL��ï�+�g�è��P]Lñ

Broderick��Ò�.5á��)(L\uþG��V�ÿ��7Ó��Hè>ÿ��NùA�

(WOPR��Pýð

)ô� �¦�\3WAä�ñ��"!$#L¦)W�è�#�¦�UHá�ï�%P(7Ï�h�ï2ðbê�&�E�I�2�'0÷ (*)7\u]*+�ù�.�,�-0á&ä�(*ä�7KL��ï�+.�� */�2#�=��0 ÿ�1�è

" 2 � " 3�4 ô.5*65übý2ñ 1983 7 è�8�9�Â�5�6�]7$�:0á�;��Hþb��{|L�pý (LKL��ï�+�g�è��è�ê�< ��ùb6bèê>=�/Aâ�W�ù�à&ô@?�A2á�B_|�ñ�gNè��è�CAK û�D �7~�E,)-��.&ô�úPá>ö�úNï2ð�è&ô@��ÂAäpþ�«�¬0á# *FHô3 *�>ð�%A&bô7'�f��>äpþA+�g�èu«�¬�èG&#�èHG ×�war dialing

�Hä�(7EG�¦ýP( K�ð Xpè�]ï— I�J ä�þ�K�L0ÿNùNM)��àPO�'��ö�ú)-�è7S��u1P��QP] \R U�âS��Ò�.7¨�©Hè�ä�T�U�V0át��Wï0ð�«�¬P]�ï_+

10 7*X d �*ñ3�ZY�[ 9*\ (FBI)� ��B&ï*ð@]*^Lè�_ ¥A��Lè�`*a��ñ)kAÿ>ô�b*ðS]c^Lè(ÿ � �L�Pù�7à_UHèHãZd2ô_%Gfñ

4 7 �Ls�f#]�eZfLè��bK>ÿ�� L�ùb��ú�á0ö�V�ù*ñ Kevin Mitnick��gZh+üý

25?&è0ÿP�P� ��ù_��Ê�-_\&úu�P-�Ò�i�¦7-�j�kL]��l(ü�ýG�>äjþ�+

Nokiañ

NECñ

Sun Microsys-temsñ

Novellñ

Fujitsuñ

Motorola'_ajè7EP[�m��Ê�-_2Nù�->ÿ�ùNM è�n�o��qp J 8 r�s US

MCW&ô�d5ðt�o�uLôu'=f��&ä�þA+�v 3 ñ FBI

]��gbý0á0�ÿ�w�d�]qx�y�è>ÿ��NùL��7��z�{b��'Lð.|�}_&3�~�'-ä�(LKL�>äpþ�+#Ý�{�� @f�ñKevin Mitnick

��1��68s��è� ��2á��0übý2ñ

2000 7 G�� 21Ëô@��=��'5ð��)]

60s��5á�� D ä3�>äpþ�+�üL��ô&ñ Mitnick

�5ÿ��ù��è��Â�Ê�-2ÿ��ù�)��èLK7s�'5ð�ÿ��#�WP��â#��bX2003 7 �#]��=®7��ý��&ä�þA+ Kevin Mitnick

�7R�Q�&��(êá��AK@��*��]��P-�ø�ùNMbá�ç��-ä�þ=f�,)-��.7��\Hú3��-Pï0ð

)è7BPD7� ] ¯P�Nþ�� [�9��%( KP�bï_+

ë�ì ��A�� 5ñ�é�ê�ë�ì2ñ�'c�)¦ R ��,��#W�ë�ì0ñ��è��~�E�ë�ì2á.6��ï5ð.�Z�_��ö�ú�õ5ö÷�ø�ù0ú3�>è�ÐLÑ ��y�ï(ð�ôu×�ý�� 7 ô_X~b=�3(��c� ät(_*L�5äjþ�+ MitnickN ?L/

VladamirLevin

NP?( �� 1.1.2

á.¡�¢)'ba�ùb6bè�N�£ �L¯bf�ñ�gA&�äpþ�N�£ ��g�ð#�2ñ7¯��¤5ð#Ö�¥�èÝ�Þ ��ë�ì�è�¦�§=�6��è�ç�¨AK3�2á�©�{0ü�Q=�¦ý2ð�g ��ô7'=f)�>ä�þ�+7¦ ��ù&õ5ö&÷�è�ª�ÊP�5ñÒ�ù��Nè7j�k��&ôu}*«�ð��¬Hèq�óLá�®q�5üQ>ðxbX�Î7<P'u��è�¯_��×P]2ä�þ�+

2 ° ° ° 1 ° ° ° . ± ± ±�²²²Z³³ ³*´ ´´$µ µµN¶¶¶¸···�¹¹ ¹

º�»½¼S¾�¿ÁÀ�Â�Ã ³ »½Ä�Å�ÆÁÇSÈcÉcÂ�ÄS»ZÊ½ËcÌ�Í�Î�Ï�ÐÁÑ ´ ¼S»�Ò*Ó�Ô*Õ ± Ò�Ð½Ñ�Ö*×�ØÁÙ�Ú�ÛÁÙÜPÝ ÈcÞcß�ÐÁà.á�â*ã�»�¿�ä�á�â�å�æ*ç*Ó@è�ÐéÑ�ê�ë�ä�ì�í�æïî~ðÁñ òôó�õqÉcÂ�ÄS»cÊ½Ë*Ì$×20 ö�÷ø�ùôú û ¹�ü�ý�þ ÿ ñ È�� ü�� È��.È�Þ�ßÐPàñ�ò>ñ ü Íôó�õ�ÉcÂ�ÄS»PÊ½ËcÌ ÿ�� Ì�ÀS»q¿*×½õ��»�Ò �� Ò µ��éÿ ñ�È�� ý�� ßñ��½à �Áß½îSõ�ÉcÂ�ÄS»PÊ½ËcÌ �� Ì�ÀS»�¿*× !�#"�$ Í�%�&ZÓ�×�'�( � � ÈcÞ ü ò½Ç� ÿ Þ�)* ÿø�Ðôà

TCP/IP + �cÒéÄ½Ë@Õ�Ó-,��.Áß � ��/10 ±�²½³P´~µ ¶ Ò½Ä�Â�2�»43$Í ü#5 õ�Ê½ËZÌ�6q»PÕ!&$ Ó87ïî:9�; ��< Ñ =*»�>*»�ä ��± ÒcÓSèNñ�È-?�@�A ��B�C Ó ü Ç.ÈcÞcßÐÁà D�E ��ý�þ Ó�FPîÉÂ�ÄS»PÊ½ËcÌ + �*×GF½î:%�&PÓ ü ÇSÈG��ßZñ��ÍZõ�ßH�&�I ��J ;ÁÅ�K�LÁÑ�F�) ü-M�N ×*Þ 5 ��ò <î.õ�O�P ü %�&�× < îRQ ü Þ ÿ ÞG) M�S Å�T�U ñ È�Þ*ß�Ðéà

1.1.2. V V V�WWWYXXX�ZZZ�[[[#\\ \�]]]Y^^^_ZZZ#```!aa acbbb�ddd�eee�ff fÀ�Â�Ã ³ »½Ä ±�²½³P´�µ ¶R��g�h>ÿ�i1j Ók�lNñm��û ¹�ü ð8n M ÍcÞ 5 �*ò < îSß~ÐÁà o�pPÓcõ�À�ÂÃ ³ »½Ä ÿ ì�í ±�²½³P´�µ ¶ õ ��q#r Ó-s Ý Ñ~û ¹�t�ü_u ÓSèNñ�È�v�wÁÅ!sGFxôñ��û ¹*ü ðn Mä M�N Å�y�z�{cÓ�Þ 5 ��ò <-| È�s��ß�Ð½à

1.1.2.1. 1930E E E�}}} ÿ ÿ ÿ 1940

E E E�}}}

• 1918EÁõ~�»G��Â�3�Ö �� Í��!� �� Å ý�� ñSßZñ��Pàá�â ��1�1� »PÄ ��1�� É�Ò�ø �G� »½Â µ�² ÒïÌ � ã Ë ± »G��Å �� ã>Ë ± »��Ó��>ñ@ßÐÁà��n�×�� + � � %&�� ÿ Þ�)��ø�� ý�� ßPñ��ÍPõ�3�É��PÓ�F�ÇSÈ�� ö�¡�¢�£�¤ õ + � � %�&�� ÿ Þ�):0¥ t Í�¦PÞ�H � � ßPñ��½à §�¨ ü�©�ª�« õ Alan Turing

Ó�F½î:��8� � ÀS»43¬�®*Í�¯�°Nñ@õ ±² � �-³�´ Ó ¢ Þ�Ók�l�ÐéÑ�* ÿ�ÿ�ü î�õ�µ £ Å 1E�¶�L1� ÿ ú:·1¸ � È�Þ�ß~Ð½à

1.1.2.2. 1960 E E E�}}}

•��¹1º ³ » ± Ë��!»�¼ ¢�ª (MIT) �-ª�½ Ó�FPî Tech Model Railroad Club (TMRC)

Í-¾�¯ �� õ ª¿ � PDP-1ãcÉcÂ�À � » � À�Â�Ã ³ »ZÄ � Ò µ��-Á�Â õ �� ÃSÂ��SÍ��Ä �� ßÐ½à qÅr F

5�Æ ó � Ñ " Ç Ë�È�» " ÿ ÞY)RÉ�Ê�×�* � ��¿�» � Ó�F�Ç�È ½ �*ð �� ßÐPà•Ôqã ´ È�Ë�@�Ì�Í�Í Advanced Research Projects Agency Network (ARPANet)

Å � ý ñSßÐ½à�* �×½õ � »½Ä ÿ ì�í � á�â1� ü�Î�Ï1� ºcÉ �Áÿ ñ�È�Ð Â / ª�Ñ ¹�»ZÕ�¿�ø�Ò�ÓéÅ�QÁß~Ðéà�* � Í qÅr ÉÂ�Ä.»cÊPË*Ì ÿ ñ�È Æ ó � Ñ ²�ÔP´ Ô�ÊZË�Ì�6@»*Õ Õ�Ö �8× Å ��ß~Ð½à• Ken Thompson

ÍUNIX Ø�Ù�� » µ ¶ Â�� Ò µ�� Å� ý ñ@õù>ú " Ç Ë�È�»GÀ � Â�3 ´ » ü " OS

ÿ ñ È-Ú 5�Û�ÜY�� ßZñ��Pà 8��Ý�Þ ×Zõ�* � OSÍ�Ó�� ´ É"ñ$ä�ÐZÞ8� ý�« �S»�¿ ÿ À�Â�º*É1��»ø < îqõ�ß8�éõ �� ÒÁÙ ÿü Ñ =*»�>*»½À�Ã ³ � µ ¶R��ß�à ø�ÐÁàá�x�â�ã � Ócõ Dennis Ritchie×

C �1� �� ·�ÊéÅ!� ý ñ.ßÐ½à�* � ×-äôó 5 À�Â�Ã ³ »cÄ�z�å�øqù ú�~ZÃ ³ �.» ü�Ç Ë ² Â��·Ê�ø ñ�æ8)Sà

1.1.2.3. 1970 E E E�}}}

•��ç �Gè1é�ê�ë �Yì Ý ÀcÂ*Ã ³ »ÁÄ ´ ¹c»�ºîíï� ý�� À*Â Ì8��ÕZÄq»*ø < Ñ Bolt

õBeranek

õ éê Newman

ÍôõARPANet � ºGð ´ Ë�Õ8�ÁÕ�Ò µ Â �_ñ Â ÿ�ü Ñ*õ Telnet �� ÌSÀ@¿ Å-� ý ñqßÐôà1* � Ó�Féî@õqò��cÈ�×��ç ��è1� À*ÂôÌ!��Õ*Äq»�ä ª1Ñ Ð Â1« Ó�ò ó � ÈZÞ�� »éÄ�ÊéËZÌ6q»PÕ � Æ�É*Í�ó�� Ñ�* ÿ Ó ü î.ß�ÐéàPñ ò ñ@õ Telnet

ú�ô�õ�åÁõ ó�öéÊ½ËcÌ�6S»PÕ�Ó�×�ù ú÷ %�ø ü�� ÌÀ�»�¿�ø < Ñ ÿ Ð½Ñ ±�²Z³c´�µï¶.´ ¹�»�º Ô »éúÞ*ß~Ð½à

• Steve Jobs ÿ Steve WozniakÍ

AppleÀ�Â�Ã ³ »½Ä�Å Õ�ùNñSõ�º�»½¼�¾�¿éÀ�Â�Ã ³ »ZÄ (PC) ��ú�û�ÁÅ��ÄNñ@ß�ÐÁà

PC×½õ ü�Ö*ò � 9�; < Ñ =*»�>*»�ÍcÔ�¾ � �8ý ��ôÿ war dialer ü_u�� ö + PC

+ � Ç »þ3�ÿ��ÔPÅ.Æ1Éïñ~È��1�ZÓ � Ò µ1� Å�Õ��½Ë ² Â��@ÐôÑ��ôÅ ª� Í�òïî ÿ�ü î@ßÐéà

� � �1� � �

. �� 3

• Jim Ellis � Tom Truscott � USENET �� !#"�$&%�'�()+*�,�".-."0/�1243�2.5.6�7.89�/�:; �.6�<.=?>[email protected]�B+C4D0EF�G�B.�.H.64$I% USENET ).JIKL5�M�N.O�P.��2.�Q�RO�S�*�T+UVXW#2�YO.S*�Z&!R[+\]+UR�YO.S"�6_^LF�`�D�a�`��b.c�$I=�de^?f�P��.]02./Yg�h?2+]0H�F�i&�Rje�/lk�"L$I%

1.1.2.4. 1980 m m m�nnn

• IBM � Intel 8086 o�D�\�p�q�p� lU�r+M#s�tlK�*�u�v�9�w�x/�`�2.��\#y�z4F PC �0{�|&*�}�~� !#"�$&%�'�(�M��k�*��+g&��B.�&�X�.��.�I"�6+N�O.P.��2+C � �&^L�&�#,?(I"�!X��%."��+* PC��9�6.�.��!��$+��2�Ee��!X[�� $&=0F�M#�.��!0"�$Y%��.��9.6.��!��$��42�Ee�)Y*��&��M4�+W�g�E�6��+�#��$eK�*?��F��=�1�2�3�2.F_�X��Yg&��B�M��=� �2Q¡�¢�£4`�F�¤¥ �?¦�§.$I=�^LF�6e!X�+%

• Vint Cerf M��¨0[�{�|&,�(�� Transmission Control Protocol )Y* 2 j+M#©�ª�!R�.«.¬.��2��.M4/+¨[��"L$I%4D�O.C�2�T+U�V�qpeV?N�24E)�'�F#©.ª��I�X�®¯!�*?°�±�F TCP/IP q�peVLN�2�E)�²_³F�D�O�C�2�T+U�V´: ; $.µ[�F�¶�·_�R/ek�"L$I%

• gY�L2��IO�S�*07.¸&G4B��H�F�¹�º¼»½ ¯UR�YO.S#/_¾?F.©�¿+M�À�Á�=0{.|&��s+M&!R[Y* 2600: TheHacker Quarterly o�Â&Ã�O4�+Ä�Åe,#(e*4ÆÇY�4ÈÉ&MÊÁ�[_NOP��2IC��_N�OP�#2_C�TIU�VW#2�\�F�\�]�UX��O�S0/&¾LFlV?P�U�\�F4Ë�Ì��.{#ÍI,L(I"R$I%

• 414 Î&zYO�S ( Ï�ÐY��Ñ�ÒÓ!�*4 QU?�_OS4Ô�Õ_�#Ô�/_¨4[+��Ö�×eN42Ø¡?M�Ù./�Ú�6�Û�ÜIÁ&��(= ) �Y*+Ý�³?5�M�Þ.�+=�\.]�UX�+O.S�ß�àF�á[�M�?â�M��.¨�[�ãä�åI"L(I"?$I% 414 Î�z�O.S#)Y*p�Bæ»ç`�]0è�B�é�¬�ê�ë�ì&*�í.î�ï.ê�ë�ð�ñ/_¾Rd.ò�ó.ô�õ��F4~�ì/_¾LFYG�B��.H�M�ö�÷.ø�ù¯![��"�!X�+%

• ú�û�9+\]+URü�2+S�E2�q.6��¨�� Legion of Doom � Chaos Computer Club �Y*�N�O�P��02YC��7�8a�2+C�T+U�VXW#2�\0F�ý�þ�ÿ�M�ö�÷�`�\� .B��{4Í¯!�"?$Y%

• The Computer Fraud and Abuse Act of 1986 � Captain Zap ��!R[_^��l�R(&= Ian Murphy F�ö�÷`\0 �B�M��X[��6��Y,?(I"?$+% Ian Murphy )� ��F+N.O.P.��2+C4M0ø.ùY*��.��|��Fa.2+C��2.B.�&��I��ä�*?Ô��ó��F�74¸.b�c��e!X[� "!Y�?��¯!�[��"�!X��%

• Computer Fraud and Abuse Act M4st_<*�#�$ì�)%'&)(.®�F Robert Morris ��D+OC#2YTIU+VM*)+Ø!�[I�� 6000 �_��,.-�=�N�O�P��42eC.M�/ !�[�è��BYW.2�H_��"�<�0Q�+!��1�6'2)1'$�e�43 !�"0$e%�'4F�5'6YM�st_<�$'��3_¨��7�F�2Û�/�8'9�)I*�ò):<;�=)>�&�F Herbert Zinn6+* AT&T ?@�`�A_�Xü.éB�C�DF�ì2�$I=�G?B.��H�ME/.$Y=? eUX��O�S�Ô�Õ_��ö.÷��.��6_!��%

• èl�RB�W42�H�#�$�FY�GFR/�8�9�_K�kIHY,�(I=�'��4�EJK�!0*�N�O�P.�02+C�12�32�M�TYU�VLW#2\4 �&�Y�L�Ó�IL�M+M4j+��[�N�O$&=0��PYM CERT(Computer Emergency Response Team) �.� ,?(I"�!X�+%

• Clifford Stoll � The Cuckoo’s Egg �EQ�R&*��R©�FYG0B��H�M#ö�÷+`�\# �Bl!R[��=.\]+URü�2Y�¹.º¯!�[�ÔeKX¸¯!�6�$I%

1.1.2.5. 1990 m m m�nnn

• ARPANet ��S'T&M./Qk�"0$l%�'#F&TIU+V?W�2I\4�e�0F.b ; )�D+OC42ITIU�V�M�U�Ô !L[+��<�"$I%

• Linus Torvalds � GNU �'V.W�2�� #O�S+G�B��H�6��$e=��PYF Linux ü�2_T�Ee��{�|Ø!�"$&% Linux F�{�|l��X�Y��Z�?�!R��F�)Y*�[l��!X[�DO�C�2+TYU�V��\�!X��1�243�2&�?{�|.É�F��.b.c�M��.=�]�^�F�_.á�M��=�^LF.6�$Y% UNIX ��`ae��$I=��PI*�bc.�.¶�M#/+¨�[��= ( \�p#2d ¡Ee02�B.fR��VgW02�� ?O.SG0B.��HY��h�àl!R[��=�W�ÂYG�2�r2i2M4/¯!R[+* Linux ��j�k/�nl OS ��mn6+<�=�o��Y,.��I¨�� _UXü�24��pq�ÉF�5.6#d_^Lf�P.��]�2�6�$+%

• S�].gI� ü�E Web r�]4¢03)4�.�F�D�O�C�2�T+U�VX`�\� .B�F�s��F4t.¤�/#òI"�k��u�@Y"�!��+%

4 v v v 1 v v v . w w w�xxxzyy y'{ {{I| ||~}}}��

• Vladimir Levin �"�4��G� CitiBank ��z��'��z��xG��G��z��¡ ¢�£�¤¦¥.§ ��¨�©gª�«¬��<�®z��¯¨~�"°�±³² Vladimir Levin ´�µ�¶�·�¸�¹�º�»�¼�½�¾)¿�À'��"�Á � ¥ �'ÂÃ"��Ä�Å³Æ�Ç³�"È�É�Ê�©��Ë"Ì<Æ�Ç³°'��Íz²• ÎGÏ��ÍG��G��Ð��)Ñ�½ §�Ò.§�Ó ��Ç�Ô�ÕgÆEÇ'Í��´�Ö.×�Ø Kevin Mitnick ½.�zÙ�Ï4²E«�¬'��ÚÛ³Ü ��|Ý'�4Þ.��xG��G��ßàá��â�áãÔ�äg× 2

¢å ª�æ³ç¿��èéz�'êëÐ� ¤ �4ìí³��î�ïðñ ��ò<Ã��)ó)¿�ô�õgê�ö)÷�ø��Gô��<ùE� ¤ °�½�±ú'�GªEû�ü�ý��½�±g²�Ä�Å³ÆEÇ³�"þ�ÿ��½ß�� ò"�� °)��Íz²

• Kevin Poulsen ��'´<��¨'��¨gª��±g¿�Í��G�)��é ��!'�þ�" Ü ��|�Ý<ª��# � $�%��°z��Íz²ù��&y��G�('�)þ�ÿ��½4ß��g��ò*"� 5 ��,+�·��,-�.GÆ�Ç<°z�IÍG²• ��G��x<��/�gõG{��x<��4��"�0'´�1�2.��ò3��4�5'�G��G��Ð��´�6� �7�8gÆEÇ<¿ DefCon 9: � ;�<��)��xG��ª�=³ÃE�,>��? @�½'ø�À��ø��BA�C<ª'��ó�°�±³²• À��<��D ¥ á'½ 19 E'��F�G'�G��H ¥³Ü�I/J�K�L�M Ñ�� £ µ�N�O'� Ü ��|Ý�P��Q�¬zË��/R³¿�S�T³ªU�V ��Í �'��Ä�Åg�Eß�� ò�°z��Íz²�WYX�!'´G� £ µ�N�O'� Ü �|�Ý'�BZ±g¿\[�]��^�_'�'Ñ½ §a` ��b'�Bc�d)� e�f³Æ�Ç��ghji�k�l�ò,^�_nm��ó'°�±G²

•£ µ�o��p�qg� Janet Reno ´<� £ µ�N�O Ü ��|�Ý�P��w�xGy){�| }rS�s��t�9)�Bu�v��4� NationalInfrastructure Protection Center ª\w�x��°�±³²

• y'µ�z�ÿ�{'|<��À.êI��4�|'��z�B}�~gª\��Ç³��gª��³ÆEÇ³°E±³² Ò�� l��´G��y�µN�O�´,{�|G��À ê¦��}�~³ª\��±<¿�Î��½��°'��Íz²

1.1.3. � � ��B��Y��*�� h��/��2000 2 �³� �� DoS ^�_'�<��À)��<�)êj�'½ § ��bz�B[�d'ò�A�ÿ��.�"ò<¿E«�¬'��{GÀ.ê� ��G×�Ç³°)��ÍG²\ �s)��¾'Ã�Í yahoo.com � cnn.com � amazon.com � fbi.gov ��4��¡³�"��{)À ê´g� ping flood � § ¢�£ Ç.¿'��³é ¤zÀ�ê�� ICMP ¥Y¦g�zê ¯�ÿz½¬¨§��z��R© ¥ �³��³ª��À�ø �ª Æ�«.×�Ç'Í�Í��g��¬��®'��¯'��ä ×�´�°ÊG�B±�²��³ ��ò3"°G��ÍG²�4�|��^�_��G�)Â¿�Î��^�_´<��^�_gª�´��B��±Gó��z�'ê(µ4�z�/{��¤��Gª"�x I �)�4��{��¤�)� ê·¶�À��,¸�¹ � ¢�£ Çg¿��À�ø)�gê�ø ª {/¦�� Ünº ��ª�À)�� ê � ¥ Æ(«g��ÇG�B»�¼~��Í'�4Ç�½�Ç'��{��¤��^�_h¾ ñ��{GÀ.êEª�¿�ÇgÆ�«�»�³gª�À�ÁgÆ�«'�.�4°zÏ4Î)��½�^�_��<��ÀYÂ4��ª�eg¿�)��ó<ÏÄÃ�Å)�B%�Æ³ÆEÇÇ Ø È�Ë)Ã��)ó)¿ ª ¶'��Ý<ª�É�Ê~��Ë�ò��Ç<°G��ÍG²�É�Ê��)ó�Í ¥ �G�� ª ¶.ê�ù�� ¥ ´<�Ì ÿ�Í��G��¥�¦³�)ê¦¯�ÿ'�*¾\l)��Î�Ï'ògØ�´�ÿ��<�"��±�ú��<ª�´��BÐgÃ"�.�4°)Ï�¼�Ñz��ò<Ã"��g"��Î�Ç��QgØ��á�äg×��Ò³Æ�Ç�Í,Ó��l�ò�Ô�Õ�½�±³²Î�Ç��hÂ�èBÖ�ø4Ý�´h×�°��½G�\Ø�Ù'Ñ�½�Ú�Û 9 Ü 4 5 Ý ¢ á��'À'��E��G�'ê�ª(É�Ê��ÍGÎ��'¾¿°EÍ´�É�Ê��'ó'°�± (Computer Industry Almanac, 2004) ²B?,§'�'�

• Þ�ßG� 1 à��³� Carnegie Mellon University � CERT Coordination Center ��Ô�.�Æ4Ç<Í)wzx y³{| }rS�s�´�á 225 âz¾n"°�±³² 1

• CERT ��Ô�.³Æ�Ç�Í�â¬�´ 2001 �� 52,658 â³� 2002 �� 82,094 â�äg×�� 2003 z��´ 137,529 â� ã�ä,��"°z��ÍG² 2

• [�] 3 '��å�æ�ò)À)��"��G�'ê�ö�} ¥ �~ê�� ª 3 �)Â¿(Ø�Ù�ç�è�P��é�ê'´ 132 Ü US¤ë¥ � �³¿'�

Ú�Û³Æ�Ç³°�±³² 3

ù��&�y��<��w�xGyG{�| }¦´'¾<×(ëz¿ IT ì�í'� # X�ò�e��î�³�ç�ï.��òGÃ"��ó'°�±³²��z�"��ðÊ�ñ.��òGó4ß�Ê�ñ³ª(ó� ��±³¿EÚ Û ��ô�õ�´z��ö��'� Ü ��|ÝG�\{��÷��G��ãÔ��ÿ�ø�ñgª 24 §��õ}'½�b)�Bù�ú�±g¿�Í��G� Ü ��|�Ý�û�ü��g�/7 Ì �<��Dg�é,Ö�ø�ò*ý�äg×��þ�ÿgª��È³�4°E±³²��ßG¾)¿�®'��¯'�<� ª ¶�w��<��e�f�l�^�_'��G�4ò<¿)�"ógÏ4Î'��´<��Ú Û �/ô�õ'� Ì�� ª��±��ä�±§ �³��ò"°�±<²1. Source: http://www.cert.org2. Source: http://www.cert.org/stats/3. Source: http://www.newsfactor.com/perl/story/16407.html

� � �1� � �

. �� 5

�� "!$#�%'&"(*)+ ��$�*�,�-�/.�021�3�4"56�768:9�;"<$=�>@?A=�B�C�D�E+D�F�GIH+J*3"K�DLAM�N =�O�P�QA=R�S N QT=U@V N Q�7AW"X�S@Y�ZT[@\��9�]��^�"_�`TaZ$b>�?T=cB�C ( acdI="E"D>�?A=�B�CAX�e�f@ZA['g^h ) D$i@j�! �"k�l XS@Y@Z$[�\��'.*=m�n�7@ @�*�*�:��po*q@r�Xs�t@ZT[u <"v@w@x@��<"ZTb

1.1.4. y y y$zzz {{{6|||c}}}�~~ ~:��*��*��3��`�D��@��D">@?^�:�@��@�@�IHT1�d@9*�cK�3�aZTb@\`�.��"�"� (American Medical Associ-ation - AMA) =c�� (Institute of Electrical and Electronics Engineers - IEEE) =+7^WcD�� X��A[��<�e�fA_�`Aa�ZAb�F�G� ��*�*�,��:H$�� S@��9��T�*1+aZAb� T¡D� @�$�*�:�-�¢ rc£�¤^¥�r %/��¦^r�§�(�9T='¨�©�ª (Confidentiality) =c«�¬�ª (Integrity) =c�P�ª (Availability) D@®¯@° X��"�cd CIA ��1:K�± ²:`T[�@�� @�*�I�:��³@�TX,´@µ�K�3�a'ZTb�\�D 3 ³��.*=,¨@©�H+¶*['FG�D�·�¸�ªAX�¹A��d28�=� ��$�*�,�-� N�º X�»�¼�ZA[�d�µ*H+½@¾�¿�H�À*Á+Â@`6²,`$[�³��<�ZAbÃ�ÄH�= CIA ³@��D"Å@ÆTXÇ�È 1:K@ÉIÊ�a'ZTb

• ¨�©�ª (Confidentiality) — ¨�©*H�¶�Ë$[�F�G�Ì�D�Í�)� � .�Î�Ï@Ð��T_�`�d�g@Ñ*H+Ò68ca�ZTbÓ�ÔD�7I3�Õ�V��F�GID�Ö�P�.@×IÒ21"acZ b�Ø M+Ù =cF�GID@¨�©�ª2��.$=�Ú�Û�D@Ü�gÞÝàß�á�F�G�9 IDâ�ã �T)�ä�j*#�%på�æ�7 WD�ç@è*é�[�ê,¿$Xë�J�Ó@Ô�D@7�3�g�Ñ�H+Â@ìA_`�7�3�íIî�HcZA[@\��'<ZTb

• «�¬�ª (Integrity) — F�G�.$=�E+`6ï:C�9�ð@ñ�¬Tacd�.�ð@mT�"H+7*[@íIîóòAô�õ*X@_`�K�.�3@Á�aöõ*bÓ�Ô�D@7�3�÷�(�ø�(�H".�=¨�©�H+¶�ËI['F@G@D�w�ùúÝüû@ý�D+þ�ÒIX�Ò"�21�aZ$b

• @P@ª (Availability) — F@G�.�Ó@Ô�D�é�[÷�("ø�(�H+."]��7$�"Ê+3�J�<T�cÍ@)� � <IÊ@[�í�îH*1K�É$Ê�a�ZAb��P�ª�.$=�F�G�9�ÿ�è21,K�3�[��6�"¥��+r�+<"Â�ì�<$Ê@[��c3Aî��<�ZTb�\`.*!$#�%'&"(*)c£�($i � o� ��§"( ��E�DI)�q��@Í�rT%ó<�é�['>�?��<�O�PT_�`T[�£�($i � ä¦¤��D��7��(@ *rc��(*j'��è�Î��H"¶A1:KIí�¡��$_,`Ta'Z$b

1.2. �� ! #"" "�$$ $&%% %('' '�)) )¢ r�*��"(T¥+ ��T�T�'�-�/.� ¡�D+�ÿ =-,�7A[ 3 J�D�. � ¥�(�/��10T��H�2IÁ$²'`A=�½�¾*H ¢ rA% "("¤^��1:K�3 Ù `�K�3�a,ZTb

• Ñ@S�¿• 4�5�¿• 6@S\cD7�8I3 3 J�D�/@�90��:.�m@n�7� @�*�I�:�� s�:�D�;��^�'7*[�ê,¿*X��<21caZTb@\cD/@�90I��=H�£�>�/@�90I��9�éA8c="E�\c<I_�²�H ¢ r$%? �(�¤ �cE�D�s: N Q$X'Å@21�aZ$b

1.2.1. A A ACBBB�DDDFEEE9GGGIHH H-JJJ�KKK�LLLÑ�S�¿ ¢ rA%M �(�¤6�.$=�¨�©*H�¶�Ë$[ON@($¥�= ¯�P 7AW,Ì�D�Ó�Ô�D@7�3�Í�)+ � XOQRúÝTSR@ZA[d�µ*H+O�P�ZA[�Ò��A_�`�d�e�U9=�<� ��$�I�,�-�WV�XAXs�:�ZT[�\��'<�ZAbÑ�S�¿ ¢ rA%? �(�¤�D�Ø��1�K@.*=

• Y[ZO\]�^�/�_*q• `@��a�± / b��a@±�D�Í�q�(@� �� • @�*��:� �dc@(�e• f�g@Â28 ID

• :�hT=-N^#[e?i�¤ %"1:d � �2�p("¤jke�Í

6 l l l 1 l l l . m m mnnnCoo o[p pp�q qqsrrrWtttuu u

• vCw�x�ykz�pO{O| ( }�~��?��C�O��1��1��1��?�� )

1.2.2. ¡ ¡ ¡C¢¢¢�£££F¤¤¤9¥¥¥I¦¦ ¦-§§§�¨¨¨�©©©ª�«�¬�[® z°¯±²[³1�-´�µ ¬ �¶�·9¸ ( ¹�´ ¸ ) º�»1¼�z°½�±9{(¾�¿9��ÀkÁO�-Â�Ã[Ä�±1ÅO��Æ[{�m�|º�� -Ç�È�� O��[�É�ÊFË[ÌMÍ�q9{�Î�¯�ÏO±C�-��Ì�Ð-��Ñ ª�«�¬1�® zM¯�±�²[³ÒCÓ�Ô[Õ[��Ö× �°Ø��9ÙC� � qC{�Î�¯[Ï�±�Ú�Û1Ð°Ü�ÐM�1Ñ

• ÝÞ�ß• |�à�±�zâá�±sã• »9¼[z?½�±C{-��ä• Æ�{Om|�Ç�È�p?|�z• å[æ(w(²�ç�¾�è�éê�ë�å�z?ì�í�Æ

1.2.3. î î îCïïïs¤¤¤9¥¥¥I¦¦¦(§§ §�¨¨¨�©©©ð µ �® zM¯�±²[³1�Om�n1o9pMqIrâ�~[ñ ¬ � uò �-ó�ôsÌ�Ð�� Ñ-õ�ö ¸ �(÷¿ ¸ �¾ ø�ù�²[��ú[ûÐ(�³�ü�û[��ý�þ�ÌO��ÿ�Ú � � p(ë-±�|�º �� Æ�{Om�|��1�-��C�°Ø��9Ù[� �� ó�ÌOÐ°�1Ñ• z�ø(± � ®�� Ë?��• ��C��Ê�� Ë�� ®• ~�û��Ë�� • ~�û�!�"�Ë(Æ�á[ì ® qkr ®��

1.3. ## #%$$ $&�& Ð m�n9o�p?qkrd��')(��°µ�*��,+�- � � �,. /�Ì�Í�0Ð�Ì �� Red Hat Enterprise Linux �ý� �21�þ[��3 4 ��5 6 � � � & Ë�Ú 0��Ù��-� � ÁOÐ9Ì?�1Ñ23�4 � ��7 �28�9sÌ;:�� (��³1�Om�n1o9pMqIr�� ¶ < � �-u�ò�º = >��2? � & Ë�Ú�@�u � Ñ & ÜBA��,C DsÌ Í EGF�Ë�� H �2I J�ß�� & Ë�Ú 0��ÐO��m�n1o9p?qIrK:� � H ��L�ó�M N9�PO9Ó�Í�Q�AO��R S[Í[ÓTF��[��UOè�Ú9Ù9ÁV/��C� � Á�Ð��1Ñ

W2W

.X X XZYYY\[[ [^]]]`___baa adccc

e fhg i jTk�lnmpoKq rts2u vxw;y z {t|�}�~��)� �2��w;�� h�� i ��s�w�� m� �� s �2�t|��T�n�h� � �� t�P��t�, T��¡�w��Bw��2¢B£ �� s,¤ ¥ {�|2¦�h�§��s,¨�©�{�|hª�«P�P¬��{T|,�®Ts,¯�°%w;��T��±�² �)³)|2´Gw�µ�¶P¡

2.1. ·· ·¹¸¸ ¸ ºº º%»» »%¼¼ ¼t½½ ½%¾¾ ¾¿ À ��Á%ÂnÃ Ä ªP�t¶;Å�Æ ��Ç)È ÉhÊ�� ®�Ëts1960 Ì À ��´T�� ÍÏÎ �,{�¡PÐ�ÑhÒ�k Ä i Â2ÓPÔ�ÕÖ × ��Ø ÙhÚ Û�Ü Ý Þ �)ß�à��Ö á âh´�ã�ähg Ý�Þ i Âhå s2æ�uxw��çwn}T¡ Á%ÂnÃ�Ä ª É �2è é)g ål Â �2ê ��)�)ëPì�í�î snï��ð�}�� ßPà�ñ�ò§ó Ä �PqÏw��¬ ô�¢ �)��}�õ�¦)´Gw�}�¡

�2¢ öh÷T� Á%ÂnÃ Ä ªP�t¶; ® ÉTø ò ù k ÄTú2û �G£nü�ýhþ�ÿ��)ßPÐ Ä �P´��B�;¬hô�¢�|��¶,��gÎ ��wn}T¡�Gª� � ��Á%ÂnÃ Ä ��G£n¢t|��g�� É �� ´ ø ò ù k ÄTúP� �P� m � ª�� Â�å� Ä �� ¶2�� {t|P�Ts2¤� ��!�" {t| Ç�# �$&%��h��| �hª,´�{�¡' Ä þTò�( Ä �)(�* å+�, � ��-�. � É ��0/1�02Bª03�4Ts ÁBÂnÃ Ä ª�� gÏwn� � Î �65 Ç s67%wn�T� ��8 ®�s2¬ %w��{�¡�� É � Á%ÂnÃ Ä É�Á%ÂnÃ Ä ��9�: s6;T�P��h�2{t¡ ÁBÂnÃ Ä��9�: ª É �6<�=Bª0>�?�� ¨ � !" É ��@�Ah´�³�| ��ª�� ¨ ��B e É�ø&C kD�mpo;��q {�| Á%Â�Ã Ä � °�Eh´)³�| �hª ª,g��P��2{t¡ � � � ¨�!�"h´T� ø ò ù k ÄTú �� m �� i j�k�lnm o ø ò å ÿ Ä�Üh��F sP�G��ªP�P×�G� g Ç�# s6H êxwJIxw0K Á%ÂnÃ Ä L ��2{�¡ :&M�É �PÐ�� ø&C ��N�Oç� Á%Â�Ã Ä ª;Åx¶;Å�Æts2¬�xw�T�QP�RhgG��6S Ç s6Tt�P�T��³�|�� É�U�V � g Ç�W ´��P� m � êX� Â�å � Ä �� h��i��{|2��Yts67 ¿ {t|P�G£,´�{t¡ ��¶ wn} ø ò ù k ÄTú�ÁÏÂnÃ Ä ��q {t|Q��Zhg�[�\ õ É �� ß ÂnÃ�Ä �g Î �,{

— 2� ��ø]C k�D�m o§s�^ ©�_�{�|,}�~

1980 Ì À ��`�a � ÁÏÂ�Ã�Ä ��bÏ£V¢)}�c�®T¡

2.1.1. d d d]eee�fffhgggjiiilkk k)mmmniiipooo)qqq�ff f�P� m � êX� Â�å � Ä ��r�s�tts . ïxw�� h��i��Ts2{�|6u1v �Tø&C k�D�mxo�� É ��T��h�whgT|�� ÜhÄ þ ��³ Î �,{t¡��2¢Ï£ � � ÜhÄ þ É ��i j�k�l�mpoyx�zts�{hgÏ¶0|h�"��}�|

" ~�� &�h��7 ¿ �,¢�� Ê��ÁGÂ;Ã�Ä��Ç�W s07%w��§{T¡� �� å Á%Â�å Á%ÂnÃ Ä ª É �� Â�å � Ä ��êt�2� m � sPm � å wn��X*�� Ä ÐTò2�Ts6x��t�6��qxwn� � � ��¶2�� ts6��ð�ê {��Ts6��¯ {t|�uh´�{�¡6�� å ÁBÂ�å ÁÏÂnÃ Ä�É �0/ � �� m � � �P} É��h� �P� m � �h�)ß Â j�ò��Q{��s6{)g��,{t¡ �� ª É i jTk�lnmpoy��z �� ´ � �� å Á%Â�å Á%ÂnÃ Ä s6� xwn}�ut��} É�� ´�{�¡2× Ù�� G��êhi jçk�lnm o ø ò,Ñ Üú ò å � >�?�� g��§� Ê�� )´�{T¡à�ß Â � Á%Â�å Á%ÂnÃ Ä É �)ß ÂnÃ Ä ��Ç ®h´�{t¡6��h��)ß ÂnÃ Ä�É þ�ÿ��)ß C ò��ê��P�m � ��{t|2×�G�� g� �¡�� É ³�� Î£¢]¤ s2��h��2��T¡¥t� ��¦�§ ��ß ÂnÃ�Ä É � ß ÂjTò��´T« |Pþ�ÿ��)ß � s�³��twn��,{t¡ �2� m ��¨ � � s ¤ �� ç�h��i��Bwn��6©�u�� gª�« � }�~��iTò �Pmpo�à�g�<�=ts6¬�xw�} Î ��³�|�� É �0®)� �P��m � ê)� Â�å � Ä ��¯�°�s6±²��§{�¡� í ��³ Ä�Á%Â�å Á%ÂnÃ Ä É ��Gª� � ��¦�§ � Ø Ù s2e%w�� å Á%Â�å ÁÏÂnÃ Ä ª ��´)��ÇW ´�{h�T��ª�«�� É�µ�¶ g � ��ö�·��)�0/ � � ¨Ts6¸ �{t| �hª L ³ Î �2{�¡��³ Ä�Á%Âhå Á%Â�Ã Äª É ��0/ � {�¹�º ¯ts6Y�» {t|�ª�«�� É à�ß Â � Á%Âhå sP��}t| � �� å Á%Â�åKÁ%ÂnÃ�Ä ª0¼X²P��´Ïw�µ�¶P¡��³ Ä�Á%Â�å Á%ÂnÃ Ä É�½ wn��whgT| Á%Â�Ã Ä�9�: s6T��P��T� Ê ¢�� É�¾�¿ s�À��} Î ��Á�Â�Ãg � ��Ä�Å s U �Pg��Æ Î � �P� m � �� {t| � É�Ç�È�É�Ê ª��2¢)��,{t¡ �§¢��Ïwn� É�Ë�Ì� ³)|hª��Í�´�{)��m ��Î � ��{�� Ê ¢Ï� �)É�Ð�9�: ��g�{��´�{�¡�� Ç�W ��Ñh´�³�¢t��)ß ÂnÃ Ä ��h��i �Bw Ê ¶ng�s ¤ s,�t�P��G��)ª,��Ò�²h´�{�¡2ö÷�� ¤ � ¢�¤ s�³��Ó�ÔBw;�)�h«��§{�¡

8 Õ Õ Õ 2 Õ Õ Õ . Ö Ö Ö�×× ×�Ø ØØ�ÙÙÙJÚÚÚ�ÛÛÛ�ÜÜ Ü

2.2. ÝÝ ÝßÞÞ Þáàà à�ââ âÏãã ãjää ä�åå åçææ æéèèèßêê ê�ëëënìì ìQíí íjîî î ïï ï1ðððñ&ò�ó0ô�õ]ö�÷�ø�ù�úXûQü�ýþ�ÿ�� Ö�× ÿ� � Ü ÷��)û��0ú��

2.2.1. � � �� !!!�"""$### %% %'&&&�(((*)))�+++�,, ,ñ)ò�ó�ô�õ&ö�ÿ.-0/21�ø�ù��.34�ÿ��5�6�õ.7�õ�ý Ù /�8.9: �.;0<Xó>=@?�A�<�ó Ù �B��6ú0�DCEF@8�5�û>G�õH.IXñ)ò�ó�ô�õ&ö�ÿ Û�J ÷��/21$KMLN Ü ý�O�P�û>A�<�Qõ&ñ&ò�ó0ý�R.STF�1'��ý�úûÿ�'UWV X Y.Z�[.\ ]T^�_�÷W`R�a�ý�F�1��Qÿ'��b�ÿ�]�ú—údcý>�.edb@f0g�h��5�i0b F�� j��U�5�k��l i��gQÿ�m.n�ý2o>p�_�öWq�r$F�8�a��ú'�

2.2.1.1. s s s G G Gõõõd^^^uttt�vvv2rr r1óóó�ñ ññ]òòò�óóó0ôôôõõõ]öö öw rxy.z{ Ø �'��KDqt'|�=@x~}��&ý��P�û�ñ)ò�ó0ô�õt�<��2��õ�^@��>_�ÿ��: Ü ÿ.��]ý�OP&û�g Ù �'�d��ú$�2� s�Ù I�õ�Q�ÿ0�'�� õ~^��>;'_�� s G�õ~^Mt�v.ráó��1 �0� <�rA�ò@��ÿ.��ý��TF��6ú0�W�0�'�2U�Qõ�^��ñ)ò�ó0ô�õ&ö�÷W�TF�8.�C Ø1Ù �]û�õT^0ý>��õ'Q÷W�C�ú�û Ù a2��ý�UW�C Ø1Ù �)û�õT^��õ'Q�÷D��P��T��{�ú�û��]�� s �21�>I�õ'QQõ��õ�Q2��ò]óJÿ s G�õ�^�t�v>r ó6÷W� CTF��Qú0�gÿ�� 'U�_d^W¡�r.¢£�¤�G1óW¥õ�I (arp)�1�¦�~}�__�ö2q.r�¥�<Xó@G�õ�I

(MAC)ý�§�ú�ûW¨©ª« Ø�¬. G�õ�H>I��6õT^�®�ÿ>¯�3.4�ÿ>6�õ7�õ 52k��]ý��û�_*^D¡�r>r�¤�õ�°�}�<��ý�b�±*b Ö�× ÷D��P�²�ú$K@�*��0ú��

2.2.1.2. ³ ³ ³�´´ ´Wµ µµ>¶ ¶¶ õ õ õ>···�õõõb��@¸ Ù ��ÿ&ñ)ò�ó�ô�õt'<��ÿ.¹TFMº�� ³�´�µ ¥<»�|õx�}D<��ÿ.¼½ ]�ú0�.��¾��2�.¿�À&ý��P�ûWÁÂ�Ã�.ÄÅÆÇÈÉ Ù F@8�úÊ�8�ÿ ¶ õ�Ë2r)÷D�Á�ÿ>Ì�Í��Î w <�ý�ÏÐ.Ñ{�úXûW� ��2�6ú0�gÿ.ÈÉ�Ò Ù UWz{��.Ó��.®0UWÔ�Õ ¶ õ>·�õ.Ö�×&ý�Ø�Ê�8.Ù Ú�.Ä�ÅÆÇ Ù �)û�1.ÛÜ�Ð��>5>Ý�P>]�ú0��F@idF�U ³�´�µ¶ õ�·�õ�]ñ)ò�ó�ô�õ&öW®&ý��Á�Þ.ß ?�A�<Xó6÷�b@1$h�F2�6ú0� ´�à¶ õ�·�õ�.áâTF@1.ãÐ0U�ñ)ò�ó�ô�õ&ö�÷DäN&ý�å&ý�æ 1�$K F@8dF2��@i�UW±ç�ÿ.ãÐ ��õ'QQÿ.opèé²êë�÷Wì��5�²�údK�F@8dF��M��2�6ú��g��F@1.ã�Ð0U2¸ Ù ��ÿ ´�à¶ õ�·�õ��.ª«�í Ù �d��U�ñ]ò�ó0ô�õ]ö�N��.î�ÿ _�öWq.r&÷@3�4dF�80F2��g Ù ý��*��0ú��

2.3. ïï ïjããã$ðððáãããçåå åçææ æéèè è ê ê ê�ë ëënìì ìííí î î î ïï ï1ðð ð¶ õ�·�õqt'|�=@x~}ñ�&ñ)ò�ó�ô�õ&ö�qt�|�=@xT} Ù�ò�ó ý��: Ù �d�2�6ú�� ¶ õ>·�õ�>ôõ&ý2¿À²�ö�ÿ.÷Û�8.�:��.øù�÷W�úT�@i$hD]�ú0� ¶ õ�·�õ��.áâBF@1.ã�Ð0U ¶ õ�·�õ û�ÿ�ú�Ê�8�ÿ�û�ü÷�ö�ýXòDH�õ��*þ�ÿ�ý�ê�j�ÒT�Mè é�FD1T�@]�a�û��'�Qý.��/�8BF>�'�@4�� Ü ��d��Qú$�Qþ]ÿ q)öw�� <�]��>9�:��ÿ�5�K��i]÷��0FM8�5a��ú��

2.3.1. � � � ��%%%��%%% ��%%%��Red Hat Enterprise Linux

ÿ0°�I�A'<�rjó0õI)ý��1000 � ��ÿ�_.¤T=��õ w � < Ù ý�A s ý'=�� ò��õ"!2�.«0/28�5��6ú0��F@idF�U$# Ù j&%�ÿ ¶ õ>·�õ.z�{ Ø ��')(�ý$*0�W�Xû��çòD��õ"!�úÊ�8&÷>A<2r ó õ.I&ý,+.-�ú�ûg Ù ��$�2�W��j'�0/�ÝB�0ý�UWÕ�1.2�ÿ ¶ õ�·�õ�_>¤*=��õ w3� <��4*0�D��û�1òD��õ�!Qÿ�5�õ�r�A�<�r1ó£õ�I)÷�ì �5 ��ú��

w rxy.z{ Ø ÿ.6].ÁÂ�Ã�ý�ì��Ý.��û�g Ù ��U87�ü�ý"%�ÿ�¤�G��ý2y��A�<2rçó õ.I��W��û�i�ý��'�:9.;�k&ý�<4=0¡õx~}D<�� w r�xy)÷�A�<2r ó õ.IBF@8dF2��g Ù ]�ú'�gW�]ý��'��U8>:�ÿ��5 ¶ õ'Ë2r)÷>A�<2r ó õ.ITF@8dF��/21'UW�'°�?�Ijó ÿ�ø�ù�]>Ö×TF�8dF��./21'U��'°�?�Ijóÿ'��$<'<�ý0F@1i$b�FM��5�U2�&%�ÿ.4�� Ü � ��ûÿ�].�4� Ù �)û�g Ù ��$�2��ú0�Wz�{ Ø ��@.Ai.k&ý�UTelnet

UDHCP

UDNS

�&%@o.>:�� ¶ õ'Ë2r]÷ ¶ õ.·�õ'��1.�]ô�õ]ö�r�x�õ w"� <�]47�ìBF8dF��M:)B�ý>�)û2i$b�FM�0�W��j'��C�� 'U ¶ õ�·�õ>î�ÿ.o�>:��DC�ÿ>:)B Ù �B�2U�ö ý&ò�H�õÿ1.Û�ÿ w rxy.î�ÿ.Ä.E&ý>�)ûW��0�.F��$�2��ú0�2?�õ ó ÿ�G�HM� ÙJI.K ½ ¶ õ�Ë2r�ÿ�<'°�ý2��58��U Õ 5 Õ ÷0L.MdF�8�K�Ò��5�

N N N2N N N

. O O O4PP P�Q QQ3RRRTSSS�UUU�VV V 9

2.3.2. W W WYXXX,ZZZ&[[[�\\\�]] ]3^^^�___&^^^�```�aa a�bbb�cccd"e�fJgih:j�k�l$mnh:o4g�p,q3r8s)t�u�vxw R0y�z j4{�o�|�o)}�~��8��o"��8l$� �.e3h��}�j4��3r$�.�.mnh8�8s)t�u�v$j.�4�)�.�4�n�0p��"�$t�u�r8��8�.� p,�n��.�.��.�)��. 3�0s)t�u�¡$p¢ u�£�¤xo¦¥�§�¨�© p$ª.« �0s.t £8¬3¡�j�|�8§�®4¯��Js�°4±"�s.t ²4r ³:´��³Jµ�³,£8¶.·)�"�.e3hJ��} R u3¸Jj.��¹3�:º3r» y �x¼�p�£0ª�«�½ RJ¾ ¸�j.��¹�v�¿0j��4�3��Àp�£8Á¦³8u��.e3hJ��}.p��4Â.Ã.�3v$w z�Ä.Å p,�.mnh0�8s)�)u�Æ R §"Ç�¡x¹&�$r�3�$��È)�&À�£8��.�.�.��p,É¦³Jt4Ê.Ë.Ì)Í4s)´.Î.µ��j"��e3hJ��}��)¹��$´��$£�Ï�j4Ð.{�o�|�o �.e3h��}�w zÑ�Ò.Ó ��)u,µ3¿�³:s��.u�µ�ÀJ��Ô�® Q�R �,m��Õ�Ö.× Q �4{�o�|�o�}4~��x��o"�3�8l4p�Ç�¡0Ø.±�})Ù�Ú.m.j.|"�Ûx®.¯¦³,£ BugtraqÜ o��,l�"�Jmnh

( http://www.securityfocus.com) Ý ¤.l.Þ.ß$o"à8á.â.É.ã)ä.o.Õ (CERT)j��å,{k�h

(http://www.cert.org)� z j.|3$æ�ç R Ú)è�ß"��iéTê�ë�j � ��å�{"k�hp�ì�í&Ûxî�ï�³�rx�&�Æ8s�À0j4ð.ñ)ò.�.Ú.è"ß��J��é�j S�U�V p$É¦³Jt ¤�ó,ß,ô4��éTp,õ.ö��3v8÷�ø Ó ��ù.ú)��)§"£0û.âp��$m.�.Õ�p�ü�ýJä"Û�¹�t"v$µ z ¸Jµ.�"�xm.�.Õ�Ö.× Q�þ.ÿ ��3�$��È)�&À�£�Ù��ý��.o3¿�� p�Æs�À S�U�V æ.ç.{)o�$m�p.})Ù,Ú.m�³Jt��$£�Ï,j4ì.í�Û8�. �³Jt�ü�ýJä�³�t�u��u��$m��.Õ.§)¹,sÎ�u �)�&¿�Ù��ýJè"l��Û��)��¸J´��)�4��.�"�$m��.Õ4Ö�× Q ��õ��Û��À��3£��|�xæç3Û��)��u�£.Ç"��)�"¤.l.Þ.ß$o"à8�.��Û�� 4�3v$´!��p "$#)�"�xm.�.Õ Ü l$��%"l$m�Û��)�)u�r��

�xm4��Õ�Û0Ê�Á.j!&$' p)(!*��"v8´��j +4��£0N3N�Û-,�.�³�t�¡0/��u)�

2.3.3. 1 1 13222�___54447666788 8�$m.�.Õ�p�ü�ýJä"Û�¹�t"v.Æ R Û��3v8Ö.× Q �"£{)o�|.o.Ú.è�ß��J�né:9)j�Ê�¿0;!< R ��v�¿0j�j�=R �.�� System Administration Network and Security Institute (SANS)p�Ç0s�Î�£�¤4l�Þ�ßxo�à8j4Úè"ß��J��é S�U4V j!>�?�@�� " A$B Û-C7D�t)u��u)E p�Ú�è ß ��né j� �F�Û-G�»�t £�Ï�j�ð$H.§��²v.Ç�¸8p,�3v$´��)j�I�J&¿�h�K$o)ô�l�)¿�L��$t�u��u)Æ R "

��3� 1 Æ8s)�4Ø�M�s)�4Ö.× Q p�Ç�¡J¯C3D À�s�vxj R � ��£ONQP!R$S.��Ö4× Q�Ý�T$U�V j4�)u8Ö�× Q p ¿T¯&ÀTs�rJ��{)o�|�o ÝV o�Ù,m.�.o"�3�8l�p�ü�ýJä"Û�¹�t"v4Æ R Û-�3v8Ö�× Q ¿xu,s)Î�£.�$m4�.Õ.j$�.o7W8g ÝW"ý�h V o�Ù�X�P)µ&À0j5Y) Ü ýJÚ.oZ$j![�\3Û0�3v8Ö�× Q ¿xu�r8��.r$´�£�¿)¸�= R � Ñ.Ò)Ó ��]��"£8{)o�$m.j.d"e�fJgih�ü�m V on¥8rx´.�.d e�fJg�h_^3Û-`�a¦³��u�r�r�b�c4�3v.Æ R �4��d�$Î"£$d"e�fJgih:j4Ö.×�ü�m V on¥8Û�*3�xt�u�v8d.o"àxo�e)o�m.§�¹3�$r8��§"£.Æs)�"£�k�l$m¦h:og�f.�hg$p��$m.�.Õ4Ö.× Q §�ü�m V on¥8Û-`�a.�"v)/5i�¸ R Ï�j.d.o�à�e)o�m.j.Ô�® Q §!j�k¦³�t�uv$´��)�4�3�$d.o"à�e)o.m4Ö.× Q §"Æ$j�ü.m V o�¥_`�a�Û��3v R £�l$m)j.�)u)Ù��ý��.o��¹��xt&¿n�o)j.d"e�fJgih�ü�m V on¥8Û8�3�$t.d.o�à�e)o4m�9)j�Ö.×. $p�q3Û-r.º.��v.Æ R §.�"²xt�³,r�u�r� ��Æ$s¦À$�.Ö�× Q j�Ø�s5t�§�u�v R ��,t�{�o�|)o�j$w�x�p��§&v,w y j 2£

3j$d"p��zy)rx»

y �

2.3.4. { { {3|||�}}}z~~~$��7�� 3��___�```�aaa¦bb b�ccc��¦³J´7W"ý�h V o�Ùx{)o�$m.§�� Ó p$Ø��k.��¹,s�Î"£ zy ��p$ �� u �� Ý ñ��¹��xt&¿O.P Û�C7D Ý ��u �� Q�R �"v$µ&¿)³,r8» y ��d�$Î"£-P��)��².v$W�ý�h V o�Ù,��. 3�0s3v.Æ R Ûj�k¦³Jt.Ô4®3�8s)´.¬&¡0j4{)o�$m.§�¹&�xr8�3��³Jµ�³$£�Ï�j�{)o�xm.§�k)l.à$o5W"ý�h:�)�$�4 ��p��"v R £.Æ$j!j�k$�$��!��³��3¡��8t ³$r�u)r0� —�3r"�$£�k�l.à$o3W ý�h)NQ��§!�� Ó pP$�.��²x�)u�µ�À��

¹�v.à�k�~.j4Ø��k)�7W"ý�h V o�Ùx{)o�xm.��p��3�0s)t�u��u ��o��)o�� R ü.m V o¦¥8Û?��¦³,r8�3�Telnet R FTP

§"Æ$j��)j4{)o�$m)p��xr0�"�xü �"ý�h�m�ô)e&él4.�.e�hT��}�§ � onh_�)o��)o R Æ$j"Ç�¸J�4{)o�$m�J.j!X�P3Û0[�\¦³�t�u�v-¡�¢3£-�)o��o�� Ý ü�m V on¥:�!£�¤p)¥�C��0s�t ³xr�u)r0��rx´ £�Æxj�Ç ¸T��{�o7�xm4�!�$� Ó p,Ú�è�ß ��¦é¦��§4 �¨.� ¾ ¸ R Æ�i�j man-in-the-middle O�P j©�ª�p�� Ý ��u�j.�4�3�.Æ$j"à�k�~.j O�P �.� £$W"ý)h V o Ù��)� Ù��ý�è"l��8s)´3W,o.Õ�{)o

1. «¬ : http://www.sans.org/newlook/resources/errors.html

10 ® ® ® 2 ® ® ® . ¯ ¯ ¯�°° °!± ±±�²²²�³³³$´´´!µµ µ

¶�·¸)¹º7»�¼7½¾5¿0À�·7Á�Â�Ã�¸7Ä�Å�ÆOÇ$Áz¿ » È�É�ÊË�Ì�Í�ÎO·�¶�·�Ï!ÐOÑÓÒ�ÔOÁ�Õ3¾�Ö�·$Ï�×Ø�Ù Ô!Ú5Æ Ù ¿!» º�Û�Ü�ÝOÞ�ß5à!Ï�ÎO·$¶�·5Ô�Ä�á�·â¿ãh¾ Ø�ä�Ù ¸�åzæ ² È ¯�°�± Ï�× Ø�Ù ß�ç)Ôèêé!ë7ì�í�Æ$î�Ï�ï�ðz¸)ñ3ÍÓ»�ÈÄ0áO·ò¿Î5·�ó�ô ²0õÓö0÷ùø ë7ì�ú3·$û5·�ü3Ô!ý5Þ3Ô�þ�ÿò»0ë�ßø È��¸��é�º�Û�Ü��)Ï��Ô�»�¼È$Á�Õ7¾�Ö�·��Î�·$¶�·OÔ ö ú�·�ûO·OÔ ö à�Ì ²�� Þ�Ì��7Ô��í�ô5À ·�� ²�� ·��$¸��Û �!� ² ß!"#�º-Û7Üö ��$ ²&% Ï�'�(�)Oë�ÎO·ó)ô5Ô!È NFS

ÈNISë+*-Ï7½¾5¿0À�·7Á�,�-)Æ/. Ø ô�0�1 ² ½¾5¿0À�·Á2��Î3·�ó ô�ß�3zÒ)º�Û�Ü��Ì4

LAN 5 ��6��Ô�å�7zË�ÌO¼5ì5º�ÛOßÈ�8�9Oë�ß ø WAN (Ä-á�·¿_úO·�ûO·��

) ö�:�; ��=<�>�Ë�ÌO¼5ìOº�Û�Ü � ,�?�. ¿@"� NFSÈ$Á�Õ7¾�Ö�·�ß�A�B

NFS¸)×

C Ù ¿!»�¼5à��!Ô/D�E�Ë�ÌO¼5ì�� ö Ï�Û�F�¼5Ô�G�Á ã�ôê»�¼h»)º�/� ² ¸2H!I�ÛJ��Í ;�K�L Ë�Ì ��MN�OOã�P�Q7Ä�0SRÏ�T�U4V�ß�3�Ò)º�W�XÜ/Y[Z3Ô5ÈNISÈ$½¾5¿0À�·7Á]\OÏ�Û�FO¼�Ï�^ Ù�_ Q)·�ß ÷hø ë�` Ì4a�ë ø ë5ì5È)îÇ)· Ù 0�P�ôâ¿�Ï ACSIIº)Í�

DBM (ASCIIÞ ø�b�� ) � ·��cO·�ô�dÏ$í�ô3À�·e�fOJ,�-)Æ/.OÏ�GOÁ ã�ô�gOë+*�È�h�i�ë��¸�D�EÓ»�¼5ìOº�Û�Ü�Á�Õ7¾�Ö�·�ß�)Ï � ·��cO·�ô5Ô�GOÁ ã�ô�g�¸�jJ� ² È�� ± �G�Ö C Ù ¿�¸ :�k ½¾O¿0À�·3Á]\OÏ!Û�FO¼�Ï�úO·!ûO·�G�Ö CÙ ¿�Ô�G�Á)ã$ô�Û �� ² ß!"#��-Ô)ëêÒ�º�Û�Ü

� ,�?�.ò¿@"�3È Red Hat Enterprise Linux��Ï�l�Që!Î�·7ó�ô7¸-Û!F�¼�ml, Ô�»�¼êÄ�ÄQ·!ôz»Q¼�ìº�Û�Ü7»�Þh» È�� ± ��Ì ø Ï�ÎO·ó)ô7¸ 5 �@n�i7Ô2W�º ø ÌJ�� ² ß��Oæ23zÒ�º�ÛOÏ�"È�o�)7Ô!p�q�r$É�¸&st�2� ² ß!u ; ¼!h�i ² ëhÒ�º-Û�Ü0Î�·7ó�ô7¸�(�v3Ô2o�)�Û �&w�x3Ô % ì�¼�7È ® 5 ® ¸y�zê»Q¼�æ0¹7Ë ìOÜ

2.4. {{ {}|| |�~~ ~J�� || |�� PC � � �e�� t��À�·7Á ô�0�· Ø�ä-Ù ²=�� PCÈ�½3¾5¿�À ·3Á�O�ÎO·�¶�·OÔ2��F�� ¯$° ¸��l`�Ô7æ�ì2wOÞ ö »�Ì�ºW4XÜ7»�Þh» È$Á�Ç��7¾5¿�Ö�·e�f �¡Oë+*0Ï�¢�£��¸&¤J¥)¼Oì�� ² ß�¦Oì!Ï�"3È Ø ô�0�17Á�Õ7¾Ö�·5Ô/§OÑ�Ì�º�Û�Ü�º)ÍÈ�À�·7Á ô�0�· Ø�ä�Ù ÷hø�¨ ü5Ô!©��Ë�Ì�È�ª�«OÏ ¯�° " "

ôÇ)·�¬"× ØÙ ² »�¼ ¯�°�± Ô 5 ��Ë�ÌO¼5ì�� ² ß�3�Ò)º�ÛÜ��Ì ø Ï��l!"È!À�·7Á)ô�0�· Ø�ä�Ù Ï ³�´�µ ¸÷ � ² È2m�®�Ç)·�0SR Ù�¯�Ø ô�0�1�Ï�°7Æ Ù ôâ¿_·�.�È&±hæ�Û$Ì4a � ·��²�³7Ô��7Ä�Ö�¶ÓÄ�ëJ*-Ï´�µ Ï!¶�Þ ø�·�¸ Ë-Ì �� ² Ô ëêÒ�º-Û7Ü

2.4.1. ¹ ¹ ¹lººº�»»»�¼¼¼l½½½�¾¾ ¾J¿¿¿�ÀÀÀ�ÁÁÁ'4ÂtÃ�ë�í3ôÀ!·��= ¯O°O± ß Ø ô�041�Ä5ÏlG5Á!ã�ô�¸]j+��Í ; Ï�Å ö�Æ�Ç ë�w4x5Ï�È % Ô$ëùÒ ºÛzÜ)íOôÀ!·S��¸�É L Û+� ² #!Ô��5æ23��Êù»=Ë�¸�Ì�`��w�x7Ô % ì�¼�È�Í 4.3¸2y4zù»0¼êæ�¹�ËìOÜ

2.4.2. Î Î ÎlÏÏÏ�ÐÐÐ!ÑÑÑtÒÒÒ�ÓÓ ÓlÔÔÔtÕÕÕ�ÖÖÖJ×××�ØØ ØlÙÙÙ ÚÚÚSÛÛÛ]ÙÙ Ù�Ü ÜÜÞÝÝÝ!ßß ß�ÀÀÀtàààSááá/Ú ÚÚ�� ± ß�p�qOë�(�v�â�ã ² íÓ¾�ä¸!3!¼�Í!ÎO·$¶$·¸��ù»�¼Oì!Í ² »�¼ ö È7Ä�á�·â¿_ú�·�ûO·$ß�GÁ�ã�ô$Û}� ² #�Ô ö (�v�"l3l� ²�å �QÉ�æ4"�l3êÒ º2W�X�Ü]ç�é/a�È�ÎO·�¶O·�ß TelnetÞ

FTPÎ5·ó)ô¸�íl¬�Ä�¾)Á�½¾5¿0À�·7Á�Ô/è�é�ÛJ�&ê�ë�È ¯�°�± 7½¾O¿0À�·3Á�¸�Â�ì�ÛJ��îÇ)· Ù 0�P$ôâ¿Ï�úO·�ûO·�í ² í�ô3À�·e��¸��î�ÛJ�� ² ß�"�#�º�Û�Ü�à��)Þ ø È!G�Ö C Ù ¿f��¸ 5 ¥�¼hÄ�á$·â¿ú�·�û�·$Ï5À ·5Á)ô�0$· Ø7ä-Ù Ô�G�Á)ã!ô�Û �!� ² ß�"�#$º0ÛÜ

SSHë+*-Ï�(�vOë�î�ïh¿�^)·�.�¸ 5 �ù»Q¼5ì!¼ ö È3Ä�á�·Ó¿_ú�·�ûO·$ß7Á�Õ!Æ�G Ù ¿�G îhÄ�ð�· Ø�äÙ ¸�)�ñ4ò5Ô/ó�ôù»Q¼�ì�ë5ì2ê�ë�È�õ�)�Ï ¯$°�± Þ øQ¯�° ¸&�l`]O�Û3ì�Þ ö »�Ìº&W4X7Ü&ç�é�aÈ v.1

SSHÁ3Õ$Æ�G Ù ¿��±�É�3�

SSHÎ3·�¶O·�Þ ø Ï X ö�÷�¯�° Ô ´ ì�ë}*]"$ÛzÜ�Î5·�¶O·3Ô[ø�ùOÛ+�² È ¯�°�± 7½¾5¿0À�·7Á�¸�úù»�¼7Á�Õ!Æ�G Ù ¿_Ï�P�·$ôâ¿�ï�·7Á]O�× C ô$Ï7ÁÄ�¾)Á�¸�à�¥ ² ��î» º�Û�Ü��)Ï�û�ü4

v.2 SSHî�ïh¿�^)·�.4"�ý�þ�Ë�Ì�º7»�Í�ßÈ�*-Ï�G!îhÄ]ð�· Ø�ä�Ù ß�)Ï��l��ë

³�´!µ ¸&¤lÿOÈ�º�Í!n�i3Ô��¼[ó�ôÓ»�¼�ì7æQÞ��ú�· û�·�� ² ëêÒ�º-Û7Ü® 4 ® "�7È&�� ±�� ·�1!ú�·!û$·$ßOÀ)·5Á)ô!0$· Øä0Ù ^ Ù!_ Q�·�-Ï ³$´!µ ¸� !)!Û ��Í ; Ô² ��F #��¸ ·� »Q¼Oì�º-ÛÜ

II. Red Hat Enterprise Linux � � �� "!!!�###%$$ $

&'&)('*,+.-'/�021436587'92+Red Hat Enterprise Linux :�;,<)='>�;,?A@CB + Red Hat Enterprise

Linux D8;�E4; +�FHG'I :C;2<HJCKL;�= 9�MNHO JP>RQTS�U�VWYXLZ 9C[�\ WYXT]^8_�`�abc�d.;)e9.fHg)h�i'jAklh�g�m W,n mCoY+�p4q _�rs,S�V4_At 3u,+Cv ; I.w D';YxL= 1�yYG <�z{�B +�FYGI :C;2<�|}~��6SL�,� o.�818� <L>RQ��._H�YQ�eY�2J�B�� 1��3�u _,�CS i4j�k�h'g8m W6n

� � �Y� ��3 � � � . M M M)N NN�O OO J J J�>>>�QQ Q 1 1 1.� �� .................................................................................................................... 134 � � � . : : :L; ;;'< <<L===�>>>�;; ;�? ??H@@@TBBB M M M�NNNHOO O J J J�>>>�QQQ .............................................................................................. 195 � � � . D D D; ;;�E EE;;; M M M�NN N�O OO J J J�>>>�QQQ ................................................................................................................ 376 � � � . VPN (Virtual Private Network) ............................................................................................... 517 � � � . � � �4� �� { { {2�� P; ;;.e ee ........................................................................................................................ 59

�3�

.� � �� ¢¡¡¡¤££ £ ¥¥¥§¦¦ ¦�¨¨¨©4ªY«H¬l¯®�°�±8²³'´�µ4¶,·�¸'¹�º4»,¼L©4ªY«�¬l¯®�½'°�¾8¿YÀ�ÁÂ'Ã�ÄCÅ,Æ4Ç�¹�ÈHÄ'¼�É4Ê6À�ËÌ Ç4Í4Î,ÏlÐ�Ñ)Ò�À�Ó4Ô4Õ,Ç�Ö4×'´�ØÚÙCÛ�Õ,Ü)Ý)°YÍ4Î,ÏlÐ�Ñ)Ò)´

Red Hat Enterprise Linux Þ'ß ÄàÚá.â2ã ÇCä�åCæ)ç,è.°é8ê�ë,¼Lì8í8î�ï'çRÏL·L¸ â�ã ÇCº4»Ú¼Red Hat, Inc. ð�ñ ë6ò8Ç.Ã�ÙPó8ôÄ.±8²³,À�õ4ö4Õ,Ç�Ó4Ô8ä�åLæ�çYè4ÀH¬4¬Pç4÷�ÕYÇ4ø�ùT´�ú4û6·�¸ â'ã Û�Õ6ÜCüÚýl°�º4»6¼�þ4ÿ8°4©ª6«Y¬T ® � öYÒ��.©4÷�Ä��Õ,Ç��HÄ�ä�å��

(ÛC¹ ��,À�� 8Õ,Ç4ÍCç4÷��Cç��

)´�� ã)â�ã ÛÕ,Ü4øC°ä�å��YÀ)Ý)°

Red Hat Enterprise Linuxä�åLæ�çYè)Ä�� .Û�Õ,ÜLä�å��

Red Hat ß�� 4ç �Ä"! áCâ�# � ·�¸,¼�$&%Cç�'�Ó4Ô�ù�� â ¬4¬lç÷Y·�¸ â�ã Û�Õ,Ü"(��()¼)� �HÄ.ä�å��´��ã)â�ã�*�ã º4»�Y¼Red Hat

° +�µ ,'´�Ý)°ä�åLæ�çYèC° -"."/C 04ç,ù�1HÄ��'°�� HÄØ)¹ áCâã ÛTÕ6Ü2��3��342Ä'¼�äÚå�æCç2è�À # � � â ¼5$�%Lç"'�Ó�ÔÚù � â ¬�¬Pç)÷6�LÛ�ÕHÜ7C÷4 4ë�8 �� â�ã Ç4Í4Î,ÏlÐ�Ñ)Ò��'°�$&%Cç9'�Ó4Ô8´A¬4¬Pç4÷Y·�¸'¹ ñ ¼�É4ÊYÀ�Ë Ì ÇLä�å�æ�çè4ÀCëYò4Ç;: Ì óAýlÓ4Ô��.¼ 7C÷4 4´�<3=,À�Ë Ì�> Õ�ý * Ç5?�@YÀ�Á4Â'Ã'Ä.Å,Æ�Ç4ø�ù�À�AAý)B�ÕÕÈC�CÛ�Õ6Ü

3.1. DD DFEE E�GG G6HH HJII ILKK K�MM MLNN NLOOOQPP P7C÷4 4°YÍ4Î,ÏlÐ�Ñ)Ò�À�Ó4Ô4Õ,Ç�º4»�H¼�R S4ëYò4ÇÍCç4÷ ðÚñ ÓÔ,À�TÐ"/�U.ç�� Õ6Ç4ø�ùT´�V×'ë�Õ,Ü�< = ,��W XHÄ�¼;��,À�� 4Õ,Ç2�Y'°)ä�åLæ.çYè�ù�Z\[^]4çYè&_5/�` aYÀ�8 ã � ð �Cø�¸Äcb8°4©4ªY«H¬l¯® � öHÒ��.©4÷YÀ�� Ì)â ä�åLæCçYè4À5d e��gf��.¼c."/ 'LçihYå8Ï�ëA¬¬lç4÷)Õ,Çø2ù�´8ë,ò8ÛLÕÚÜ4ø�j �l¹�k l'´4µ m��l¹�º4»Ú¼;nA¬.è;03o'°RPMÄ�p�� â Î9qc.co,À # � Õ,Ç *r °4©4ªY«H¬l¯®ts3u4ë � ö2Ò��C©�÷3 # �6·�¸,Û)vwHÜ�x áLâ ¼Red Hat, Inc.

*\r °�R S'ëYò4ÇÍLç�÷ ð,ñ °3y RPMÀcTÐ�/cU.ç��c�C¼�ä�å�æ.çHèL°cz3{6À5|3}C� â Ý�°�~��³6À5| ð È6Çø'ùP´�� Ä2V×�ù * Ù�Û�Õ6Ü

Red Hatë3c$�%Lçi'�Ó�Ô2Äc�6� â

2 � Ù�°��3�3�3�YÀ5�3�L� â8ã Û�ÕHÜ1. Red Hat Network

ë°c$�%Lçi'�Ó�Ô8°)é �Úù5TÐ/�U.çL�2. Red Hat

$�%Lçi'webî9.�Ï ½8°c$�%Lçi'�Ó)Ô8°�é3�H¼2¬�/�� * �

�� )��Red Hat Enterprise Linux �)�2�g�)�t�)�;��5�)� ��g�;��;�� 5�^¡¢�£¤� Red Hat Network ¥�¦§�^¨5©ª «t¬�c®

Red Hat ¯c��;°¢ �±¢²�³�� ´¤�5�^�)�)µ)¶�·�¸)¹�ºt» ¬� ·2�5 ��¡g��£¼��½)¾�¿�À5�^��¢��t�5Á «�¬§Â5Ã;®

3.1.1. Red Hat Network Ä Ä Ä�ÅÅÅ9ÆÆÆRed Hat Network

* ñ�Ç ù�w r °Ó8ÔÈÉ�À9Ê)ËÌ8Õ�Ç8ø2ù�´8ë,ò8ÛLÕÚÜÍ;8��°�7.÷' 2Ä�Ö8×*RPMä�å�æ.çHèÀ)ÎÿL� â ¼)Ï3� * ¬Pï2èYÏ�¬ ð,ñ T�Ð/cU.ç�� â ò)Û�Õ6Ü RPM

z3{6À # � �L¼Ð Ñ ·�¸ â�ã�*�ã ð | },¼)Ý.¸ ðÚñ Ó4Ô��CÛ�Õ,Ü�ä�åLæ.çYèC°�."/C÷�Ï�ç�o�ÕCÒ�Ä�Ó * j.ø�ù3(�ëòÛTÕ8´H¼�éÿ4°3Ô3@HÀ2B ã�â ð6ñ Ó * j2!9j�Õÿ�Öy.Õ6Ç�ø8ù�(lë2ò�Û�ÕHÜRed Hat Network

ëÓ'Ô8ÕÚÇ2×"Ø&7/�Ä�7.÷4 Ù"U2ÎÚ®�ç�o À2ÚÛ'ÕÚÇLÖ8×�´HØ�Ù.ÛLÕÚÜ 7C÷ Ù"U�ÎÚ®�ç�oHÄ��7C÷4 �Ä��Õ,Ç2Ü4ç��lÐ8Ñ)ÒYù�Í4Î,ÏPÐ�Ñ)Ò�°�Ý Þ8´�ß,ÛT¸,Û�Õ6Ü4øC°�Ý Þ�à á â ã ù)·�¸ ã'°�äHÄ�å,Ç4ø�ù5�ØÚÙLÛ�v�w2Ü�×&7L÷4 'Ä�� Õ æ,ò5$&%Cç9'�Ó4Ô6À�Î4ÿÕ,Çç5è °4¹�È�: Ì Ä�8 �,·�¸YÛ�Õ6ÜøC°�Ý Þ8´ *�ã ùRed Hat Network

�þ4ÿ&7C÷4 �Ä.Ó4Ô8´�Ö× ðr j ð À;Î8ÿ8ÕÚÇ8øHù�´8ë6ò8Û;v"wYÜ.©4ª6«Y¬l ®t$\%.ç�'.´ (Û.¹�Y¼ ã Y8¸'°3éê'° $&%.ç�'Cë

14 ë ë ë 3 ë ë ë . ì ì ì�ííí9îî î�ï ïïgð ðð�ñññtòòòcóó ó�ô ôô

õ) ïï)ö�÷�ø2ù\ú9û3ü Red Hat Network ý þ\ÿ�ö��ò�� 9ú��;÷ð��ò�� ö��! #"�$�%;ó ô� &�'�$&ú)(�ý�ü Red Hat ó ó ó ôô ô þþþ�ö öö+***�,,,�-- -�... �/�'�$&ú#0�ü)12,)354�6.5ü http://rhn.redhat.com 0�7 8cò�9;:=<�ö�*�5ó�ô�$�ú�>2?¢÷�<�*�î�ö#�2( @�ù�"A$�%

BB BACCC#DDDRed Hat Enterprise Linux EGF Red Hat Network HH H II I)JJ JAKK KGLL L#M N�OQP)R#SUT�VQW�X+YZP)R5[ Red HatEnterprise Linux \Z]G^A_a`GbQcGd M�e�[=fagZhGi�jAkal=m)npoGqrYsP�tvu�[xw=y kAz5{ZL5|G}�~ CU� T)VA|�� D Ep��RUPGba�A�=FQ�=b URL nx�G��YsP#tp��aR=V http://rhn.redhat.com/help/basic/applet.html

Red Hat Network ò��+��(��$6ú5��9ý&ü http://www.redhat.com/docs/manuals/RHNetwork/ � RedHat Network Reference Guide =��$�ú 0iü http://rhn.redhat.com �� G�iø#�r%

��A��a�� ^��#�UK��Ana} C ] D KaLAT)[x 5E gx¡A¢)gp�#�ZK#�x£Am�EU¤G¥GkA¦Aq=MQ§=¨#�xu P�RUk�RU©)ª «s©¬ tvU®G¯#tx��AR=Vx¦Gq M e=[p°G±�EQF�ga²³u�EZ´)O³P } C ] D KQL�nxµA¶�Y·P#tx�#�QR=Vp�)�ZK5�xcGd�E ¬[v¸acGbU¹A`�EZ�5RQPAbQºA»=jGka¼A½=F5gx¾ 3.1.5 nv�A��Y¿P5tx�5�QR=V

3.1.2. Red Hat À À À!ÁÁÁ)ÂÂÂ;ÃÃÃ�ÄÄÄ�ÅÅ ÅrÆÆÆ�ÇÇÇ;ÈÈÈÊÉÉÉ5ËË Ë#ÌÌÌ�ÍÍÍì í î ï&ð ñþFÿ�öÎ�;ÏÑÐÓÒ ï ï&ö ÷ øCù ú û ü Red Hat ò þ ÿ�öÔ�Õ1Ó,Ö3Õ4×6.5ü http://www.redhat.com/security/ �#Ø�Ù�ø5ù�"G$�%�Ú2ò)Û ö�*�0�7#�G/�'ò��2÷�ð��3ò)Ü�Ý�ûAÞ ö*�ß -� à�áâ Aã�ü Û�ö+*;ò�ä�å�(�æ"ú security à�á�$&ú"û�ü Red Hat Enterprise Linux ì í�îiïð ñaç;è³Þ265é�ï�ö ò�ê+ Ù�ëâ 5" $�%)��ì ùr0�ò�ç;èZÞ265éLï�ö ò)í�îrÒ��;÷ ð��/�'â Aãr�"ú9;:=<�ö�*#(�ï��#ã)ð�ñò Uãr�úGó�ôý"ü58cò5í�î+�õ"ï�: õ=$�úûQ��Ò5ö�7¢ù�"A$�%��Û�ö+*)(�ý�ü;ì í�îiï�ð ñp÷�ø�çrõ�ì3÷�(5ï��)ã ò)ù�úCûcü;ì íiîiï�ð�ñ ò�û�ü+ ý�ø�$&ú 9ò:<�ö2*5ó3ô6û þ#ÿr(��?��î�Ò�æú��3ò�)ë2(�ï2��ã)ð��ø)ù�ã��"=$�%ó ô&ø�ù� �9ò:�<cö+*��1�-��cö!èp$&ú#(�ý�ü#8còCï�-�õ�)õ�ï�:�õ+ aã Red Hat Network (��6�-� �ü�9ò:�<cö+*��õ9ï�:�õ� aã�� ö!è�è5ÿ)6�3�(��; 5"=$�% /tmp/updates ��¢ôò ��ñ� õ .�ï5�� â Aã�ü��1�-��ö!è) ! �$�"rã ò)9ò:�<�ö+*;ýr8�Ú)(��$�ú�Ú"û5�#;�%$�$�$�&â "=$+%

3.1.3. ' ' ')(((+***-,,,�...�ÂÂÂ0///�11132225444$�"rã ò Red Hat Enterprise Linux 9ò:�<cö+*;ý Red Hat, Inc. GPG í ö��6��&ø�ùrã��" $�% GPGû5ý GNU Privacy Guard "� ý GnuPG ò7r��ü�8��:93;�65��ò�ø�<�=��>�$&ú? &�(�/�'�ø�ù�ú9�ï)öA@�9 .?9�,)ç#9ò:�<cö+*��$�%�B:C�D�ü Red Hat Ò��Er$\ú�F�ÿ�6�G�öÖ.gí ö ( H�I�J ) ý�9ò:<cö+*��:�õ+ �ü�923&ï�:�õ�í ö ý�9ò: <cö+*�ò3��:�õ��Kò AãL�>â �" $�% Red Hat Ò8��$&ú9�3�ï�:�õ;í3ö�Ò RPM L�>)M�(�Fiÿ#6�Göò. í3ö&ûaôNò O�r��ó�ô�ü#8cò�9�: <�ö�*5ý�P3ó�ÒQ)Cr7ù�ã��ú�R�S�=�Òræ�ú? �&)��'��)T�"�U�V2%Red Hat Enterprise Linux ò RPM W"öð ñ�ï)ð ñgýYX!Z3[�( RPM 9â:5<�ö�*�ò GPG 6��"ò�L�>�\ ê�ã�0 7�8�ù�#6�-�÷â. ö)�ò 5"G$�% Red Hat ò GPG JrÒ�6�-;÷!.gö��&ø5ù�ãr��ó�ô ýiü RedHat Enterprise Linux 62-�÷Õ.^ö�� CD-ROM �0�2ò�]�^��_)[��ó�`�0;7562-�÷!.¢ö��Õ Gã � ��ø�r%CD-ROM Ò /mnt/cdrom (�a�1�-�.�ø�ùrã��"ú"û!b�câ Aã�ü�d�ò+e�a�-�è G/��cí3öCï�-��(�6�-f öò.# �"=$ ( �2÷3ð��3ò)�g��)T3ú!Jò�3ö��G ö�÷ ) %

h h h3h h h

. i i ijj j3k kk�l llnmmmpooorqq q�s ss�t tt 15

rpm --import /mnt/cdrom/RPM-GPG-KEY

RPM u�v�wyx)z%{)|)}�~��:��3��{�q��q��A��:��+��q+��A}:��pz��A�

rpm -qa gpg-pubkey*

Red Hat ��q��A�� q5¡�¢��£0¤��5�

gpg-pubkey-db42a60e-37ea5438

¥�¦ q�5��§5¨�{�q©�ªA�%��:��+� rpm -qi ��+}:��«��+��¬�q�5��®�q+�?�)}:�°¯�±%q��5�%§)²��A�

rpm -qi gpg-pubkey-db42a60e-37ea5438

RPM ��|3}�~��:��®5�3� RPM ³3´�|��qµ�¶�q�u�v:��£Y¢�·3x��¸�¹�{�º�»�£5·3x�¼��:�·��5�3¡+¤ Red Hat, Inc. q�½y¾?¿��+À5l�l!��~3��Á�Â�Ã�Ä+Å�±O��{�¨�£�¨3·�x��Æ�ÇYz��:��È�É�}Ê �y��zO�½Y¾�¿��5À��{5�%�Ë3��u�v�A��)��q5��)}+�%�%Ì�yz��+�

rpm -K /tmp/updates/*.rpm

Í ½y¾?¿��+À��ÎYzO{ GPG ��Ãu�v5��Ï�Ð�A��x��·?q)�?�5}A�°� gpg OK ��Ñpz!{+Ò��+��u�v)�Ó�Ô z!��+��Õpz�¨ Red Hat ½)Ö:l�¾�×?�:��Ø�wpz!{3¨3��¯Æ�Ç��:�3x!Ù3�3��}�m+}�Ú�q5Û��~:ÜnÆ�ÇyzO{:Ý!Þ5��¨�� GPG u�v)� ÓÔ zO�½Y¾�¿��5À?��|�}?~p�°��YzO£�¨�¼:Ý!Þ5��¨��ßà�á)�¡�â�{�Â�s�ÃÄ5Å�±O��{�¨��ãäå�Ã�æ+¤��5�GPG ��q�u�v0xOç+è?�5é�ê�ë3��ì�í��A�%��{�q½0¾�¿��5À?q�È�É�} Ê �y��î3ï:zn�:±��ð�ñ%��òÊ }�òp�°¼��y��x�zO{5·!�0±!q�½0¾�¿?�)À��|�}�~p�r��Yz?�%�+�

3.1.4. ó ó ó)ôôô+õõõ-ööö�÷÷÷�øø ø0ùùù5úúú3ûûûAüüü�ýý ýÿþþþ!øøø�� q+��+}:��Ì��+��x��:x��%q½Y¾?¿��)À?q�|�}�~p��A� ��)�?�y¢�·�x%Ã�¼)Ò�� ( �� ½Y¾�¿��5À��:Ý ) �

rpm -Uvh /tmp/updates/*.rpm

�� ½Y¾�¿��5À?q��)�%��q5��)}A�!��Øwyz��+�rpm -ivh /tmp/updates/ � kernel-package �� q��)��æ�� kernel-package ��q��)�� PRM q�¶�®+��«��{:Ý!Þ5��¨��tpz�¨�� :��Ø�wpz!{��+ð�}�Ã�� 5�Al�Ö��y��±��q+�?�+}:��Ø�wYz!{�!)¨�� " ��A��·�x!Ã�¼5Ò��5�rpm -e � old-kernel-package �� q��)��æ�� old-kernel-package ��5�#!3¨�� RPM q�¶�®A��«��{:Ý%Þ5��¨��

$$ $&%%%'�(*)#+�,.-�/10 2#3�4.5#6&7�8�9�:.;=< >�?A@�B�CD-�EGF HI+JEDKI+ L

GRUB M 8�N1O&PF#)#+Q,.-�/#R ST EU+*- VGW#X�YINIH*+ZE\[ ]_^&`�a.+&X�Ycb&d�ef1g M�h ;=3�?

16 i i i 3 i i i . j j j�kkkmll lJn nn*o ooqppp=rrr�ss s�t tt

uu u#vvvwIx�y�zG{Z|~}��*��#�I� �.�Z�G�I�#��1�Q� �1�#��=}��.��1�#��*�&�&�#�#��_��1� ��*��*�� c� &¡D¢*£&¤�¡1¥ �#�¦1�&� � §�=¨&©��_ª��I«A��.¬�A� ��*�Z�\�_��1®#¯�°±� ¡1¥ �_�¦=}��.�Q�1²&³�� D´I²&µ*¶#·��.¸Q�_�#µ_¹#º»&�I¼#½ªQ�1¾

3.1.5�D¿#À�°G� ¡1¥ �_�¦

3.1.5. Á Á ÁmÂÂÂqÃÃÃ�ÄÄÄ�ÅÅÅ�ÆÆ Æ�ÇÇÇRed Hat Network r�ÈÊÉ�ËÍÌ�Î�Ï�ÐQÑ�ÒÔÓÕ�Ö�× Red Hat r�ÈÊÉ�ËÍÌ�Î�Ï�ÐQÑ�ÒØÓAÙÊÚj�k�l�n_oÛpÈÊÉ�ËÍÌ Ü�Ý Î�Þ�ß�ËÛà�á#â�Ò�Þ�ãÛÓ*Ë�ä�á#ÖåÚQæ ç�èJé êÊÓIÎ�Ï�ë�r�ì í�Ü�îQïØáQæ t�á è�é�êÊÓÎ�Ï�ë�r�ì íÊÜ�ð�ñ òÊó ô�õö�÷ øJù�òÊúJûrÍü�ý þQò�ó�Ù ×�s tqáIÖÍé ê�Ó#Î�ÏQë�r�ÿ��þ�ü��ÕòÊú��Jr��Zù ×Íæ é êÊÓ#Î�Ï�ë�r�� o��nQÜ��mþ��æ��QË��ë�� !�"�ËÛà$#Jrs�t�% Ë��'&Þ r�ì�í�(�)Jþ+*�èQâ-,�.Êá�Õò�ú

// / �� ¹#º» �*ª��1012��$3�4 57698$:#��;_µ=<&³�>�-;?.�A��@·��.��A+BI�$C�D&��#�Iª��1EA� {�F��zG � � �Q�=µ#�7H�I�C#®�7J K�LI��¦�°c��°.��EA�#{ F7M N�O µ_¨#©��QP �1A*µ7J K�-BD��B1ª�R�S$TVU1W�¦

ë-�ån��QË�X'&&Þ‘ YJËZJË ã[JË ã r�ë-�Øn��QË�X'&&Þ�õ&×�X�ã�o�\ r-YZËZZË�ö ð�ñJù�]�ó ò�^Zâ r��Zß9! É�\

rÊômõ ù�òåú+�� `_mþmæJôQr�üÍý�a�ë��n+��ËbXc&�ÞQ×�YmË�Z�ËÍæQã�dÊn��ÛÓ�æ�e�f9gÊÌQã�dYZË�oÛpQn_oÛpQaÊû�þZü�h âjijf'k�l�ÖÊõ�] rm�ì�í'k�l�æ1no�áQo��Zó�p#r�ù�×�qb�Õ1r�s�úô�ý á#ÖYJËZJË ã[ZË ã�rJëj�Ôn1��Ë�X'& Þ�Üs tØáIÖåÚ�æ�X�ã�o�\�rJëj�Ôn��Ë�X�& Þò�^â r�Ò�Þ�ãÍÌ Þ�ãÍÜ�î�ïqá�æ9pJýt�u�v�r��ß�! É+\mÜ1i�f�átwqá*s tØáIÖ�% Ë��b&Þ�Ü ì�í�áÕò�ú

��Ë`x ä‘ ��Ë'x�äm× Red Hat Enterprise Linux y�[�"�Ë�o p�Þ�!`X�ãZo�\Jr�z�õ�aÊóJéZêåÓ&ÎÍÏ�ë�{ZÞ| Ë�xZÞÊÓ*ù�òÊú+� Ë�x�äZ×�}�~Ôn�æ+�Jß�j��*Ñ�æ��aÊû �Zr�ë�d�j ã�Ü1��òÍó��æò

^Zâ�r�Ì�ã`d Ü�ã`��l�Ë�ä�á ÕòÍúî��9_�a��ÊÜ��JÖ�òZÖ��æ�� Ë�xäJ×�{�Þ��l�ËÍÌ�Ü1� ï�r��þ�×� ã�Ì�ËqÓAù�]�Õ�r9s�úmáÖ�ö�h�â�æ��Ë�x äZr�s�t�% Ë`�'&&Þ×�X ã�o\�öÊnÐQËØÓ=òÍó�Õù�ì�í ù�]�Õ r�s�ú

�� É�Ò�ÐJÉmn‘

�� É�Ò Ð�É�n#× glibc aÊûr�{ ËÛàArjY��b�JÓ*ùmæ1��ZrJëj�Ôn1��Ë�X'& Þ1��ÑJË��ã�þJü�hâ�ì íbk�lÊÕ òÊú �� É�Ò�ÐJÉ�n�Ü1��í�áIâ�èJó�ëj�ån��Ë�X'& Þ�×Íæ�� 9_JþJæ��gbk1lZÖõj] �� {�ËÛà Ü��9mj�9��r�ùÍæs�tqáIÖ�É�Ò�ÐJÉ�n�Üì í�ò�ó�ë-�Øn1�QË�X'&Þ�×�ò^Jâj��ïáIâji�f�á�w�ò�� Zö�qb� Õò�ú¡9¢ É�ÒZÐmÉ�n�þ-£Ûá&âqn�Þ�d�òåó+¤�¥Íî�rmë��n+��Ë'X�&�ÞZÜ�¦�*��ó�þ�×�æ�§�r�¨Jr�üÍýþJæ lsof {�©mÞ�àÜì�íØá�Õò�úlsof /usr/lib/libwrap.so*

ô�r�{�©�ÞÍàA×�æ�ª�ã�ÓIë�d�j�ã-«�¬�í TCP É��7��Ë�Üì�í�òÍó��Jß�! É�\�ùj�®mîQr��Jß�! É\j��ÍÜ1¯ØáIâ�]�ÕòÍú1°'h�â�æ tcp_wrappers ��QË��Ü&s�t�áIÖj±²mþ�×�æ�ô�lZùÔnIãqÓë'�=��k1l Ö��Jß�! É�\�×�ò�^�âj��ïÔáIâ-�if�áQw�ò�j Zö�qb�ÕòÍú

³ ³ ³3³ ³ ³

. ´ ´ ´µµ µ`¶ ¶¶9· ··7¸¸¸º¹¹¹$»» »�¼ ¼¼j½ ½½ 17

SysV ¾�¿�À�Á‘ SysV ¾`¿'À-Á�Â'ÃÄ¿ÆÅ7Ç�È´�Á9»�É�ÊË�Ì9ÍcÎ�ÏcÐ�Ñ�Ò`Ó�¾9¿�Ô9¿�Ç�È`Õ`Ö+×�Ø�ÙbÚ SysV

¾�¿�À�Á�»-Û�Ü�Ý=Þ�Â�Ã sshd Ã vsftpd Ã xinetd ßbà=á9É'â�ã Ù'Úä�å Ý æ�Ç`È9Õ�Ö+×�Â�Ã+æ9Ê-Þ`Ê-çè�·1é-Ø�ê�ë�ì+á�Ä-¿íÅ-Ý=Þ`Ê9ÐjÉÊ-Ëî'ï9Ü Ñ�Ò�Ý Þ9Ê9ÐæðbÃ�ñ�ò�ó-¿�ô�õjöbò Ç�Õ�÷+¿íøjÝ æcù ú�¼�½ SysV ¾9¿�À+Á�Âû�üºÝ Þ�Ã�ý�Ì�Í�ÙbÐ�þ�ÿ9áÉbâ�ã1Ù'Ú ä Ï�Âj¾¾¾�¿¿ ¿`À ÀÀ1Á ÁÁ�� +¿¿¿��Ø��ß å Ãë�� Ç9È�ì�ÇºÅ�Ø��¿ºÅ+Ü�Ý=Þ�È�Õ��9ì�ÝÞ�Ã ��»�� å � /sbin/service ��ê�ì�ø1õ��Ý+ã�Ù�Ú/sbin/service � service-name � restart�� »jÛ � É9Ð�� service-name ��»��Â�Ã sshd ß�à�»-¾�¿�À�Á��õ Ï�Þ"! Ë�Î�Ê9Ú¾ ¾ ¾�¿ ¿¿bÀÀÀ-Á ÁÁ#��$��"��¿¿¿#�� % Ê�Þ`»'&�(�ÂcÃ Red Hat Enterprise Linux ëÁ`¸�×')+*-,-� ø � ÉÐ1¾�¿�À�Á�.�»9ö'/+´Á�»�0�1�» ³ õ32#4�Ý7Þ"!�Ë`Î-Ê�Ú

xinetd ¾�¿�À�Á‘ xinetd Á�¿�ñ�¿¾9¿�À+Á � 0#1bÎ�Ï�Þ`Ê�Ð1¾9¿�À+Á�Â�Ã-ö$/�¸í¹=Ä-ß�5�Ò9á9É`Ð�Ü�6�»�7�8��

Ý+ã1Ù'Ú xinetd � 0�1'Î1Ï�Þ9Ê9Ð1¾�¿�À�Á�»jÛ�Ü�Ý=ÞÂ�Ã Telnet Ã IMAP Ã POP3 ß'à�á9Ébâ�ãÙ'Úä�å Ý æ¾9¿�À+Á�»½#9��9ì+Á�:�ì�Á�Â�Ã�½�Ý�Ê'·;/=<9ÁºÅ�õ >#?Ù'Ð=@ � xinetd ØÌ�ÍbÎ�ÏÐ-æ�ðcÃöcò1Ç�Õ�÷+¿íøBA9»�5�Ò9Â¼�½bÎ�Ï9æ-C#DbÅ3E��jöjØ�F$GÏbã�ÙbÚ�Ý Ý�Ã xinetd 019»¾9¿�À+Á�õjöbò Ç�Õ�÷�¿ºøQÙ'Ð�Ü�6 � ö$/+¸í¹=Ä�ß�5�Ò�á9É`ï�æ�H�I�Â�Ã J�Ê-Ô�¿�ôLK1ì�ØF'GjÏ'ã1Ù�Úxinetd á�0#1�ÙbÐ=M#��¾9¿�À+Á�»�J�Ê#�`ì+Á-:�ì+Á�õ�û�ü�ÙbÐ � Â�Ã�¾9¿�À+Á�»�ñ�ò�ó-¿�ô�õö�ò�Ç�Õ9÷�¿ÆøÝ�Þ ù N'O'8'�-P�»�Ç�È´�Á�Ù'Q`Þ'õ�û9üíÝ-ã�ÙcÚ�Ç�È´�Á�á�8'� Ý Þ�Ê�Ð�R#S ÙbÐ � Â�Ã ps �+ê�ìbø�õ=T#UºÝ Þ ù�Ã kill ��ê�ì�ø�ã+æ�Â killall �+ê�ì'øtØ�N�O9»¾�¿�À�Á�»'�9ì�Á�:�ì�Á�õ�û�ü�Ý+ã�Ù�ÚÛ"VXW�Ã�´µ�¶�·=¸í¹Y<'Ö�¿�:�» imap ñ�ò�ó�¿�ô�á�·�·7¿Á�Î1Ï�æ�H�I'Ã�ñ�ò�ó�¿`ô�õ-ö'òtÇ�Õ÷�¿ºø-Ý=æ'ù-Ã�ë�� Ç9È�ì�Ç�Å � ��¿ºÅ�Ü�Ý7Þ��»��ê`ì'ø�õ �Z�Ý�ã�Ù�Úps -aux | grep imapä »-�+ê�ìbøtÂÙ#Q9Þ�»`ö$/�¸ ¹=Äjß IMAP ´�ò+ëLK�ì�õ=[ºÝ=Þ-6�ã�Ù�Ú ä Ï ùjÃ \^]1»�´�òë"K1ì�õ ��»��ê�ì'ø�õ ��ÝtÞ�_$`�Ø�6ã�Ù�Úkill -9 � PID �� »jÛ � É9Ð�� PID ��»�� Â�Ã IMAP ´cò+ë"K1ì�»Ç9È-´�Á ID a�b (ps ��ê�ì�ø�»^cdafe»�gfe ) õ �Ï'ã�Ù'ÚÙ�Q�Þ�»9ö#/+¸í¹7Ä-ß IMAP ´�ò�ë"K ì�õ�_'`�Ù�Ð � Â�Ã3��»+��ê`ì�ø1õ3��Ý�ã�Ù'Úkillall imapd

xinetd��% ÊjÞ�»�h#i#j#k9Â�Ã Red Hat Enterprise Linux ·�D�lj÷�ì+Á#,��ø � É`Ð TCP Ö�ò

ñ�¿bÜ xinetd » ³ õ 2�4�Ý=ÞL!=Ë�Î�Ê9Ú

18 m m m 3 m m m . n n n�ooo+pp p$q qqsr rrutttwvvv�xx x�y yy

z4z

.{ { {}|||�~~ ~��|| |��

Linux �#�$�#�#�-��3��d�+�� ¡#�#�-¢L£=¤;¥§¦3¨L©�ª;©=«"¬X'�-®=¯�°$±�¢#¤#²�³"´; �µ�¶�·¸#¹ ¢;¡#�#º#�#�#�-��3��µ-¶�·;�#�-�+�3��w»^��¢X�#��¼f½ �-¾�¤#¿#�X�-À;¥"¦3¨L©�Á�Â3Ã"Ä;ÅÆ+Ç�È^É+Ê�Ë ¬=ÌL©#Á�Â�Í�Î�·#¾#¤#¿#�;��À�Ï-´'Ð��+ ��-· Ñ^¶�Ò Ç�Ó �uÔs�#��-�� É ¥�ÕÖ�× Ç Í$ÂXµ × ªX© «"¬

4.1. ØØ ØfÙÙ ÙÛÚÚ ÚLÜÜ ÜÞÝÝ ÝÞÙÙ Ùàßß ßâáá á�ããã"ää äuåååçææ æçèè è�ÝÝ Ýêéé é�ëëë$ì ììuíí íuîî îðïï ïRed Hat Enterprise Linux ��+ ;¡��¢"£ ¤=��$��u��²3ñ�ò�«�Á ó�ô-·�õ'��ö�²�÷�ø É © «�¬• BIOS ÂXù��uÐú³��$û��+��ü� — ý�þ'� × Ç;ÿ ��'��$µ�±�¢�¤�µ�# ;��¡ É ·�¢�¤ ° ÿ ��$��#�üÔ È ù��üÐB«"Á#·�© Ö ��#¡+��uÔ × É µ� ;¡��-�X��üÔ È ù��üÐ «LÁ�Í�Â��È�� ©�«'¥ ?

• #¡��;�uÔd��+�+��ü� — ±�¢�¤X� ÿ ��'��$¤"Ð #¡$�;�ÞÔd��3��¦ Ç��È «#¥ ?

• �� — ��+¢X¡��º� �µ�!��$¤-Ð ²#" É Å Ç © «�¥�·�$ É Å%�3�!&�'��"² Õ�ÄXÅ Ç© «'¥ ?

• (�) È*� Á�Ï�´$Ð��+ ,+'�*-X¡ — �3��+'��-X¡��+Ï�´$Ð3�;�+ ;¥L¦3�!.�/�²+�ú¡�0'¤ �É Å Ç ©«'¥�·�© Ö ·�1�2!3�4 É Å Ç © «#¥ ?

• #��®=¯�°%5�6�7��8��° — 5�6�7��8��°��9$Á ó�ô"·��!:�;#��5�6�7��<8��°��=�.È «'¥ ?

• ��ü�?>�@�A#B Ö�C�D<E ��° — ��+ ;¡��¢"£ ¤�F È � C�D µ�G�)�«�H � E ��°"·IG�)�«H �XÈ � × Ç E ��°'� ?

4.2. BIOS JJ J�KK KfÙÙÙMLLL�NN N§ÙÙÙPOOORQQ QÞäääÞåååàæææ è è è'ÝÝÝ é é éBIOS ( © Ö �-· BIOS µ�S�T=«LÁ�¶ � ) U�V+ù��uÐ³��$û��#¡��ÞÔXW�Y È ·�¢=¡��º$µZ��$µ� ��#¡ È�� Á=ý#þ$� × Ç�ÿ ��$��-·��3º��[+ùX°�\�]ü�^�²#G�) É Å�ù��uÐ É Ö ª;·#¢�¤ ° ÿ ��$��#�üÔs¥§¦ root ²,_�` É Å�ù��üÐB«LÁ;�-²ZaRb�Í$Â#� È�� ©=«L¬ Ö�c É ·X�#�+��3�ü�Xd�e^Â ÉÅ-·�� ¡#�#�-¢L£=¤Z��W#Õ#«LÁ,f�g$��h�i�'�j$±-¢�¤;��k�l#ó�m'��n�o+µ�pLÄ=Å-·#ÍX��q Ë ×�rs µ�d É Å�a�Y�«"Á$¶��²It�) É ©�«"¬u�vZw ·;±-¢#¤Z�üÐ, ;�üÔ=¢L£s� È G�)�A#BLÁ Ö!x h�i�f�g��W�y�A#B$Å Ç × Ç ó�ô$�-·�Í;��q Ë ×r s ²Za�z#«LÁ#Í�Â ��{ x Å�|�. × Í�Â;µ�� × ¦ × Ç ¥L¶ É B"©,}�~�¬ É ¥ É ·,��$��Ï�´�Ð�� )+µ��!7Z�'�ÞÐ È�� @�A#B'Å Ç × Ç SSH ��² Õ�ÄXÅ Ç Á��)��'� Ó �uÐù�´X ,� PC ²�·�$��uÐ ;�üÔ=¢L£s� È�� l É Ö ó#ôL·,�� 9-¦#�+Á,��+µ�� × �#��3�ü�X��-²,��þ��<9ªX©�«"¬� oL·=ý#þ$�<9�Á,��j D�� È�� Á,� É ¥<' ��#¡ È�� × Ç ó�m+µ'��+ �¡#��-¢L£�¤Z��l�A,B'Å ÇÁ ó�ô"· BIOS j+ù��ÞÐ³��$û�µ��+�s�u��²I��«"ÁI=�.#�+©�Ä Ö � × Ç ¥L¶ É B�©#}�~�¬4.2.1. BIOS � � ��R�� ¡�¢ µ$·�¾�¤�¿��X��ÀX� BIOS ²#W�Y�«"Á=#¡$��uÔµ!£�«"Á 2 Ì'�!¤ × �*¥#²�¦ É © « 1 ¬

1. §©¨#ª,«,¬ BIOS ,®#¯,°#¯�±Z²#³©´IµZ¶�·¹¸#º�»�¼½¬�¾�¿IÀ�¬#ÁZ¨ZÂ�¯*ÃÅÄ�Æ�Ç½È�É�¯*Ê�Ë?¶!Ì�Ç½¬�Ç^ÍÎ,Ï »XÐ�Ñ�¾^¿^À�^È�É#¯<ÊÓÒ�·¹Ô�Õ�¾�¿©À,�È,É,¯�Ê�ËÖ¶ZÌ�Ç×¬�Ç^Í�Ø¹Ù½Ò

20 Ú Ú Ú 4 Ú Ú Ú . Û Û Û�Ü ÜÜ�Ý ÝÝ�ÞÞÞ�ßßß�ÜÜ Ü<à àà�ááá�âââ,ããã�ää ä<åå å�ææ æ©ßßßèççç

1. BIOS é<ê�ë�ì�í�î�ï!ð�ñ�òôó — õ<ö�÷*ø BIOS ù�ú*Ý�ã�Þüû#ý�þ<ÿ�� ç©Þ�� CD-ROM �� Ü��½ò�ó��ø��#ò��<ù��#õ�ö�÷ ��!�Þ�ä�å�Ü�"�Ü$#&% '%û��à�â�()�* Ü,+�Ü�"�Ü-#&��ö-�/. 0��ø21�3*ù2%4�5�26�û87*à�Þ�ß�9�ù�:�; %�< = (?>59*ï�@�A��BC ��D�E � Ü�F�ï�G�H,Ü�ò�ó��?��ø��I��ó��IJ�ù2%IK�7Rû��' �#ò��

2. àZÞ�ß?9�ìI �Ü��,ïZð�ñ�ò%ó — BIOS ì?%?�<ù,�L�, �Ü��M<�=�ã�Þ�ì�N�Þ*Û�Ü$#/O�P�ø?��óQ ì�øIR��,òS�5T?U�ò�óI�2�5V�W�÷�� BIOS øI !Ü��8=!ÜIX�ïYT?U�ò�ó�Z*ù2N�Þ�Û!Ü-#¹ì�ö [ïY\�]�^��ò��

BIOS N�Þ�Û�Ü-#×ì�é�ê�_�`*ù�aI'27��G�â�H�å�Ü�F�ì�b�Ü�c�Ü�ù ��&d %�ó,ý,A��e�ê�ì,f g�ù�aI'7��G�â�H�å�Ü�F�ì�h i<åZú ) ïYj�k�ûM7�l C ^2' �BIOS N�Þ*Û!Ü�#,ï�m��7ôû��?K�ý�þ�ÿS��h,+�ÜIn!Ü$#po�ìLq,r�â�N �ôæ^ã��I�Xò�ó��L� CMOS s$�ß�æ�ï5t��Mu�òS�I�#ø?�L�?�,òS�?�Zì�ý�A��L�Y��vLG�â?H�å�ÜLF��Ü�Þ�ï2=S�ZÝ#ò�ó?��J,ù�û^ý�_øL�,',��û�w2J��,ý C û�� CMOS s$�Iß�æ�ï5u�ò?Z*ù��G�â�H�å�Ü�F��ý��h,+�Ü�n!Ü-#×ì�h i<å!ú) ïYj?k�û87Sl C ^2'��

4.2.1.1. x86 x x x�uuu�ììì,<<<I>>>I�� Yyy y?z zz^ÜÜÜ�999�ùùù!ããã�äää*ååå*ææ æ¹ßß ß ç ç ç^ïïï�{{{�|||�òòò�óóó} ì%ú�Ü<ä*ß�Ý�~�r��?d�%�ó2<L=�(�>29�ï��K�7S� x86 à�Þ�ßI9�ì BIOS ù �� *ò�ó2��!�� ) ìF!Þ�Ý<ï��I|Pû��ò��,v�� Intel® Itanium™ ìSG�âIH�å�ÜSF2� EFI (Extensible Firmware Inter-face) à�� ) ï��èû��#ò��} ì�ú!Ü�ä�ß*Ý�~Ir�ì BIOS ù��#ò�ó�<�= (?>59�ì�N�Þ<Û�Ü-#�O�P<ù�a�'27��b�Ü�c�Ü�ì,f�g,��ïj?kôû87Sl C ^�'��

4.2.2. � � �?�� ?��L�� x��<ù�� Linux !Ü-�8=!Ü X�ï�O�P�ò%ó�N�Þ�Û�Ü$#½ì2� %��I��ï �èû��#ò :

1. à�â�( )?* Ü�+�Ü?"�Ü�#/¡�ì<ú�Ý�ã�Þ�ï�ð�ñ�ò�ó — V?W�÷�ø�à�â�( )?* Ü�+�Ü?"�Ü�#M�� Ü-��ó#þ�ÿ�� root N�Þ<Û�Ü-#�ï�]�¢�^��£*ù�¤MU ¥�ù root

* Ü2+�ÜS��û87 = (,¦�â��#ò��2. GRUB G�â�§�Ü ) ¡�ì�ú�Ý�ã�Þ�ï�ð�ñ�ò%ó — h�à�â�ø GRUB ï26!ì� �Ü-�8=!Ü�X��û87,��òó�þ�ÿ��V�W�÷ � GRUB ¨ � ç F2¦�â�F�Ü�y��Ü�Þ�ïY��èû87�6�ì�é�ê%ï#í�îèû^ý4�� cat G�hâL##ï��K�72©�ª%ï�«�¬�ò%ó��^ø��,�#òL�

3. ã�ä�å�ú,�?%I',,®�!�Ü�ßüçIâ�(�à�Þ�ß�9�ë�ì�ú�ÝZã�Þ�ï�ð�ñ�ò%ó —� å�ú ) �Ü��,à�Þ�ß�9

�IR<ó,þ�ÿS�5V?W�÷��I �Ü$�&¯<ù�ú�Ý�ã�Þ�°�±�Sy�²�¦ ) N�Ü�³��à%á,â�ï�´?µ�ò%ó DOS %�¶ì�,®�!�Ü�ß ç�â�(�à�Þ�ß�9*ï�·,¸�ò�ó,��Iø��Iò��

x86 <�>$��y�z�Ü�9��èù Red Hat Enterprise Linux ��¹�º»^?�Pó� *Ü��,=*Ü�X��-� GRUB �ò4� GRUB ì�¼I½Rù�a�' 7I�� Red Hat Enterprise Linux æ�yL² !<â�Þ�¾L¦»#,ù�R%ó GRUB �Ü�8=�Ü�X!ì�Ú%ïYj?k�û87Sl C ^�' �

4.2.2.1. GRUB ï ï ï OOO�PPP�òòò�óó óYNNN�ÞÞÞ�ÛÛÛZÜÜÜ$###GRUB ��6�ì�é�ê�y�²2¦ ) ù2N�Þ�Û!Ü�# � ç�!�Ý�ß ç8 *ï5¿ À�ò�ó��,�YÁ 4.2.2 ù2Â?Ã�^5�I7I'<óÄ�Å ì 2 Æ<ù�Ç�È û,�Zò4��ôï�|�%-J�ù��S�I��£�N<Þ�Û�ÜÉ#�ï�Ê�A��à�� ) <�=�â2<Ë�Zï�Ì��ò�� root ��û87�= (,¦�â*û87,Í�ì��J�ùZö�[ôû��òL�/sbin/grub-md5-crypt

N%ÞôÛ�Ü�#�ï�]L¢�^��ý»�I� GRUB N%ÞôÛ�Ü�#!ï�öS[ û�7 [ ¨ âLF�Ü ] ï�Î û ��ò��N%ÞôÛ�Ü�#ì MD5 Ï4�Zà�å�ïYÐèû87��ò��Í�ùI� GRUB ì�é�êSyI²�¦ ) /boot/grub/grub.conf ï�Ñ�¬èû��ò��y�²�¦ ) ï�Ì��L#½ä�å�b*â�×ì�b�¦�â�ã*Ý�à%á#â!ù�R�ó timeout |�ì2�<ù�Í�ì,|�ï ¿?Àôû��Iò��

Ò Ò Ò4Ò Ò Ò

. Ó Ó Ó�ÔÔ Ô�Õ ÕÕ5Ö ÖÖ�×××�ÔÔÔ�ØØ Ø�ÙÙÙ Ú ÚÚ5ÛÛÛ�ÜÜÜ�ÝÝÝ�ÞÞ ÞM×× ×$ßß ß 21

password --md5 à password-hash áâ password-hash ã�ä�å�æ /sbin/grub-md5-crypt ç,èLé�ê�ë,ìLíYî�êLïYðLñ 2

ò�ó Ø�Ö?×?ô?õ,ö?÷�ð�ø�ù2æ GRUB ú�ûIÝ�Ô?å�æ�ü�ý�ä [p] í5þ$ÿ��ä GRUB � ÖIÓ�Ô�í�î�ê�� ù2æ� ��ß��Ú�� Ú��5Ô��5Ô�Ö�� Õ5Û�Ö�í ��!4ÿ ��" �$# ïYð�ñ%'&�� õ$(,æ')*�,+�Þ�Ý�ÔLØSÙ5Ú�ç?åLæ*��Ý��-/.,Ô1032'4�ç5�?Û?Ü�Ý��,ç�å �/��6�798 Ô?×»ßYÚ5:Ø�Ö?×?ô��';'<'=�õ/.,Ô10/ðSø*�?å'>�?-ÿ�ïA@�B�ñ')*��ë�CSæ /boot/grub/grub.conf ��D*�*-��E �GF5H�í�I5J�ð�ø�K5L õ'M # ïYðLñÛ�Ü�ÝG�2ç�å ��G6�7�8 Ô�×�ßYÚ�:?Ø�Ö�×�ô�� title N�í�O$ÿP��æG�G��QIä*R5S lock ù ��T NLí�U5Vÿ�ïYð�ñDOS Ø�Ö�×�ô � (2æAW?å ò ��X T ä�Y�ï # ï�ð�ñtitle DOSlock

ZZ Z�[[[\^]�_�`Aa�bAc�d^eAf�g5hji k�d�l�m

password n a /boot/grub/grub.conf o*pPqjr ]As q�tPu*v�w�x^tdzy�{G|~}A�*��^}��z�z�A�� \3}�a �*��m3� ��l GRUB �A��z��q�t��j��o �j�� d � vju �� lock n�� h�\��^dP��3�~g��

�'� �'�?Ô��-Sï�ë�å 6�7�8 Ô�×�ßYÚ5:?Ø�Ö�×�ô� �ä E ��?Ö�Ó�ÔYí�¡5¢�ð�ø�ä2åLæG�G��W�ä lockN�ùA�G��ä��ÖIÓ�Ô3N�í�£/¤��GU'V�ÿ�ï�ð�ñ¥�¦ ��?ÖIÓ�Ô§&ç�¨5©�é ê ëGª5W�å�æ�«�Q��¬��X Tj� YLï # ä �®# ï�ð :

title DOSlockpassword --md5 à password-hash á

4.3. ¯¯ ¯±°° °1²² ²®³³ ³µ´´ ´�¶¶ ¶§·· ·§¸¸ ¸º¹¹¹¼»» »'½½½¿¾¾ ¾� Ö�Ó2Ô1MåLæ Red Hat Enterprise Linux õ�À�Ô�Á�Ô�Â E íAÃ'Ä?ðSøAÅ'L ��Æ'Ç ç�ðSñ')5ê�åLæ�� ÖÓ2Ô1MÛ?ÜLÝ�Þ ×»ß&õ�À�Ô�Á�ÔLæ�Ó2Ô�Õ�Ö�×?ÔLØLÙ5Ú?æ��,È/0 Ó2Ô�Õ*��¨'©�äLù�ÉA��Ê�Ë�ä�Ì'L ç/Mø5) ùYõ�ÍÎ2ç2ð�ñÛ�Ü�Ý�Þ�× ßP�§ÏAÐ ç�æ��Ú�ÖÑ0Ô'-/ÒÓ/:�Ô2ô�å�Ø�Ö�× ô õ�ú§ÈYÛ Ô9Õ�Ö��Õ/��Ö±0 �G-®×LÞ Øô (MD5) ù,Ø�Ù®MÔ5� Ö�Ó2Ô15íAÚ' ?ðSø'X TPÛ'� ÿ�ï5ð�ñ')5ê®(�� Û5� íAÜ�Ý-ÿ �� X T�Þ�ß��5�ë�ÿ�ï�ð�ñMD5 ��ÖIÓ�Ô&õ��Ú�Ö0&ÔG-à�ä2å�á�éYê�ø�â5ã�æ�ä � Data Encryption Standard (DES) å5æ õ�Úç êSï5ðSñ')*��å'æ�å5� Ö�Ó2Ô15í 8 è'é��ê'ë'é�� Ö�Ó2Ô1 ä�ì�í4ÿ ( î'ïð�ñ'ò'ó�� 'ô è'é�å�õ¤*£/¤ �� ) æ�ö5÷ � 56 øÈ�0 8�ù -'��úGû5üLí�ý5þ4ÿ�ïYð�ñØ�Ùÿ�Ô��SÖ4ÓIÔ �õ®��Ú Ö¼0�Ô-§àLä � é�ê»ø�â,ã»æ�ð��9��Ö$Ó�Ô 5å world-readable�/etc/passwd �,D��-�ä��1È�Ø�Ý�ù�ÿ�� é�ê�ï�ð�ñ 6 ��Ô'��Ú��IÖ�Ó�Ôÿ�Õ/Ô9ÈÜLÚ5:�;'<�ä��-ÿ��LØ�Ö?×?ô?õ�;'<SíAõ�¤*�?ð "��§# ï�ðSñ��î'=�õ��À�Ô�Á?Ô�ù�ÿ��'�LØ�Ú��?Õ�Û�Ö��í��$ÿ8ë�â�ã�æ /etc/passwd ��D��*-�í��PH��5��Ø�Ú2ä��5Ô�ÿP��)Yê�ä��5÷?ç� ��2. GRUB !�"$#�%�&('�)�*,+-*/.�0�1,2�35476�859:8�;(<�=�>5?$@�A�BDCFE(GIH�%�<�J/K�L:M md5 N�OQP�A$GR�S <�J�T�U/GQV/<�<$L�WQ;I<�X

22 Y Y Y 4 Y Y Y . Z Z Z�[ [[�\ \\�]]]�^^^�[[ [�_ __F```�aaa�bbb�cc c�dd d�ee e5^^^gfff

]hZ:[ji$\�kFl,cman�o�p�n�k-qmr�s�t�u�v�w�x,y�zm{v�|F}$~��g��u��-��F~�bcmd��:z��-��]�Z�[�iIy��v$��F��]�Z-[�i/\khlQ�[�y��r��umv��z�um�_��iQ[��]hZ:[jiQ�m��]hZ:[ji(�gl�_�d�r /etc/shadow ��-��F~�� ,¡m��w-��¢��£�¤�r¥�¦ -�$u��w��F� root §�[:¨�[�~�|�©�¡��ª�«�ª:¬g�(�®�z:u��w$��~�|F��$£�¤¯�� SSH ° FTP ��±�²F_�a$³��h´Fl�µ,Z�[h\�¶�[F·�]�~p�n��ah /¡:¸�¹º�»,�]Z�[gi$r�\�khl�\F -|h}�x� -�$u��w$��¢�� brute-force( ¼�½�¾¿� ) £¤��À�Á�~-Â�Ã�z��$Ä�ÅmÆ��p�n��a�Ç�t��È�É�ym_-]�^�qm��-��F~�Ê�{$Ë��mv�x-��©-¾�Ì�»$º��Í�Î�r$Ï� ��u��Ð�Ñ�Ò�ÓF��£¤�¯�y��mÆ,Ô¿Ð$��]hZ:[ji�r�Õ�©-¡�Ö�×h~�_-]�^�q�£¤�r-Ø�Ù� ,¾��F~:�m��×�Ì�Ú��z�~��\b]:Û�r$¬Üg 5¡�ÍÎ�r$Ý�u�¾:Þ�~�p�n��r�ßà� /¡á ��}(�®�â�Ð$��$uF�ã�ä °��å�³F~��æ:ç�y��¿x$�g�-��u��§�[:¨�[�y��]hZ�[ji$\�kFl,cFan�£�¤F~�èg ,¡��:��éa�µ�r$ê�vw�x,yzF{v�ë�ìíáÐ5î�ï��w�x��$ð�ñ�:��]�Z-[gi�r�ò�óuFvw�x�z�u��

4.3.1. ô ô ômõõõFöööh÷÷÷møøøáùù ù�úúúüûûû�ýýý�þþþFÿÿ ÿ�� ñ��]�Z�[gi$r$òóuFv��h��|�}/��ái$k-��a�~��¿}:x�|��:z� �-}-�

��h|h}/�Fw�x�r$t��:z�Æ��:�‘

• ��-¾��Ä��Ú�r�Õ�� — ��]hZ:[ji,~�Ä��Ú��-¾��Ú�r�Õ�� /��|h}~m /¡�Æ��F|h}/��z�um�• 8675309

• juan

• hackme

• ��ºg�Q°�uF��Õ�� — ñ� �!��#"�ÊF~��v�|F},��-^�$�·#%�&�°�'�(h~�)�¡*v�|F},��+�,��á±$�.-hÚ:¡�Æ��/��w$��»$�.0�1h~-Ä��r�2hÚ:¾��Ú:��Ð��Ð/Õ��g 5��:zÆ��:��F|h}/��z�um�• john1

• DS-9

• mentat123

• 3�4��r�Õ�� — ��]hZ:[ji$\�kFl,cman�o�p�n�k-q�m�$Ä�Å��.+��"ÊF~�5��¾��e,]jµQz�6�7hl�\F -��um� � ñ��]�Z�[�i-x� /¡.3�4�h~�8�©�¡�Ð:9�;�y��=<Óh��F|h}/��z�um�• cheguevara

• bienvenido1

• 1dumbKopf

• ��l��[��ár�Õ ��F� — ��]FZ�[ i$~��l��[�� —l337 (LEET) x�Ð#>�?�áv — r�Õ@ v�º�»�A e�[ µB��x=C @ v��»�hÐ�}/ì�D�C @ ��Eg ,¡�ª�¡áÆ��F��h��ÅáÆ��ì�Gh~� LEET y5��$��¡��$u��F|h}/��z�um�

H H H4H H H

. I I IKJJ J�L LL#M MM�NNN�JJJ�OO O�PPP�Q QQ#RRR�SSS�TTT�UU UVNN NXWW W 23

• H4X0R

• 1337

• Y�Z�[ \^]�_�`�a�b — Y�Z�c�[�\�d�e�f�_�`�a�b�g^h�ikj�b�lKm�n�o p�q�J�r J�c�s�tu]vkwKx b y#z�{k|�}�M I�J�~=]#��Fy�c�d��a��K�.a^��=�Fl�}�M�I�J�~=]#��Fy��y=�F��[�\F�.�.��]=��Ke�� K��/l� c��:a��d��g�/l• q�Jr�J�c��• �X �¡¢c��• £�¤�c.��• ¥�¦^§• q�Jr�J�c�¨�©�ª�«�¬��®ª�«

• `�¯X�V¬��b��°k]#±kj�k� x _�`�a b — ²�³�a�}�M I.J´~Vµ/¶� �·�J�d�¸ �Ke�¹�º�a��°]#±kj�k� x�» �#��¯k¼.|=½�b��c�}�M I�J´~�]=±Fj.�k� xF¾:¿�À a�}�M�I�J�~:�d�a^��=ÁÂ l� c��:a��d��g�/l• R0X4H

• nauj

• 9-DS

• }�M�I.J´~#]#Ã�Ä��a b — Å�auÆK�.}�M�I.J´~#]#Ç�b x�È ¯�a�b ��#�k� x h�i/j.b l#Ã�É� x�È h:Ê�p.Ë w �:Ì�Í�g�/l

• �� x c�Î/O�Q��ÏuÐ:}�M�I.J´~#]�_�`�a�b — Ñ�Ò�Ó�Ò�c�Î/O�Q�Ô �K��Õ�a/y�}�M I.J´~=]��ky�� =p�Ö�×�g�Fl��c�Ê�Ø�ik�.|�Ùu�BÚ�c�O�M�N�Û�pÜ�ÝX� xk¾ |=Þ�c�Î/O�Q#p�^ß��d��aà�á��.aâ��Á Â l

� c��.]=ã�a w�x h�i�jKb‘

• }^M´I�Jä~.dFåæhk� ¾ 8 çuèâc/éêj/� �ëy — }âM�I/Jì~.pké´��Ò^í/é´b�îïÆ ¿^À g�ul MD5 } M�IJð~�]#_X�Bz�{�d/| 15 ç�è��ñ��k� x h=i/jb l DES }�M�I.J´~Vcz�{�d�òó é��F�K�=� (8 ç�è ) l

•ó ç�èX��ô�ç�èu]�õ » {�`�Áky — Red Hat Enterprise Linux d ó ç�èX��ô�ç�è^]�ö.÷��kyKcg�|#}�M I�JX~øcù�úF]�û�ü/y=ýü � ó ç�èu�Bô�ç�è�]�õ » {�`.Á x _�b��/l

• ç�èâ��þ�èk]#õ » {�`ÁFy — }�M�I.J´~��þ�è/]=ÿ�ÒFy��|��Kÿ�ÒFy � ( ��F��ý�d� g�d�akh ) |#}�M I�J�~øc�ù�ú�p��â��/l• �þ�è��c�ç�è/]=ÿ�ÒFy — & | $ |��#auÆ=c��ç�è�p�}�M I�J�~øc.ù�úF] ó�� KñFj=Á�� (DES }�M I�J�~=]�_��Fy�z�{�d�� ) l

• É�� ¼�Òky�}�M�I.J´~#]�� — Æ Â a � ¿�À a�}�M�I.J´~Vg�� wKxk¾ É��¼�Ò�a �KÒ�í� ��!�" �=Á Â l$#�°�¬�É%��¬�� b'&�(��.M ]=_ w#x }�M�IKJ�~�]�)Ò�a�b�� /��/l

24 * * * 4 * * * . + + +-, ,,/. ..-000�111�,, ,�2 224333$555�666�77 7�88 8/99 9:111<;;;

=�>@?BA�C/D�E�F , F�G�H�IKJBDML�N4O�P�E�Q 0/+�,SR G�T/U�V�O�WYX�Z�J[V�\]?:^/_�V�Q 0Y+�,SRG�=�>@?�E�`�a�A�C/D�Z�bKX�W4X:c�d�A�e-E�f�g@J�O�=/h�EMWYX�Z�iMj�k�A%l�m�=�nML�o%j�p�AYO�^_�V�Q 0�+�,KR G�q�d�A%e�=/hB\�nYr�eBs�t%GBu<J-k�A4l

4.3.1.1. ^ ^ ^�__ _�V VV�Q QQ 0 0 0/+++',, ,@RRR E E E�ccc�ddd�vvv�www^/_�V�Q 0Y+�,SR G�c�d�A�e'E�Z�T/U�>�e�x�y/f�z4Z�W4{}|/~��'�]{-k�A�l-V��n%�B��V�x�y/E��h:��\��n�A%l�P%j-��L

•o%j�p�AYO'�Y�%J-G�TYO/k�A4l�PMj��YL"over the river and through the woods, to grandmother’s house we go. ( �� G��S{'L��@��E��YG�� L-��/��E��[��

)"

• � Z/L$��YZ'�� @J'k�A ( ¡�¢/£ G$¤�>4e )l

otrattw,tghwg.•�4�%E/¥4¦KG�|4¦Yp 245/§ F]Z�¨Kr� Kj�D�©4ª�ZKJ�k�AKl�PKj��@L 7 G t E�«MU¬{�Z�¨<r� KjD4L @ G a E�«�U@{$Z-¨%r� %j�k�AMlo7r@77w,7ghwg.

• ?-Z-©�ªYZ'A%e�®�¯YZ/L�°��h�� 1¥�¦%G$±�¥�¦�Z'�4j�k$AML$P%j�� H V�²'l

o7r@77w,7gHwg.• ³�´ Z�L�µ�¶YZ'·�¸<J[®�Q 0�+�,<R E�PMG�m�E4k�k�T�U�V�O�n%�[� O�l^/_�V�Q 0Y+�,SR G�c�d�A�e�=�h�f�¹ � ?[>/V�O�=�h�n�A/\ML�m�E�Q 0Y+�,KR G�º�»4Z�¼�½�A�e�=�h�B¾�¿/n�A�l�±�À�Á/E�Â�Ã4Z�� e 2'0�1�Ä ¼�½�Å4ZMh�Æ'D�f�Ç4Z�¾�¿4Z�V@{'k�AMl � E 64.�2%3�5n�fYL�Â�ÃYZ��O�D�È ,�É�, E�Q 0/+�,@R G�c�d /

¼�½�A%e�®�¯�E�Ê�Ë�Z'�/O�D�Ì�Í�J[D��4r�k$AMl

4.3.2. Î Î ÎYÏÏÏ@ÐÐÐ�ÑÑÑ�ÒÒÒ%ÓÓ Ó/ÔÔÔ%ÓÓÓ4ÑÑÑYÕÕÕMÖÖ Ö�×××�ÓÓÓÙØØØ�ÚÚ Ú�Û ÛÛ4ÜÜÜ4ÝÝ Ý<ÞÞÞÂ�Ã4ß�Z��V<{[E�|/E�È ,�É/, \�O�e�à�b%L 2'0�1�Ä ¼�½�Å4Z4h�Æ'D�á/_�V�Q 0Y+',SR G�T�â �ã e®�¯�E2��E�`�ä�å�æ 2M3�5 \/��{�k�A%l�¼�½�Å�\�È ,�É�, E�Q 0�+',KR G�c�d�A%e�L�k-®�f�È ,�É�,ZMçBè/E�Q 0Y+�,SR G�c�d �ã L��x/n�m�E�Q 0/+�,SR \�é�êYZ�b�Æ-®]��E/Z�VMÆ�D�O�e-��ë�ì<J�kA%l

È ,�É/, E�«/U<{�Z�Q 0Y+�,SR G�c�d�A�e/hBë�Ê�Z�Q 0�+�,SR G�^/_�V]��E/Z�nMr�k�A/\4L�Â�Ã�\�±r��VMe�Z��>�í�¸/V�c�Ã@h�VMÆ'DMr�k�A%l�k'®YL�È ,�É/, \/m�E�Q 0Y+�,KR G�²�='��Z'î�r�ï�¯/DJ'k�X}ð�ñ��[ò@J'k�A%l=�>@?�E�½4ó��]?�L 2'0�1�Ä ¼�½�Å/f�È ,�É/, ZYçBè/E�Q 0Y+�,SR G�c�d �ã e�xMG�ô/õ4k�A/\4L�ö÷ ��Z�Q 0Y+�,SR \�^/_�n��e'��ë�ìKJ�L�à�b4Z�W�Æ'D�fML��ø�ù/��ú�ûKJ[®�Q 0/+�,SR f�Q 0�+�,Rýü�,4þ�5�ÿ n�ø�ù��/Z'�� $ã e�WYXBZMJ'kBA%l

4.3.2.1. ^ ^ ^�__ _�V VV�Q QQ 0 0 0/+++',, ,@RRR G G G$ccc�ddd $ããã e e e�� ]?�� +�,4. G� �e'®�¯4Z�f4L 2'0�1�Ä ¼�½�Å/f�\�Â�ÃYß�n�T�â >�D�O�e�Q 0Y+�,SR\�^/_�n��e�=�h�G�ë�ì�A%e/h�W�O�n]J��X'l�È ,�É�, \�Q 0�+�,KR G�c�d /��A%e�WYX��¯]?[>�®h�r�L�� 5�R��5�� æ 9��,42�3$5 E passwd G�T<X�=�hB\�n4r�k�A�l�=�>/f4L PAM (Pluggable

Authentication Manager)ì��nY�Ye�®�¯]L

pam_cracklib.soPAM �%þ/8�, F]G-T�Æ�D�Q 04+�, R\ .�� .Y >�p/A%O��L�k�®/f��/A��V4O��G-ë�ì J�k-A�l PAMf! 0#" � �%$ \�&!'4n4�4e®�¯<L

pam_passwdqc ( http://www.openwall.com/passwdqc/n�¤Ys�&�'

)VK²'E�Q 0�+�,¬R)( b�*+-, � , G ?�Z�.0/SJ�® {�L21 J�O �]þ�8�, F�G�îK��=Mh��3&�'Yn�A�l PAM �]þ/8�, FYE��4 Z��MO�D�f%L

http://www.kernel.org/pub/linux/libs/pam/modules.htmlG�5 4 �-� OYl PAM

Z��O�D�E%6!7�f%LRed Hat Enterprise Linux 9�809;:�5�0�<��@R Z��e PAM(Pluggable Authentication

Modules)E * G3=%>@J[D��$� O/l

? ? ?4? ? ?

. @ @ @�AA A!B BB�C CC;DDD;AAA�EE E0FFFHG GG�III;JJJ�KKK�LL L�DD DNMM M 25

O!PRQ�S2T C@�AVUXW%Y!Z�[�\�]�^�_�`-a2bdce�B�f S�g�hdi W T C@�AjUk\�l Qkm�T C0@;AjU�Bn eHJG%o2p�q!o n�rs�t ]�u#a�W-v�w�x�W;y�z�{ S�|�}�T C�@�ARU s�~�� u#a�_��{�f%^ }�� v�\�%� Q)m#�kP0�2}!�Red Hat Enterprise Linux ��!{;��Y�u#a T C�@�ARU3B n eHJG%o2p�q!o n�r f;�!� ��-��u!� S��;�#� A�DjM3G%o�E�C�D r vH�0\2�%� � ` m�} a!�3W�f �-��3�!��3� �0\��!�%^ T C�@�AUkB n e)J0G;o�p!q�o n�r W }��X�� sH¡;¢ ^2��£!\ Q�m�¤�Q�� u �

¥¥ ¥k¦¦¦§©¨;ª©«�¬®H¨3«�¯)°X±%² Red Hat Enterprise Linux ³X´XµH¶�· ¨�¸�¬3¹»º�¼2½X¾)«)¿�À�Á Red Hat, Inc. Á«�ÂkÃ)°�Ä ´�Å�Æ ¹»º3¼�½

• John The Ripper — Ç�È�{%É�Ê�^ T C�@�AjU3B n eHJG�o2p�q!o n�r {;u ��Ë �!W ¢�Ì LHCRÍ�WÎ�Ï �;Ð�Ñ!{ S brutee-force( Ò#Ó ON� )T C�@�AÔUkB n e)J0G%o�W�Õ;Ñ s�Öd× m!}�� u �� G n�Ø G

W http://www.openwall.com/john/ {�Ù%Ú%Ð%Ñ�{�u �• Crack — ÛjÜ ��S2Ý ��Þ ��ß Ü3` m0} a T Cd@;AàU�B n e3J-G�o�á�âãÍ�ä0c%å�{�u � Crack �ÇVÈà{Ruà� S John The Ripper æèçã\ Î }�é Úêf ¡V¢ {Vf �ë�ã�d�ê�ì�-� G nNØ GW http://www.crypticide.com/users/alecm/ {�í�£ �kP0�2}!�

• Slurpie — Slurpie f John The Ripper î Crack \�ï m#}d� ud� S2Ë �W-ð�G�ñ�K;A-ò�ó0{w[Ô\�Yã�-uêaãÞRô%õdö Ø G � ` m�}Ô� u � �-÷ � ` mÔ} a T CN@0AøU�B n e�JjG#o!ù#ús Y-Z Q�� u � �ã÷ � ` mN} a�� Wù-ú�I-JjKRL�DûM3ü#ýjþ0Adÿ v-v#��\ � G nØ GW http://www.ussrback.com/distributed.htm \ �#�� u �

�� Á��° �� ³�� Á�� "!®¸�#%$ · ¬3½

4.3.2.2.T T T C C C�@ @@�A AANUUU%&&&�AAA('''�GGG�oooT C�@�ARU)&!A*'�G%o2fE�C�D r,+.-./ � Î�Ï ua�0�W�1.2!{ S�g�h�i W,3 4�{�f;^ }�T C�@�AÔU

Ü"5a O�6 \ Î;Ï Q�� u �3T C�@�AÔU%&�A('%G�o!vHf S�798�Q�O [,: ( ; <�f 90 =�: )s�>*? a!v S�@ A

ö!A��,A Q�}�T C�@�ARU�W;Y�Z sCB 6 ÜH`da��3W;{;u ��D.E \ � a -9F f S�@ A;ö�A�\ 89G ��\ T C@�ARU�W,H.I sCJ.K u#a�v S B n e�B � ` O%T C!@�ARU®f,L�Ù / \v�M m.N ÜH` O [.: i { QH �O \P O ^ } v } ô � v�{%u ��O�PNQ�S�T C0@�AjUQ&�AR'�G�o�W.S 8 ��^.TNv Qkm f S�@ A%ö�A!� T C@2ANU s ç �� \�URV�W 6%mãQ�� ô®Ð%Ñ�X�� a!v } ô � vH{�u �Red Hat Enterprise Linux ��!{ T C�@�ARU)&!A*'�G%o2W,Y 8 \ Î _;` m�} aCZ.[!^�p�q!o nr \2f S chage ð�\0GU�v2o n âdM)]�ÿ�^ @ @ @ A A A�ööö�AA A�\\\(^^^�AAA_'''�``` (system-config-users) å2pãL�a2AEdFkG�W 2

� � �#�� u �chage ð�\G#U�W -M � pE#F3G�f S�T C�@�AÔU)b%y G :%W Ý.c =H� s Y 8NQ2� u �Cd ×Ce S�@ A�ö�AW T C�@2AÔU®W�b%y G :%� 90 =k{�f�`da;Þ!ô3\ 798 uda2\2f S�g W�ð�\�GdU s Ù9h Q�� u �

chage -M 90 i username jó.k!Wð�\G#U�{ Sml username n2\�f S�@ A�ö!A;W�o.p s Ù%` � u ��T C�@�AÔU)b%y G :%W;Õ%Ñ sq y�\�uda�\�f S�r9s ; �3S 99999 W�t s -M W E \ Î }!� u ( æ9u 273 v9w � Wmb%y G N \�^�a )

�

26 x x x 4 x x x . y y y�z zz|{ {{�}}},~~~,zz z(� ��C��,�� (�� |�� ~~~��

� �.� �Q�,�|�� zzz,�� zzz9��_��mzzz��,��C��z_�R��.��9�� ¡ }(ymz£¢%¤ z��.� ��¥ ��z��¦.§|¨*©.ªC« ¬.�® ��¯��z*� �C��°.�|{m�.} « ± °�²*³�´´´(µµµ(�� C´ ´´ ¶¶¶_�� zzz|···|¸ ¸¸9�� ( ¡��.¹ ) => � � �} } }9~ ~~9ººº�»» »,¼ ¼¼ => � � � zz z�� zzz ½½½ � � � � � �.z zz9�� ½�¾|¿.À*³.�9ÁC�|�|Â(��£Ã ¨ system-config-users Ä��*�¢C�CÅ|Æ¯� ªC« ( ÇR³ XTerm È GNOME ¸�z¯É�Ê,�|�RË ¨ )

¬ � � �|zzz�� zzz�¸�Ì|��{��9Í�{��³�� z�� z�ÎÏ ÀÑÐ��|z,�|z��Ò9Ó ª�«*¬ ·|¸9��´.¶(��z9À Ð��|ÂÂÂ�¡¡¡.~~~£��,{��9ÍC{�� ª�« (ª�Ô ²_³��(Õ,Ö|��´

¶(�Cz9À Ð � � � ×× × µ µ µC� �� => � � �.Â ÂÂ�¡¡¡9~~~�� ½"Ò9Ø )¬

Ù °_³C¡¡ ¡ }}}_yyy�zzz£¢¢¢QÚÚÚ.ÛÛÛ ¸�Ì(�.{*�.Í�{*��*³CÜ 4-1¨,Ý « Þ�ß °(³�¡ }_y�z£¢ ®,à.á¯â�ã �CÅ|Æ¯� ª«R¬

Ü Ü Ü 4-1. ¡ ¡ ¡,} }} y yy�zzz�¢¢¢%ÚÚ Ú�Û ÛÛ ® ® ® ¸ ¸ ¸mÌÌÌ�ää ä�åå å��z|�*z�½ � ��z|� ® »(¼R°�æ ç9� ®.è|é ² ( ²�ê�ë_� ® ¡(}Ry,zì¢m�mí|î_ï*° ¦(§�ð�ñ¯±�ò(ó �Ë ) ³ Red Hat Enterprise Linux ��}.~.º,ô.õ|ö(µ¯¢�°9÷ ± �|z�� zÑ½ � �|z9� ® »9¼ ® xR��ø ù��"�ú�û*ð ç ¬ �|z,�|zÑ½|�mü�z.},ô.õ ®,ý.þ °mæ�ç��.²*³ Red Hat Enterprise Linux ��}.~.º,ô.õ.Å|ÿö|µÑ¢"°9÷ ± �.z�� z|��.Ö|�*Ã�½.��ü�z,}|�9{��,}��ô9õ «*±C® x*��ø.ùÑ�"� ú�û(ð ç ¬

4.4. �� |® �*�.�.�Cô.õ « ±� ²*³ root �|z,�|zÑ½|��(÷ ± ç�² sudo È su �ÑË ® setuid �(Â � � º.ÀÑÐà9á � root �� ¯�"��³�ç ú æ À ® ¸�}({9�� «R±��,þ�� ÷�� ª�«*¬ setuid � Â �.� º�²�³��.z�|z � �(Â � � º*�� ¦9« ±C®9¨ ²9� ú ³��(Â � � º ®�� z.Ê9z ® � z,� z ID (UID)

¨��.¦.« ± �(Â� � º ¨,« ¬.�®*Þ�ß �.�(Â � � º.²*³ Ù ® Ç ®_Þ�ß °|³��ç�Î Ï�� |®�� z.Ê.z,��{ �R�C��°!�"# ®s�%$9ÝRð�& � ç ª�« :

-rwsr-xr-x 1 root root 47324 May 1 08:09 /bin/su

��À£��³'�( ® ��} ~ º.ô|õ�)(²R³*'+( ® �(z9�_z_°%,£�.-�Ð ® �R�|�*/�Ë ®�ú Ðmç ® ô õR�({��}R�*0 Ô.ñÑ± ÀR�*1.ë_� ú � ².�� ª�ñ32*¬ pam_console.so ½�4�5 & ± PAM 6*� ��z,� ¨ ³�7�8� È£��º|z�9�Ìm�|´�: �"� ® �(Ö(� Ã �ÑË�;3<.² root �(z,�|z�=.� ® ç ú æ|À ®,¦�>3��? õ|ï.�*Ä.�ümz9� ¨ Â � µ(�*� Ô�@�A|® �|z,�|z(°CB�D ð�& ªC« (pam_console.so 6R�.��z,��°mæ�ç�� ®,è.é²�³ Red Hat Enterprise Linux � �|×%E �C}9ö|µ�¢"°,÷ ± PAM (Pluggable Authentication Modules)

®x �Cø ù )

¬�Ô.û �m³,��Í Ã�y�z_{ ® »,¼�F�GR³�H��ç��|Ö�} ® ».¼*³,��Í|Ã�ymz({:�9(µ�} ® �|Ö|�

I I I4I I I

. J J JKK K3L LL�M MM�NNN�KKKPOO ORQQQ�S SS�TTT�UUUPVVVPWW WXNN N�YY Y 27

ZX[]\�^�_3^�`�a3[�b�c�d MRLCe b�cRf LT�M�g [ihkj.l�m3nRo�p�q�rksut%^�v�wkx OM�N�y b�c�zeP{P| Z JCKPL�} û~ Ku��K�g \�^+��h�f L�T�MP��R� ��k�� a g n��Poup � s

4.4.1. root � � �R��R��u�� P��R��i� û~ Ku��K�gu�� nPo�� S��V*K d� �¡�^%¢�£�[u¤u¥�¦��¨§X[��%x rootf LT�M û©�ª ��k��*^ eu« ��[3hC��¬�X�+p�q�rRs root

f LT�MR� ©�ª � ��j*h+®�¯3j e x�°�±i² M ^%³�´%µ {R| Z JKL ² S d Kk¶�·K�M ^�¸ � []\ � ~ K��3Ku¹ ¤3n%m3[�®¯ij g nko��*º�»�x OM�N�y b�c�z eR{R| ZJCKiLT�URVPW�N¼Y µ�_�^C`�a�[�½%¾�^C¿�cPÀÁ�Â ��Ã ��¯�j g nPo�p � sÄ�Å x root

f LCT�Mk��¹�Æ ^�~ K��3K À �+� �3j�Ç�^kÈP®�[�½u¾3ûÉ3Ê�j�[R��ª�Ë�Ì giÍ §p � ( Ä�ÎûÏ):

• ÐRO�S ûÑ�¸ � — rootf LT�MR��Ò�Ó ~ Ku��K�g�Ô.Õ ^ ÐRO�S û¸ �+� Ñ�§*x�ÖP× g ��aiÀ%[RØ*º§*x « � � �3j. ]�.ÙPÀ T�UiVPW�N�YÛÚ%K%Ük��Ý Ø*�]p3®¯�j g3Í §�p � s

• Þ�ß n e [3hà KPá*MR� l�m � � — rootf LT�MR��Ò�Ó ~ Ku��K�g�Ô.Õ ^ ÐPO�S�} n Þ�ß n e [3hà KkáM x FTP

µTelnet

[]\ � l�m��p%h3x {k| Z JCKPL�} nu~ Ku��K�â µ�ã MiJCK�ä��å �¨pi®Xª�Ë�Ì g�Í �*^�nRxu¯��]� ��æ�ç À�è3� ��é�ê À[�§�p � s• root

n�ë�ìií K�Ü ^�î�ï ¶Pð ² Ü�� l�m � � — ñ �Pn �ig x LinuxÀ%ò�ó �Cô ÈCõ � ë�ìií K�Üö Y÷Ü3M�g�ø�ù Cp � sº�ú�Cx�¯��ö Y÷Ü3M�g�æ3ç [�^ e x root~ K��3K n�l�m��º]juo^�ûn � s

4.4.2. root � � �R��R��üü üiýýýR��¯k®��º�ckþ%µ�ÿ��3�]�ux�~ K��3K À rootji��^��² S ©�ª �� ¯ij g��Þ À�� x

rootã MPJ%K¼äXe�� j�Cx�� S��Ü 1

µ O�S � Ü ~ Ku��K��K¼ä�� ^�f LCT�M�e��uK Z�� K��ã M3JCK�ä�� ( �� e"! 4.2.2 ��#�$ )n�%"&�.��úPè%h3s

'4-1n e x�b�c�z g root

��u² S��)( liÀ*%& � � Å�+ �), p � :

Å Å Å�+++ - - -�. .. / / / w w w 0 0 0�111�222root O�·Ü+�)3�4� ��s

/etc/passwd ¶3ð ² Ük�5�6 .�Px O�·�Ü� /bin/bash ��/sbin/nologin

À 3�4p � s

root O�·�Ü�� ^3f LT�MR�7�8 x�9�m �):�; p � sÇ�^�<�� y�g rootf=ö S Z � ^3f LT�MR� 7�8�.�+p � s> login> gdm> kdm> xdm> su> ssh> scp> sftp

O�·�Ü+� ��a]j�.[3h<�� y x FTP L �C²�f S Zµ�í KuÜkL �C²�f S Z�x�?��^setuid

<�� y s@�A ^�<�� y�e rootf

=�ö S Z � ^�f LT�MR� 78 �.�+p�q�rPs> sudo> FTP L �%²�f S Z> Email L �%²�f S Z

28 B B B 4 B B B . C C CED DD�F FFEGGG�HHH�DD D�I IIKJJJ�LLL�MMM�NN N�OO O�PP PQHHHSRRR

T T T�UUU V V V�W WW X X X�YY Y Z Z Z�[[[�\\\]�^�_�`a L�bEDc�d�e�fG (tty) gh`

root iFjM�GKkl�m�n�op ]rq�s

t�`/etc/securetty u�vfjc�w a L�x�OEDKy pjz�{|�_�}�q�]�^�_�` d"e�f G~ `root �� f L�k)��]rs

a L�b�D c �E� w��K��C*D�FEg h�` root i��L�� ` i�FjM�GKk��K�]rs)��`�� E�w

root i��L �� ` i�FM�GKk�� h�� ]rs� login� gdm� kdm� xdm� tty kE�r�� ` �K�� C*DF��DK�EG

root � |�_ �� f L |��}� ��E� s ��|E�setuid �� `�� "�

��g h� �¡ y�G�F�k)¢�£ ]q�¤�`Ks��`�� E� w root i��L �� ` i�FjM�GKk�� h�� )¥�¦ s� su� sudo� ssh� scp� sftp

root`

SSH �� f L�kl�m�n�op ]rq�s

/etc/ssh/sshd_config u�vfjc k)§�¨ |_K�PermitRootLogin ©

� � DKy�k no pEª�« | �]rs

OpenSSH ¬*D c M �� gh�`root i�FjM�GKk)��K�]rs)��`�� E�w

root i��L �� ` i�FM�GKk�� h�� ]rs� ssh� scp� sftp

� wOpenSSH ¬D c M �� `root i�FEM�G `�® k

��K� ]rs

PAM klr¯E_��DK�EG� `

root iFjM�GKk°�±"]q�s

/etc/pam.d/d R�²�F �

P ~´³�µ ` ��DK�EG ` u�vfjc k)§�¨ | �]rspam_listfile.so ¶·�¸ k)¹�º»� ]rqE` k)¼ ·| � ]rs a

PAM·�½ ~�¾ q ��

C*D�F)��DK�EG"¿ ` root iFjM�G�k)��K� ]Às��` ��DK�EG w root i��L �Á� ` i�FjM�GKk)��h�� ]rs� FTP F�� f i�L �� Email F�� f i�L �� login� gdm� kdm� xdm� ssh� scp� sftp� PAM

·�½ ��DK�EG w ]�^_

PAM·�½ ~�w ��}� ��

�´��DK��G

Â�Ã:

a. Ä�Å w �)Æ 4.4.2.4 k�Ç�È |�_ �É��Ê }�sË Ë Ë4-1. root i i i�F FF�M MM�GGG�kkk l l l"m mm�n nn"ooo p p p ] ] ]Kq qqÉTTT�UUU

4.4.2.1. root I I I�ÌÌÌ c c c k k k l l l"m mm�nnn"ooo p p p ] ] ]Kqq qÍ DÎ�D�¶"Ï z root � |�_ �� f L |��}�Ð�Ñ p ]rq �"Ò p � I�G�H�� ¡�Ó w root i��L � ` I�Ìc k /etc/passwd u�v fjc�~ /sbin/nologin pjª�« ~KÔ � ]Às � p ÐKÕE� su a�Ö LÀ×�� ssh a)ÖLr× �´Ø� I�Ì c k)¹�º»� ]rq a�Ö Lr×�g h root i��L �Ù� ` i�F�M�G�¶*�� hQ� � ]Ks

ÚÚ ÚÉÛÛÛÜÉÝÁÞjßÉà)áãâ�äÉå"æèç Û�é)êEë�ìEí)î�ïñðòèóÉôEõ�ö Þá ïÉ÷ àEø"ùûú

sudo üñý ø�þ ê�ÿ�� root à��Eø

� � �4� � �

. � � �� 29

�! #"�$&%#'�(�)+*�,.-

4.4.2.2. root / / /1000.2223�� 54 44�6 66�77798885:::�;; ;�<< <>===root ?�@�A��CBEDGFG? ��1�>4�H�;�I J�<K=5;5L>M /etc/securetty N�O�2.PQ4�R1SUT�V>W1�1X�PGY root /G092�� 4�Z3[>;.<C=3\G]_^3Y>`1a�<Kb3\�F>N�O�2.P L>M root cG9d 1^�/ 0�2��<C=�e1fF�g�=�h3i�2��<1j V>4�k3l9m1nUT�VGoGa�<Kb1NGO�2�P ^>a1p�qQr�s1tUT�uGo�v1w L>M root cG�d Lx��3� y9zGF�gx{_|>=�}1~�h9i�25�1�C{5M1W1�1X��P � raw �x�GB_.��2��1��>N1��1��5Y/ 0�2G��Y>`1a�<Kb1\�� L�c �d 1^ root ] T�VQ�� F1�>�1�5; Telnet Y>`1=�q��1� �1YGgQ��M9�>�B_5>��zGYC�+�GF9�G��.��4��3� Y��1~�T�V�T.a5oGa�<Cb�h>N��P�B�Y3L>M Red Hat EnterpriseLinux F /etc/securetty N�O�2.P�LxM��x�3�9;.�3�G��;5�3�Q��GV�o�=3W3�1X�1PGY3F�/ 092��L root c �d 1F1�G;�e1fUT�VGoGa�<Kb root ^G/ 0�2G��T�uGoG �¡�;�<K=5;5L>M�¢1£ F>W��>�K��4�¤¥ T�V�\�F�N O�2�P3F ¦�§�4_¨1©QT�a_< :

echo > /etc/securetty

ªª ª�«««¬.&®

/etc/securetty ¯�°�±&²�³.´�µ+¶ *E(�·_¸+¹�º ²�»_¼+½+¾�¿�À#Á�´ OpenSSH Â º ² %3Ã��Ä�Å ÆÈÇÉ ½�Ê ® root Ë º#Ì�º�Í+Î ± ¸ ³�Ï.Ð *ÒÑ_Ó�-

4.4.2.3. rootSSH / / /1000.22 21� ��54 44+666�777988 8.: :: ;;;�<<<>===SSH ÔÕ/ÖB×WØPÙ�Ú{×F root /Ù0Û2Ü�Û4ÞÝàßá;âLãM SSH häæåç�áFâèæéàNÜOØ2P (/etc/ssh/sshd_config) 4_R9S�T�a_<xb�ê3F� ¡_;�m9n��_�1V3o3=+ë>4+ì9HCT�a+< :

# PermitRootLogin yes

ê3F� �¡_;�ì9H�T�a_<xb

PermitRootLogin no

4.4.2.4. PAM 4 4 4+666�¡¡ ¡ root 4 4 4�6 6657 7798885:::G;; ;�< <<�===PAM LKM /lib/security/pam_listfile.so åxí1��PQ4�}UT+V>M�î1é�?�@GA��KB�4�ï1ð3<K=�F;�ñ1ò1óK4�ô1õUT�a�<Kb1\�� Y>M5/ 0�2G�_e1f F�uGo�c3�d 9F�k3l1Y1å>í9��P>4�öG2 �KB&<x=1\]_^1Y>`1a�<Kb /etc/pam.d/vsftpd PAM è1éKNGO�2�P�;1gG= vsftpd FTP ÷ 9i3G;GMGø_F> �¡;5å>í1��P ^�617K��K=�F1��¢1£�;�ùK4�nUT�a�< ( ù FGú.F�û1ü F5ë F�ý1þ�;�gG= \ �9ÿ L>M�h��U��.^ 1 ë3Y g��gK��a�� ) bauth required /lib/security/pam_listfile.so item=user \sense=deny file=/etc/vsftpd.ftpusers onerr=succeed

\�� L>M PAM ^ /etc/vsftpd.ftpusers N O�2�Px4� ��T#V>M��x�_�3V o3=_c35d3.<9j3V ;��T�V�÷ ��D FG? ��1�>4�ï1ðUT�a�<Kb9\�F>N3O�2�P3F��3L�ì1H�T�V��oGa��>b��1÷ ��F5k9l>4! �"�;$#%�T#q��M�&'3F5÷1��5D3F3?3��9��4+ï9ð9<x=�q.��; 1 (1F�)�9k1l�4_6�¡�\ ]�+Y�`9a_<xb

30 * * * 4 * * * . + + +$, ,,�- --$...�///�,, ,10 00�222�333!444�55 5166 6�77 7�///9888

:�;�<1=�>�?1@A ,CBD.E @GF -H4�.JI$K�LNM�O1PHQ�RCSDT�,�UC-�V�W F 3CX @ /etc/pam.d/popY/etc/pam.d/imap S1Z�[1P1\ SSH -�V�W F 3]X @ /etc/pam.d/ssh ^N_ @ PAM `�a A ,bB�.c S�d�O�eGf�^HgJI!h�i[�j�k =�lGmnpo�q

PAM rGPHs @�t�u \�S Red Hat Enterprise Linux 7�v�wDx3$.y�W�z c Z�[ PAM (Pluggable Authen-tication Modules)

@ *�I�{�|bM�sJ}�~��HP q

4.4.3. root � � ��b�� 1��root ��,H��,�E @�F -�4.�I�� c KL o [��b� c S su Y sudo ^C_ @ setuid ��V$��C� @��F-�4�.�I�� o [j�k� l1mn�o�q

4.4.3.1. su � � �� G333�zzzsu �$��3Jz�I�� o [�kHS��,D��,�\ root �.�+D,bz�I� ¡C��¢�S�£�¤J�p¢J[�k root 0�¥�U��3$�9X=�¦ i��¢ n�o�qsu ��3Cz§��W13 o [1k�S!��,��,�\ root ��,��,�k�^b��S�0!.�/�� c�¨ Mps�© ¨�ª ^ :;�F-D4�.�«CI!¬� n!oJq �� c S!��,��, = root

c ^�[1k�S$��.G+H,]z�I� �¡®��¢C[j�k�^�} su �$��3z�I�¯J°$s�0$.�/��± @�²@ ��,H��, c ^G[j�k = �³ c ^®� n�o�qj @ �1��V��\�´�µ cD¶ � l Z1[�O�¡CS�·�¸�¹ @�:�;< \1º @ ��3Cz»E @1F -$4�.�I�¬�r�¼JI�½a9M�O�P�j�k = Z�[$�C��M»¢ n�¾�¿Gqj�¢�I�g�^®f§À�Á�^�ÂÃ�\GS��,��,GI wheel kpÄÅ�¢J[�Æ�Ç :; �!U�,� c�È h o [j�k lHoJq È ho [ c \�S root

c ^®�ÊÉ @ �$�G3Jz�I��®M npoJqusermod -G wheel Ë username Ì±Í @ �$��3Jz l SDÎ username Ï c \GS wheel �!U�,� c�È h o [��,��,�Ð�I��¢ npo�qj @�Ñ ª l � � ��,, ,H� ��,,,� ��GÒÒÒ�,, ,GÓÓÓ�ÔÔÔÕI!¯�Ö o [ c \�S$TTT�WW W�3 33$TTT�× ××1666$,, ,�Ø ØØ�ÙÙÙ3 33 ( ��Ò$U�± ) => 0 0 0!. ..///� ��```a a a => � � ��, ,,�� ,,,�kkkH��$U UU�,, ,�� @Ú cDÛ1Ü �JS�0�¥!U1�1�13H�]X l system-config-users ��3®z!I��bM n!oCq � � ��,, ,H� ��,,,�Ù�Ý1I�Þ�ß9Mps�S!��,��, @�à�á �C�p��,��,�I�Þ�ß9M n�oCq Ø1Ù�3�T�×G6$,@ � � �� / //9888pI�-�7â$-�M n�o (

n O�\�S!��U�ã�ä�3�T�×�6!,��C��vvv�www!WWW$UUU => � � �� ///�88 8�k�Þå )q

É c S�� U UU�,,,��GÙHÝ�I�ÞßbM�s1S$æ 4-2l�ço e1f c wheel �!U�,��I�-�7â!-�M n�o�q

è è è4è è è

. é é é�êê ê�ë ëë!ì ìì�ííí�êêêGîî î�ïïïpð ðð!ñññ�òòòGóóóGôô ô§íí í9õõ õ 31

ö ö ö4-2. Groups ÷ ÷ ÷GøøøDùùù$úú ú�û ûûüGý�þ

su (/etc/pam.d/su) ÷ PAM ÿ��!í�òì ��]õ�ø�� þ�� ÷�� [#] �!1ð�"�#%$'&(")�*auth required /lib/security/$ISA/pam_wheel.so use_uid

+", "�%-'.�/ þ"0�1�2 �ê�3 wheel ÷�!Gð�4�ê�5%6 ý�7 ÷�3�8 2�9�: ÷�;�<��=�> &(?)�*

@@ @�AAAB�C�DFE�GIH?JK

root L"MON"M J wheel P E M?Q?R�ST�U"M HWVYX

4.4.3.2. sudo �ZZZGððð�[[[sudo \ZJð][W��^ þ�_ ê�`Gê ýY0�1�a ëHñ�ì��b]c%d�e�÷�f%g�h�ij&?kml�(�)]*�n�o��d _ ê`�ê�p 0�1 Z�ð�[ ý sudo "q ýr 6�k�s��)�d�/ þ + ÷ _ ê�`�ê�^�tOu�÷�v�ì�éDêj[""w�x�y , ()�*�z�{�y , þ\7 ÷| �Z�ð�[}p�=�>�y ,�,%~ þ"0�1 �Z�ð�[�^ root

_ ê�`ê��-�� ,%� �÷|��. ý s��y , (")�*sudo �Z�ð�[Ê÷��%^ ü ÷|��. ý - �"(�) :

sudo � command �� ÷��%� þ\� command � ý ^ þ mount -��÷Y��^ root

_ êY`�ê��<�÷| "Z�ð�["?� , (�)�*

�� ?��sudoer

J5 ��?�"��WM��}�"��¡ �¢�£�¤}¥�¦¡§"¨�©ORYª¬«�T��}�® HY¯ ¢¬°?� K sudo ªW«�T��±ROLMN�M J�K «²?T�³��±´? �¢�µ¶?·"P?¸?¹ GºV ¢�»¼¾½��\¶�¿Y��ÀÁ"¢¡Â �"Ã�Ä�Å�Æ¡VYX £�R?Ç�È±É%Ê�TOP JWË�ÌC�Í�Î�E R /etc/sudoers ³��±Ï?Ð H¯"Æ¡VYX

32 Ñ Ñ Ñ 4 Ñ Ñ Ñ . Ò Ò Ò�Ó ÓÓ�Ô ÔÔ�ÕÕÕ�ÖÖÖ�ÓÓ Ó�× ××|ØØØ�ÙÙÙ�ÚÚÚ�ÛÛ Û�ÜÜ Ü�ÝÝ ÝWÖÖÖßÞÞÞ

sudo à�á|Ù�â}ã�ä�åæ�ç�è�é�ê�ë�ì�å�í?î�ï�ð�ë�ñmò /etc/sudoers ó�ô�õ�ö�÷�ømù�ú�û�ü�ý�ì�å%þÿ Ó��Ó�� sudo àá�Ù�â��é��ü�ý�ò� ��|àá|Ù�â}ã root ×��"ø��ã�� ÿ Ó��Ó�×��ø��]ü�ý�í�î�ï��í��ò� 4.4.2.1 �!�î�"$#�ù root ×��ø�é�%�&|ù��'(|ù\î�þ�)�*��+ í�î�ïsudo à�á|Ù�â}ã�,�-�.��/0�1�2435��%å�í?î�ï�6�798;:�<�=%ã� �ý�>ý /var/log/messages õ%ö÷\ø|ù\ú�?�ü�ý�ò�@��ü�ý�:|à�ámÙ�â¬ã�@�A�� ÿ Ó��%Ó�BC*EDmù /var/log/secure õ�ö÷\ø|ù\ú?�ü�ý�í"î�ïsudo àá�Ù�â5�C3�#;F�*E��G�H�ã|ò�IJA��KLmùNMPOWì�Q�ô�à�ámÙ�âOù�RCS�� ÿ Ó��%Ó�T�ÔÚ�Õé��î�þ)�*U�� + þ)�*V�Yî�ïsudo ó�ô�õ�ö�÷ø�� /etc/sudoers éVWX�î�þVIJ�A%ãmò visudo à�á|Ù|â�é��98WìY�UZ|üå�ï[�\ ùNIJ]�^mé�_�ë�þYù\ã|ò visudo é�`�aC8Oì \�b ÿ Ó��Ó��]�G�c�ô�ÚmÔ�×�Ø?Ù��de��"f#E��éV/�gh8í"î�ïjuan ALL=(ALL) ALL

)��Yð��ã|ò ÿ Ó��%Ó juan ��iV��jYÕ9k \�b 3 sudo éV��48Wì�iE�|à�á|Ù|âN3;�� + þ�"f#?ùNl�mì�å%í"î�ïð�ë�ñ|ò sudo é"ó�ô�î�þ�n�ù�ò�d�e��f"f#?ù�Q�ô|à�ámÙ�â?é"ó�ô�� + í�î�ï%users localhost=/sbin/shutdown -h now

)N��ð��ã�ò�à�Ù�oÓ�ø�� b å�p�ý�� ÿ Ó��ÓC3 /sbin/shutdown -h now àá�Ù�â�é�@�� +þ"�#"ùNlm%ì%å�í"î�ïsudoers � man q%Ó$rYùYãf)��|õ�ö�÷�ø��s�tm×�Ø?Ù��u�vwx��\úy�ü�ý�ì%å%í�î�ï

4.5. zz zh{{ {}|| |�~~ ~9�� 4�� h�� $�� }�� I�J�� ÿ Ó��Ó�T�Ô\Ú�Õ��×�Õ�Ö��I�J�Amù�*��ì��L��þVw��ò�T�Ô\ÖjÞE�ù��f��ì�å�þ��f��k?Ò\ÓmÔ��%Ó$��Õ�ù��é� 9#�)�*?ã|ò Linux ×�Õ�Ö�|é�¡�¢�ü�£%ì�I�J�î�þV¤�î¥ì�ùf*��ì�¦�§%ùN�L��$)�*�ù��4��í"î|ïRed Hat Enterprise Linux ¨�¡�©�ª�e�ù��mþ�«4��ÓY�Õ�ã��k"ÒYÓ|Ô��ÓY�ÕC*�8?ì�¡�¢P8\íî�ï��k�ÒYÓ|Ô��Ó��Õ��á�×�Ù�¬��¨�¡P8Oì�å�þV�®�ò�¯�Ó�°|Ù�*�±�ñ�ý�þ��Ó²%Ó�T�t Ý�³YÓ×�Ø�Ù�ã 1 ��í�:�ã�´µ��f�$��k?ÒÓmÔN¶�ÓPk·��¸¹�émÝWÕ�º�Ù�»$8Wì�å�í"î�ï�)"ý b ��¼��%Ó�²�Ó�ã½¾ ü"ý�þ��¿�è��þ�À�Á4*�8Wì�Â�ë�þV¥ + �48�Ã�#�ï

4.5.1. Ä Ä Ä�ÅÅÅPÆÆÆ�ÇÇÇ�ÈÈÈYÉÉ É�ÊÊÊYËËË�ÌÌÌ�$��k?Ò\ÓmÔ��Ó$��Õ�ã Linux ×�Õ�Ö��ù$*��ì�«��V��Í�ÎYè�é�3V: b 8í"î�ïVdemù�Ï��%å$�� \ é�w�x��!h8í"î�ï

• ��Ó��Õ�Ð�( ½¾ (DoS) — ��Ó��Õ�Ð�( ½¾ ã|ò�LÑ��%Ó$��Õ|éVÒ�ý�ü�£%ìmò�×�Õ�Ö��$)��¼LÑ�î�¥%ì|é"ú?h8Oì�MÓ98�"f#�*Wî�þ��Ôw�Õ4*U�h�ÖÐ(�üU£%ìC8�í\å�í?î�ï

• Õ|Ô�ÝUt×k5��Ø�Ù�è�é ½�¾ — ��Ó²%Ó��Ó²%Ó�Ú��¡�¢�é��î�þN:�m|ù�Õ|Ô�ÝUt×k�é��P8ì�å�þ��®�ò�w�Û�Ü�ù Web ��Ó²%Ó��h#E��ò�Ô�Ýf�UÞ�Ó�ã�ß��ì�à \ ý�:�Õ�Ô�ÝEt×kOù ½¾éá�á�Ù�k�î�þ�)�*�� + í�î�ï�)"ý b ��ÕmÔ�ÝUtPk5��Ø�Ù�è�� ½¾ ã|ò�²h�\õ�ö��s�Ó�²%Ó|õâ Ó�ã�ä�é�å|å�:9�ò ½�¾ A|ù�×Õ�Ö��¬��|õ�ö÷ø�é�æ�ç�ü�£�ìh8í$#N)�*�ù��|þ�è�ý��C��íî�ï

• ²9�\õ�ö��s�Ó²%Ó�õ â Ó|é ½�¾ — ¶�Ó×k·é�ê 0\Cb

1023 ��¸�¹�î�þ��Ó��Õ�ã�IJ ÿ Ó��%Ó�*8�ì��×8V�fëYýmñ��P�\í�£fì�ï�T�tßÝ�³�Ó�×]Ø�Ù�ù�í�î�T�Ô�Ú%Õ�� + þ�²P�Yõmö��s%Ó�²�Ó�õ

ï ï ï4ï ï ï

. ð ð ðNññ ñ�ò òò�ó óó�ôôô�ñññfõõ õ$öööU÷ ÷÷�øøø�ùùùfúúúfûû û5ôô ô9üü ü 33

ý ñ�þ�ÿ�� ñ��÷��ñ��ñ��õ�ó�ô�� !�òNø�ó�"��$#��%��Vþ&('�)�*�+-,�.�,0/ ��1�2�!�òNø�ó &(' �436587�9$��:ñ�3�ñ(7 ý ñþ�ÿ��ò�;�5=<�ñ��0>�?@ ñ�A��B�CD�E��FHG�I��ÿ��õNóô��J��K�L * ��%��Vþ &�' �$M�NJ!�òNø�ó�"��PO�# * ��>? root ùQ5HRP�PBTS4�fõ�óô��U��!�òNø�óJ�PV�W * ��X /$&8*T+

YY Y$ZZZRed Hat Enterprise Linux [�\4]_^�`ba4cedEf$^$f8aEghf$i�jPkEl$m�i�n$o�\ ExecShield [=p$q�resPt-u�vw�xEy sP\8]bzP{$|$}4~P�P��$�H� x86- �P��i8��E��$�P�4�E��$�-g��H`��4f$��f-�b�4[��-�$f��eres�� [ w�x ExecShield \h��$��b ezE{$|$}��¢¡$zE{E|P}P~=£$�8¤b�$� w � y �b[�^�`�a�c_d$f�^Pf8aghfEi��¥-¦$ epPq�§�v w�x z${$|P}$£P�$¨�[Ez${�§�©8ª�� w ��4g��P«h¬8�f�® ( ^H`ha�cedPfE^�f8a�g�f�¯° [h±�²8r¢sP³=¯$´�i�µP�Ebf�®�~�¶ ) \=�P�E·E¸E¹� _ºE»�§�]_¼P½�§bv w�xExecshield ¤h\-] AMD64 �8«-`P�_a4¾bfP¬E¿4i No eXecute(NX)

�$� � Itanium �E� Intel® EM64T �b¥À ¬h¿$i eXecute Disable (XD)�� m$ih�4�Ef��ÂÁEÃ�ves�v w�xPy s�Ä_i �E� \ ExecShield ��Å4¤eÆ�}H§Çt¯�´$iPµ$��bfH®�Á�zE{E|E}��f�®Âi 4kb Èe�8 ¢É�Ê��$�P�E��Çi=zE{E|E}$£$�P[=z${ w �bi� bË=ÌH§�t-]=Í4Î~Pub^�`ea$c_dEfE^Pf-a=ghfEi�¯ °$Ï Äei=ÐEÑ�i��¥4¦$ _Ò$q�§bv w�x

ExecShield � NX µP�=uh\ XD�E� ¤hÓ w �_Ô$Õ4\8] Red Hat Enterprise Linux v.3 i=ÖP�E×-Ø8� À�ÙÂÚ ·��Û8r¢s$³4Ü_Ý� eÞPß�§�t=à�r�u x_á à�i URL [EÍ�� y �¢ÁPâhã�v w :

http://www.redhat.com/solutions/info/whitepapers/

ä 5�RVð�ñ$ò4å & ��æ�ç��è�é�I��êHë * �8 ��(�PB�CD��ì , ì8í�ñ�îNó(�$ï��:�7� ��0ðñ�ò ì +

4.5.2. ó ó ó(ôôôDõõõ�ööö6÷÷÷�øø ø�ùùùûúúú4üüü�ýýý�þþ þJÿÿÿ��ø�ù�ú$ûUô�üP�� * ��J �� Red Hat Enterprise Linux

&� ÷Nó R5ñ�A ò� ��ì��0�� P� ä 5RUðNñfò�í�ñ�î�ó�� 7��hA R & :J7� , S4��ì )$*T+�� 4��X��þ�ÿ�� )P* :

• cupsd — Red Hat Enterprise Linux CH �7��A R�� í�ñ�3�ñ• lpd — !#"H��$ �í�ñ�3�ñ• xinetd — vsftpd % telnet , ��&�'�í�ñ�3�ñ��(�ó RbU��)�*��ê�+ * �Nó�ñ�,�ñ�í�ñ�3�ñ&�*T+• sendmail — (7�EA R & � Sendmail -�ñ�A R�;�÷Nó�.�ñ R0/�ñ21#3�÷TR5þ�4�5J , S4��ì )$*þ�� localhost X / �6)#*H��74ûEó�8�÷69�� )P*T+

• sshd — Telnet ��øù$ú�! , !#"Q� , � OpenSSH í�ñ�3�ñ% / ��í$ñ�î�ó��4�H� ��: )H) �$��;Qð�X<�=PXT��>�?0�� ' �T��@�K0�4W0S��#A�BD��C�D �*FE ��G$þ�H$óûR &�*Q+ �FI6J��6K×û�÷�L�þ�M�C &�'�, ì��T �� cupsd �8�J� ��: )�) 6��;�X , ì2N�=- 6� )-*6+ portmap 6�Tì��FO�PFQ &H*Q+ NFSv3 R4û�ú�ñ��0��S2T�÷QR�� , XTS�:� NIS(ypbind í�ñ�î�ó ) �PB�C6� , ì4�� portmap �6U�5� T�h��ð ñ�ò ì +Red Hat Enterprise Linux

& ��í�ñJî�ó��4:$÷ / :�7� �V��W"XI��NY=h �� ÷ ò� : 3 �H�6K ý 9�;��Z�[ ��ì )$*T+ í í íñññJîîî�óóó6\\\�]]] @ @ @ ñ ñ ñ�AAA (system-config-services) � ntsysv � chkconfig � 3 �&H* + % / � @ ñHA(�HB0ì#^� #��ìH�J�0� Red Hat Enterprise Linux õ�ófôJ��_Y`2a �cb �ÿ�Pí�ñ�î�ó� �d * ��!�òNø�ó��ê�+�� ï ��e�f0��Tð ñ�ò ì +

34 g g g 4 g g g . h h h�i ii�j jj�kkk�lll�ii im mm2nnn�ooo�ppp�qq qrr r�ss stlllvuuu

w w w4-3. x x x#i iiy yy�kkk�zzz�{{ {�| ||�i ii�}}}~ {��6x�i2y�k��<��$��#�$�#��#�� w 4-3 ��v��xxx�iii2yyy�kkk6zzz�{{ {�|| |$iii$}}}��u0i6}��W��#�� # 6¡��6¢6£�¤�¥��¦��§��W¥X¨�©�ª«¬� �$�6®6i�¯±°�$²�³�´Xµ��#¶X·¯�h�iYj�x�iYy�kX¸��¹�º�� » ´��¼#½F¾��¿�À�¨�©�ªX«#m�kl�Á�Â�Ã�Ä��X�Å��Æ�i�¯±��Ç¦6�¦6�Fs�k�ÈYo6ÉX��¦��§��¹v��Ê ¤6¦�«�Ë�¥Y�6��º��Y��Ì 5.8 ¸�Í�ÎF��Ê ¤$¦�«

4.5.3. Ï Ï ÏYÐÐÐ2ÑÑÑ�ÒÒÒÓÓÓ�ÔÔ ÔvÕÕÕ6ÖÖÖ×�Ø ��6�X�Å��2¶X·¯�h�i2j�x�iXy�k�§��Ù�{�´�º�« ��Ú�Ë6�� ¦$x�iXy�k2¸�ÛX��$º��Ë¾��Ü�Ý�$Þ�ß2�6�v��¨�º�«�x�iXy�k#��àá�j$p#k��â�Ú��¤�¥�ã�Ý#äv·tåX¤�¥�¨�º��#´X�Å��2¶X·¯�h�i2j�x�iXy�k��æ��#äv·�ç�i2è§�Ý��$é�êv��ë#ê��ì#í�¸�î#ï�Ë¾��¾��§�Þ�ßY�6��¨�º�«#Ë��#ð�ñY��6º��#��Y��g 3 gX¸�Í�ÎF�t��Ê ¤�¦�«¶X·¯�h�i2j$òóF¯�ô�}��õ��6��ö2�$÷�ø��ù�ú��$�#Ù�{��§��¨�º�«�û�ü��X�Y��XË�¾6¸ý ��±x�i2y�k��¦�þ#¥<§�Ë�¥��ÿ��Y��¨�º�«• ��F��¦��¦��i�i��¾�ä�kh$iv��¸�¶2·�¯�h$iYj ��´��#º — Telnet � FTP ��Å��Ê�� ò�ó�¯�ô�}��6¹��p<·�m�n�o#¸��F�t��¦��6´2��´2µ6� �» �Y» ��Ê ¤�¦�«• ��F��¦��¦��#i��¸�¶2·�¯�h�iYj ��´��º — ��Ê��#ò�ó�¯�ô�}��v��¦$��¦��#i�#¸�¶Y·�¯�h$iYj��´�v��¨�º�«#Ë�¥<Ú��#ò�ó<¯�ô�}Y��2� Telnet � FTP � HTTP � SMTP ��Å��¨�º�« NFS � SMB ��Å��Ê��2¶X·¯�h�i2j�� $}Xm�k#l�Á�§6¨ ¬ ��t�¦��¦"!�#�¸¶X·¯�h�i2j��´��$¨�º�«�Ë�¥FÚ��ò�óF¯�ô�}�¸�� #º��¾6µ$��$�%#º��i��&� �òX¸�'( º��#��i�i#�)�*�´$º�«¨ ¬ � netdump �X�2��Fs,+#i�¯.-�+<s�/o�ò�x�i2y�k�§$¶Y·�¯�h$iYj ��´��v��¦$��¦�-�+s��0�1�¸ ��$¨�º�«"-�+Fs /�o�ò��6�6ä�kh�i��¾�µ6��i��2�i#k��3�o�¯6s4��ö��!�#��Å#§,5�¨�¥��¦��#Ë�¾��¨�ºX«finger 6�7 rwhod �X�2��ö��x�iXy�k��Xm�k�l#Á��i��i��6�6º�� !�#�¸�â#�F��<�$¨6¦�¨º�«

8 8 848 8 8

. 9 9 9":: :<; ;; = ==�>>>�:::&?? ?�@@@BA AA CCC�DDD&EEE&FF FG>> >IHH H 35

J�K�L<M"N�O�P�QR :�S�= M�T�U�V�W�X<YZQ\[,W�]�^\_�`�a�b

• rlogin

• rsh

• telnet

• vsftpda<c�d<W F e<:gf�h&i�j�A�k�?<lnm&o�h&i�p�q (rlogin r rsh r telnet)T�s�t�d

SSHMvu�d�Vvw

x b (sshdM�y x d�Wz�{�T r}| 4.7 ~B�� uZd��}��w x )

bFTPT r�?"=�>�q W C�D�E�FB>�H Mn��uBd FBe�:�f ?�l m<�� J�K<L�Mn��T�^�_�` �<��] r"��~ s�t<��&M r FTP

R :��: T��<M"��u,d��P r�� a��]<^�_�`}a�b FTPR :��: W�O� ¡�¢�M"y x d�W�z�{�T r�| 5.6 ~}�� uGd\�B��w x b��Mn��uBd�£�¤�a\� kB¥ M r�¦�§"j�¨�©�ª�:�m W�«&Mn¬��a�c\®�R :�S�= MT�U�V<W�X�YBQ\[�W]<^�_�`�a�b

• finger

• identd

• netdump

• netdump-server

• nfs

• rwhod

• sendmail

• smb (Samba)

• yppasswdd

• ypserv

• ypxfrd¯�° fB9n:&; R :�S�= WO �¡�¢�Mn±a��}z�{�T r 8 58�M�^�_�`}a�b

²<W C�;�?\@ A ��T r�?�A"o�m Q ¦�§"j�¨�©�ª�:�m\~ ��P�a\��W�M�³�´<��®��µ :�m Mny x d�¶�·vu`�a�b

4.6. ¸¸ ¸�¹¹ ¹»ºº º�¼¼ ¼\½½ ½¿¾¾ ¾�ÀÀ À�ÁÁ ÁIÂÂÂ�ÃÃ ÃÅÄÄÄ&¹¹ ¹\½½ ½��Q&¯�° fB9":&; R :�S�=�~ ��Pvu,��Æ r�¦�§�j�¨�©�ª}:�m�~ £�Ç�a��È k ]�É��a�b¦�§"j�¨�©�ª�:�m T�¯�° f}9�:�;"Ê�Ë ° f ] ?"=�>�q W&¯�° fB9�:�;j�A�Ì�:�¦�l :�= M ¨<;nC�= a�"W ~"Í�Î ` a\b ¦�§"j�¨�©�ª�:�m ��Ï h ° ; w}Ð<��Ñ :�f M"��uBd��Ò<]Ó�Ô�a�� kr È"W��Ò<TÕ � w Ð\` a\b R :�S"= ]�È ÐvÆ�W�Ï h ° ; w Ð�d x ��Ñ :�f W�Ö k y ~�F,=<×&Ai uBd x � Ø�Ù rÊ�Ë ° f"~nÚ t�Û�Æ}Ü�Ý<£<Þ�Õ�ß�M&w"Ð�`�a�b�È�W�� r�à ´�u�d x Q x Ñ :�fGá W ¨�;�C<=�~ Ïh ° ; u�Q�]vÆ r ��P�w"Ð&d x ��R :\Sn= ] à ´<a��nÑ :�fGá W ¨�;C�= T&Ï h ° ; u}Q x X�Y�M¦<§ j�¨�©�ª}:�m�~ ��P�a��â�T r ��a��]�^\_�`�a�b�\k � � Wã :�ä�: M k�å d r Red Hat Enterprise Linux

�¬�æ�w�Ð�� i�p�¦\H.çm Q ¦�§�j¨�©�ª,:m ��P�µ :�m�r�CCC�D DD�EEE�FFF}>>>�HHH�èèè�ééé�mmm � � ��PPP�µµ µ : : :�mm m (system-config-securitylevel)] ?�Ano�m Q¦�§"j�¨�©�ª�:�m W��P�MT�ê�ë<��a\b�È�W�µ :�m T r�ì�A\f,h:�m�Ê ¯ m&j�A�Ì :�¦�l�:�= � �íL�Q�´�î�W ¦<§ j�¨�©�ª}:nm W�ï�ð x iptables m�:nm�~}ñ�ò u"`Ba�bÈ"W ¨ovF�Ë�:�?\@ A W à xnó�ô<õ o�?\@ A W�ö�÷�Mny x d�W�z�{<T r Red Hat Enterprise Linux ?=�>�qø�ù�ú<j�û M�^<��ü�J�L�Q ¦<§�j�¨�©�ªB:nm ��P�Wn8 ~}�� u,d��B��w x b

36 ý ý ý 4 ý ý ý . þ þ þ�ÿ ÿÿ��ÿÿÿ�� ÿ��ÿ�� ÿ � ÿ�!�"�#�$�%'&�$)(�*,+ iptables -.0/�1 ��243 ÿ�57698�:�;�<�=,>%�?�@A@�B'C�D�E7F GAHIKJ�L4M)N�@�O�P+�ý 7 ý76�QAR�DSOUT�V4W�@�I iptables X�Y � $�Z�*0[1 � P+ Red Hat Enterprise Linux �\.�/)]��[�1 � M�^�> iptables $�ý,6�_K`UT�V�W�@0I

4.7. aa a�bb bdcc cfee e�gg gihh h�jj j�kk kmlll�nn npooo'qq q�rr rfss s'tt tUuuu1�Av"ÿw,x�yz$�{A|A}A~A�A��$��A�M)��9O,+��A�A��$��C9��D�NAN4^'�\F�=UI ��Pwx�yþnÿ�� 0-��,WKE7>��+K��M)�� O��76K��=,>)�nÿ�5A?��WKEAO�@AFK=,IRed Hat Enterprise Linux M�P 2 N�$��A��ÿ�50?��7WKE0O��+� �$0��ÿ�50P]�¡�50$�¢4@0+K£0�¤ ��¡�ÿ�� 57¥��S¦�§46�¨�©�D�O4w�x�y,þnÿ�� ,6�ª�:�=,>�«�¬6K�®�D FK=,I• OpenSSH — w4x�yBþnÿ4�K��0$��© SSH ¯0°�y9XK5A$4.��Zÿ�±�²�³• Gnu Privacy Guard (GPG) — ´�ÿ,v��A�A© PGP(Pretty Good Privacy) ��A� � ¯��µ�ÿ,�U� $.4�Zÿ�±�²�³

OpenSSH P��9¶�ÿ·yzY,�A�M � �)�A��=U>\��$¸,�º¹A»0±�%�¼�-,+ telnet and rsh ±'½K$,¸¾ M¿�À -��A�UWKEA±�@\ �ÿÁ ��M\Â0�� FK=7I OpenSSH M�P sshd ÃKÄAÅ�EU>�wx�yBþnÿ�� ÿÁ��Ã 3 N0$X�Y4 �KÆ 1�� Æ 1 � 7y � ¯'� µ�ÿ�,�KK?�Ç7F9E7F�=,I• ssh — ¹�»0±��S¶�ÿÈyKX��É ÿ�5 � �\��4� Æ 1 � ,y• scp — ¹�»0±��S¶�ÿÈyKX�Ê�ÿ4X�Y4 �• sftp — 1�� Æ ��·��Ë�±.0/�1\5�Ì�ÍA��x �7��6KÎ�Ï4M =7>�¹�»A± pseudo-ftp � Æ 1 � 7yLinux ��§�-�$·�K¶<ÿpyz��4PA=�Ð4O SSH ¯,°Èy\X)5�6)¨�©ÑD OAÒÓ¾� ÃA6�ÔÈT\�A=�=0�ÑD�F=7I OpenSSH M\N4@)O�$�J�L0P4+ Red Hat Enterprise Linux ��§�!�"0[�1 � M�^�> OpenSSH $�ý6 Q0R�D9O'TKV,W�@�I SSH ¯�°�y X 5M)N@�OA$�JAL�P,+ Red Hat Enterprise Linux �).�/�]A\�A[1 � M�^�> SSH ¯�°�yKX�50$ý76KQ�R�DSOUTSV4W�@AI

ÕÕ Õ9ÖÖÖsshd ×KØ)ÙÛÚ9ÜSÝKÞ ß àSá�â�ãSä�å9æ ç�è�éºêS× Ø)ÙzÚ�ÜKá�â)ã�ëíì0îïê9ð�ñ ò�óõô�öz÷Sø)à�ù�àºúKû ê9ü�ýà�þSÿ�� Ö ç��æ�9éÛê��)àÛÿ� ��9ê�� Ü\è�� 3 ��

GPG P0¯ Æ 1�¡�ÿÑy�±� "!$#�ÿ�5'6�%U>'& N�$�%�¼�-�='I £��,w,x�y�þ�ÿ�\��-)("*4´�ÿ,v06+ ,!#�ÿ�5�Í��=7> $�MC�+�-�ÿ ��Æ 1�Ë �A-�(�*0´�ÿv�6K�®�=,> $0M4CS¨�©0-/.�F9=7IGPG $�¨7@�%,M�N,@�O0$�J0L�PU+ Red Hat Enterprise Linux �0��x�¯ � 1��0��xK¯0[41 � M�^4>��0

Gnu Privacy Guard $�¨�©,6KQAR�DSO7T�VW�@AI

151

.2 2 24333655 5733398889:: :<;;;>== =@???BAAA

C+D)E,F,G�H,IKJKLNM�OQP$R�S�T�U�P�V"PXW�Y�Z[,\^]�_^`�a,b, c,d�e�f)g/hikj+l�m^n,o+e,pq^rC+D)E,F e�s,t W�U�PKu+D eNv L�Rw,x"y�zKC�D,E)F�{�|,} h WQ~�Z��W ikj�l�m�n�"� e"�)�KhQ�K� Z)�"�X`�� h$r��Kh"�� `�UNP�V�P e,�"��/� E'� s"tKh�)m `��"�N� i�� y^M��,�)� Y�ZX �¡/] �Nn :

• m ��Z e U�PKu+D/��¢,£¤Y�Z r �)£ ec)d)¥)¦�i�§�¨^©�ª�« Y�ZQ¬^] ��n•TK,`�® j°¯,±�i)²Nv M�³+PQ´^��[)\kY l�m�n

•TK,`�® j�µ C,y 1 ¶Nh+� ¸·�¹Qº ²,e JKL�M�O+P$R�U,PKu�D e)»�¼�½ Y l�m^n

• ¾,¿�iÀ"Á G iN�Q¨�Â,Ã Y�Z m �"Z e U"P�V,PK��Ä,ÅkY l�m^n5.1. TCP Wrappers ÆÆ Æ xinetd ÇÇ ÇNÈÈ È¤ÉÉ ÉËÊÊ Ê"ÌÌ ÌXÍÍÍÏÎÎ ÎÑÐÐ Ð�ÒÒ Ò¤ÓÓ ÓXÔÔÔÖÕÕÕ¸×× ×¸ØØ ØTCP wrappers

z^] l�ÙNlQi U$P^uD h�Ú R � D,Û�ÜX�+Ý ¼ Y l�m�n SSH r Telnet r FTP ik§�e ��£JKL�M�OQP/R�U"PKu+D,zTCP wrapper

��[,\¤Y l�m^n TCP wrapperzÞ,ß,�,à�W��,à^]�_ p U�PKu+De,á T,â «�e�ã)ä ��å p Y l�m�n

TCP wrapper h$æ `+ç$è)z r�é�ê$Ú R � D rQvë y)ì r VNº$y^í r/� w,º�î)RXM r/��ï P,D e ç)\,ÛÜ i^§ ��Ý ¼,m `+D,P)ð"PQU�P/u�D r xinetd W ��ñ,ò/ó Z[,\ m `NW�ô s ]�_ l�m�n

õõ õ�ööö÷÷÷ø�ù�ú�û�ü�ý�þ�ûQÿ�ö)÷��ù�� ü�� ù��+ù��

TCP �� ù"! xinetd ��#�$�%�&��'��!�(�)+*-,�.+/�0IPTables

ÿ�1Qö�23*4'��+��5'�� ù��67��8')�9�4�:�;�<�=7=>��?�@�A�BC )�0

TCP D L�ð$P¤W xinetd e-E � h��X� Z e-FHG z r Red Hat Enterprise Linux ��IKJ îNy�DHL�º¸íe TCP D L�ð,PXW xinetd e�M ��N-OkY�ZX �¡K] �Nn�Ne UQP � R�CSR�y�T"z�T M�UKL�R e�V-W"X-Y G � ` o W��Z � Y r �"� e,�"��$� E'��[ ² C\R�yh�] è$�^ � Z �Nl�m^n5.1.1. TCP Wrapper _ _ _'```baaa"cccQddd\ee eSfffhggg�iiikjjj�__ _'lllQmmmTCP D L�ð�P"z)UNP�u�D�n e$Ú R � D��o-p m `�q"r h ��s� e�t-u G �Xj�l�m^n"o�e)� R"CSR�y+Tz�v-w�Vyx"P e�z ß r �"�|{ DÖM ¨�©�e)c,d-}-~�r�v�ë y,ì t"uNe�� S i�§ � ÀNi��p)q�e ["\"�-��H�kY�Z �$l�m�n TCP D L�ð"P e�t�u W�Û,Ü"�� e�± �-�,z hosts_options e man � PK�"��NyOY�Z^ �¡K] �Nn5.1.1.1. TCP Wrappers W W W+vvv�www,VVV�xxx�PPP�-�h� � e Vyx"P��UNP�u�D�n-v-w¸Y p R D º Ú yXM h�z ß m ` o W�z r U�P,V�P)G��-�¤Y�Z � `"CDNE$FX��'Y i G © CDNE�F,{�|�}/Gy� h'}y� Y�Z � ` o W)� c�dH�yu } h'X¸©�� `�� y�$Tm^n U�PKu+D e TCP D L ð"P)V"x)P/�� À)m ` h z r banner [ ² C\R�y)��[,\¤Y l�m^no�e�� T"z r vsftpd e Vyx"P�� À Y�Z �$l�mXn"l��Xr Vyx"P I�J ºQ´X��-�¸Y l�mXn-I�J ºQ´NzC�D"E"F e�§�o�h��-� ]�_NZ�� $l��H G r�¡ P-¢�yNW�£�¤�¥"�NT i$ó _y¦ i¤j�l��H Kn"o�e�� Tz r�IHJ º�´"¥�� /etc/banners/vsftpd W"Y l�m^n

38 § § § 5 § § § . ¨ ¨ ¨-©©©�ªªª"©© ©�« ««�¬ ¬¬|�®®®+¯¯ ¯±°°°

²H³�´�µy¶H·�¸"¹�º\»|¼½�¾h¿�À�ÁKÂ :

220-Hello, %c220-All activity on ftp.example.com is logged.220-Act up and you will be banned.

%c Ã+©\ÄHÅ ¹\Æ�Ç ©"È�©"ÉhÊ�Ë"ÌÍÃ�É Æ�Î|Ï�Ð�¹�Ç ©�ÈH©"ÉhÊ IP ÑhÒ�Ó�Ì ¾ÕÔ¶SÖ-À-×yÀ�¾ ÄyØ ´Ñ�ÅSÃ�Ù-ÚSÛ�Ü-ÝbÞ�ß�à ¶�á-â Û Ö�ã�½'äyå Þ À�ÁSÂ Red Hat Enterprise Linux ® ²�³ Ó-Å�Ì-æ ´ Ò½ TCP Ø|ç+è"© ½�é"êyë|ì"Ï à ¶'í-¶ Ã�©�Ä-Å ¶�î"ï-ð-ÎS¿�À�Á\ÂñHò áHâ\½�ó Þ�ßSô ¶ ª�õ�©SÛ�ö�÷ ÁÕÏ-½�¹SÆ�º|¶-ø Û /etc/hosts.allow ²K³'´�µS½�ù|ú Þ ÀÁ\Âvsftpd : ALL : banners /etc/banners/

5.1.1.2. TCP Wrapper Ê Ê Ê�û ûû�üüü�ýýý�þþ þ¨Õ©Sª�©ÍÛyûSüÿÞ�ß ÐÕÏ ËKÌkÃ À��\¹�� çhÃ��|©±Ä ð�� Ö�� Æ TCP Ø±ç�èS©ÍÛ é��ß Æ spawn �� ½ ßHà ¶ Ë�ÌbÃ À��¹�� çyÃ��©|Ä å\ã�¶ û�ü\Û º��'å\ã ý�þ ÁKÏ ôyÊ ð�ë|ì"À�Á\Âô ¶��yë"¹QÆ 206.182.68.0/24 � çHÃ��©�Ä åSã�¶ Ä"Ø|ç��"© ð ¨y©�ª-© ¶ û"ü\Û��ß�� Ö� ß ÐÀ�ÁSÂ

/etc/hosts.deny²�³�´�µQ½"!$#H¶�ø Û�%$& Á\Ï Ê Æ à ¶�á"â � øy¹�'�(\Ö�$�$)"¶Q²H³�´

µ|½+*�,-Ö�\À�Á\Â

ALL : 206.182.68.0 : spawn /bin/ ’date’ %c %d >> /var/log/intruder_alert

%d Ã ©|Ä-Å ¹ û"ü�- ð Ñ-Ä�«"Ì|Û.�$� � ¨-©�/Ì ¶ É�0QÛ�1�ÜÕÞ À�ÁKÂá"â Ê *�, Û�2+3 Á\Ï'½'¹

spawn �+�\Û /etc/hosts.allow ²y³�´�µ|½54+6 Þ ÀÁ\Â

77 7.888spawn 9�:.;�<.=?>�@BA"C�DFE?G.H�I�JLK�M�N?O.PRQ�S.T�U.V�C�WX;�Y�Z�[.Z�\�Q^]�_�EB`�a�K^b�c�N?O.d�e.fS5gih$WjEjk�l�mon�p�q�r�s�t�ujv�JBw"N�@BA"C�D?E?G�H�mLxFI�y

5.1.1.3. TCP Ø Ø ØHç çç�èèè"©©©\ÊÊ Ê�zzzR{ {{hÞÞÞ � � ��** *5|| | Å Å Å , , ,�$�H¶�á-â~}�´��-ð�íH¶�á-â~}'´��|»K¿L�$�\ÖR\ÏR ��SÆ

severity � ��~� Å-ÛR�bÞ�ß�à ¶ ¨H©�/Ì ¶�*�, Ó�� µ {�� Ï ôHÊ ð"ë|ì�À�Á\Âô ¶��ë FTP ¨�©yªy©+{ ¶$� ©ÍÃ 23 (Telnet � © Ã ) ½�áyâ Û��Hß Ð�Ï - ¹ ÄyØQç��-©$��ÊHÞ À�ÁSÂÄyØQç��-©$��Ê�÷ Á��|½'¹��|²��µ Ã ¶ info ² Ø ,�¶��h¿�½

emerg² Ø , Û *�,-²H³�´�µ|½54�6

Þ Æ�á"â Û '�( Þ ÀÁ\Âô Û�� ø"Á\Ï�½'¹�ºy¶ Ø ´ Å�Û /etc/hosts.deny ½R4�6 Þ ÀÁ :

in.telnetd : ALL : severity emerg

ô H¹$�K²��µ Ã ¶ authpriv *�| Å ,�� Û é"ê Þ À�ÁHðQÆ info ¶+�K²��µ ÃF� åSãR*�,5� ç�«"©� Û.� á� Å��© µ|½�*�,�Á\Ïemerg

½R�+�� Û�{$� À�Á\Â

� � �5� � �

. � � �$�� +� ��+¡¡¡+¢¢¢�££ £�¤ ¤¤¦¥ ¥¥�§§§ 39

5.1.2. xinetd ¨ ¨ ¨�©©©ªª ª~«««¬¬¬�®®®°¯¯¯�±± ±³²²²�´´´�µµ µ�¶¶¶¸···xinetd ¹$��º��+�� $»+¼$½��$�� $�+¾�¿�À�Á"¡�¹�Â+Ã�Ä~Å�Æ��Ç$ÈÉRÊ�Ë�Ì�Í��+Ç�¿ 1 Î�Ï+ÈÐÑ ¿$¡�Á�Ò~ÓRÄ5Ï$» xinetd Ï�¿ trap ��Ô5¹+Õ$Ö$× xinetd ��Ô�¹+Ø��Ô�¹+Ù�Ú+Û$Ü�¿�Ý+Þ�ß5àá Ï�â�É�Ìã¤5äR��¹�å�¿�Ã+ÄÅ�Æ��Ç�ß5Î�æ�ç�è$éãê5ë�ÈÐ.à á+ì�í$î�ï Ò�Ó.Ä�¿�ð+ñ+ò$ó$» xinetdôxinetd.conf ¿ man õ��ö+Â�÷�ø$ù+ú�û�æ�Ð

5.1.2.1. trap ¿ ¿ ¿�ÕÕÕ+ÖÖÖxinetd ¿+ü$ý$þ í ¿ 1 Î ô ê�ç�ÿ+Æ"�� +Ç no_access ¤�¹¸ÅB¾�¿��+¹¸Å��þ í Ø��~ë�ÈÐÑ ¿¸¤�¹ ÅRß� ��û��ç�æ�É��$¹�Å�»��Ö�¿��» xinetd Ø��È�É�ë"Ï xinetd Ø��È�É��Ô�¹�¾�¿�� Â"!�#û$�ë�ÈÐ SENSOR ½ %Â�à á È�É Ñ ô ß�&('*) +�û"�ë�È�Ð Ñ ¿�¥�Á-,/.�Á»��$�+ $��¿�0+��ÅL¹�¢�1�Ä�Â$2�3�É4�"¹³Å�Â-5�Æ6.�Á.ÈÉ$7 8$Ì�9 :$Ï�È�ÐSENSOR Õ$Ö�¿ ;$ò�< ô ê^ç+Ë á�= Ö$¿$Ì�æ5��ÔR¹�Â">�?³ê"ë.ÈÐ Ñ ¿�@$Ï�» Telnet Ø+à á û"��ç�æë�È�Ð/etc/xinetd.d/telnet A�B�C5ÇÂ$D�Eê-F flags ¿�GÂIH$¿�JK'*L Mê�ë�È :

flags = SENSOR

H�¿�N�C�Ä�Â�O�P Ñ�Q ß-� �ê�ë.È :

deny_time = 30

Ñ ��ß�&('R0��³ÅF¾��Â$2�3�É4��¹³ÅL» 30 S��! #û"�ë�È�Ð�T�¿�U deny_time ½�%�ßRà á�ì�í ÌV ô ê.ç/F xinetd Ø��~û��~É$ë"Ï ��~Â-!�#$È�É FOREVER ×��Â-W�X¸ê�Æ�ÿ5È~É NEVERØ��Y'�ë�ÈÐTê^ç(F�ú�ZYN4C�Ä�Â"[�\�¿(N4C�Ä ô ê¦ç�úû5æ :

disable = no

SENSOR ÂRà á È~É Ñ ô ß�&6'^]�_$Ì��¹¸Å�Âa`�b~ê-Fa� �Âa!�#$ÈÉ Ñ ô Ø+Ï�â�ë�È�Ø(Fac�d+Ø 2 Îe/f �/'�ë�ÈÐ• SENSOR »�¹�¥�Ç�¹�¹�¢�1$Ä�ß�»�g h$Ï�â�ë"i�j�Ð• SENSOR Ø�k�G�û"��ç�æ�É Ñ ô Â"lÉ.Û�Ü m�»�F IP À/n"o�¹�Â$p q³ê-F5À�Á�¡+¹ r�Ú�0��Å^ß��+ÈÉ Ñ ô Ï(F"��Ö�¿��¹�Å�ß-gãê�ç��$��ÔR¹�Ù+Ú�Û�ÜÂ$s�t�u�É Ñ ô Ø+Ï�â+ë�È�Ð

5.1.2.2. � � �$�� +� ��¤¤¤�äääR�� ¹ ¹¹�¿ ¿¿�vvv ��xinetd ¿/w�x¦ò�Î�¿�ü+ý�Ì�þ í »�F�T�¿�v�� y�Þ�ú�¿��$��Ô�¹+Ø�à á Ï�â�É�¤5ä��¹"åÂ"y�Þ�ÈÉ íz Ï�ÈÐÑ ¿�þ í »�ú�Z�{¸§$o+Á5¥³§R5+ß�& P�ç4k GûI�ë.ÈÐ :

• cps = | number_of_connections }~| wait_period } — ��Ô"¹�ß�� ì û��ò��/�4��'¿�� Â"��³ê�ë�ÈÐ Ñ ¿�{¸§Io�Á�¥�§^5+ß�»4�� V ¿�3�à á Ï�â+ë.È�Ð

• instances = | number_of_connections } — ��ÔR¹�ß-� ì û$�� Â$��ãê5ë�È�ÐÑ ¿�{�§$o+Á5¥¸§^5�ß�»�� V F$�$» UNLIMITED Ø�à á Ï�â+ë�È�Ð• per_source = | number_of_connections } — ��Ô5¹�ß4� ì ûa�� +¹¸Åa�-�K'�¿ � ��Â"� �³ê5ë�ÈÐ Ñ ¿�{¸§$o�Á5¥�§^5+ß"»�� V F"�$» UNLIMITED Ø�à á Ï�â+ë.ÈÐ• rlimit_as = | number[K|M] } — �$��Ô�¹�Ø/�R� ì�í Ì�� ã¤��À�n$o�¹�¹�õ��+¹�¿�åÂ�¢�Æ �CãÅ��»��+ �CãÅ�8��ß��³ê5ë�È�Ð Ñ ¿�{¸§Io+Á5¥¸§R5+ß�»�� V F"��» UNLIMITED Ø�à áÏ�â�ë.ÈÐ

40 � � � 5 � � � . � � �� R��

• rlimit_cpu = � number_of_seconds � — ��Y�4 �¡ CPU ¢$£�¤�¥�¦�§6ä©�ª�«�¬ �®°¯4±²Y³�´ ¡�µ¶�$· ¸��¶�R¹�º�»4¼�½ ¾6¿$À�» UNLIMITED Á4Â�Ã�¬(Ä�± ²Y³´ ¡6Å(ÆIÇ�µÈ�"·�¸4�È��¹�äÂ�Ã ²/É�´�Ê º�Å6Ë-¿a��6�- Ì�Í�¡ Î�Ï Ê Ç É xinetd º�Å É�Ð ��Ñ�Ò�Ó ¨�Ô�Í�¯�± ²Y³

5.2. ÕÕ Õ�ÖÖ ÖØ×× ×�ÙÙ ÙÛÚÚ Ú�ÜÜ Ü�ÝÝ Ý/ÞÞ Þ�ßßßportmap ��(�a �» NIS à NFS Ç/á RPC ��(�� â�ã4¡�ä�å�æ�ç èa¸�Ç é �°êë�ì�µ��í(îa¬ ²Y³$ïð Ç ñ�ò�ó�ô�õ ö Ñ ¡KÆ4÷�¿aø�ù�ú�¡ ��(�- �º�ûKü"Ç�é��¶ê"ä�ì ²/Éaý ¥/äþ�ÿ�� É� ¿ �� ²YÉ ¡ »��¬ ²(³

�� portmap ��! " NFSv4 #%$�&('*)�+%,�-�"/.0 NFSv2 � NFSv3 0!1�2��!354%-��6 NFSv2� NFSv3 7 8:9�8;�/<�= ��/> ?5-5@BA�C" portmap #�D�$��/)FE!"/G�H%,�I;J K�L!MB#�N O�P/A�Q/� .

RPS ��(�� (¨ R�S�¯�� É ¦ »(¿�T�¡�UWVWX��XY¨ Y[Z;��ú]\� ³

5.2.1. portmap ^ ^ ^ TCP _ _ _a```5bb b[ccc[ddd�eee[fff[gg gihhhportmap ��(�a �º�»�jk�¡�ñ�ò�l�m�Á�Ç�� ¿ TCP n�è:o��(¨"Â Ã�¯-¿ portmap �� prq�¸�� ¤�¥�Çrs(è�ê�t4��¸aàFu� �ê$¨ vFw ²6É�´�Ê Á�x�y�º�Ç�Ëa± ²6³z º�¿"��(�� ¡�q�¸-�� ¨�v(w ²(É ¦�» only IP q|{"·� (¨$Â�Ã�¯��ú}\�� ³ DNS poisoning ÇYá�ºÅ�Z5��~��]\�� É�� Á��6Ë�± ² ¡ ¬(¿;u� °ê�s-� Ñ »4Â�ÃK¯RÇF�4¬�ú}\�� ³

5.2.2. portmap ^ ^ ^ IPTables d d d�ee erfff[ggg�hhhportmap ��(�� p�¡�q�¸-� (¨ z º�Wv ²6É º4»�¿ IPTables X��X6¨"�� º�(�K¯-¿ ��ì}s�èê�t-��¸5p�¡�q�¸-�� (¨��v ²6É�Ê Å��-¬¯��Æ ³92.168.0/24 s�èê�t��K¸ Ê(� �6ôrXau� ê�� Nautilus Á�Â6Ã ²�É sgi_fam �/�K�� /º��}y��portmap � é�� ê 111 ¬È��è� îa��p(¡ TCP �r��¨��¤ ²�É IPTables ��îi{I¡ 2 ��¨�ú��ºW�� ¯:��± ²Y³

iptables -A INPUT -p tcp -s! 192.168.0.0/24 --dport 111 -j DROPiptables -A INPUT -p tcp -s 127.0.0.1 --dport 111 -j ACCEPT

� û�º UDP ê n��/�4è�¸�¨�vFw ²6É º�»�¿$ú��[�;��î]{I¨"Â Ã�¯��ú}\�� ³iptables -A INPUT -p udp -s! 192.168.0.0/24 --dport 111 -j DROP

�� MM M��IPTables �!�;M� ¡-;¢�£%¤B¥�¦%8:§��B¨�©��/ª «�,�¬�5 :® 7 ®��¯�°�±:²�P:+56

³ ³ ³5³ ³ ³

. ´ ´ ´(µµ µ�¶ ¶¶Wµ µµW···W¸¸¸r¹¹ ¹�º ºº%» »»�¼¼¼ 41

5.3. NIS ½½ ½¿¾¾ ¾iÀÀ ÀNIS Á�Â¿ÃrÄ�Å�µ}Æ(ÇrÈFÉrÊ5Ë�µ]ÌaÍ;È;´rµ]Î�ÏFÐ�ÑrÒ�ÓaÔ NIS Á ypserv Õ5ÖF×�Ø|Ù RPC ´rµ]Î�ÏÒ}Ú5Û�µWÜ�µWÝ(ÞFßFÏrÅ�µáà%âaã�ÐWä(å(æ�ç�Ð(èaÃ�é}ê]à%Ë�Ç�È�ë(ì�í�ÙÁ�î�Ð}ïWÈ(ð(¹;µ}ñµ�ì�òó Ó}Ù;ô�õ]Ú portmap Õ�ö(Ð�÷�ø�´�µ[Î5Ï]Õ:ù�ú�û�üWý[þ�Ø}ÿ�Ó[ÔNIS ´FµW¶(µ�Á��]ê�� WÐ��é¿º��µ[Ì[Í È�ì��5û��]þ�Ø]ÿ Ó[Ô :

• /usr/sbin/rpc.yppasswdd — yppasswdd ´�µ}ÎÏaÕ��Ö(×WØ]Ù��Wµ��[È;Ò[Ú5ÛFµ�ÜFµ�Ð NISß(Ï�Åµ�à��]ê�� "!ÿ�Ó[Ô

• /usr/sbin/rpc.ypxfrd — ypxfrd ´}µaÎWÏiÕ#��Ö�×(Ø Ù��µ$�|È�Ò¿Ú NIS èáÃ;é|ê�Â|Ã}ÄÅ�µrÆ�ì&%�'"!ÿ Ó]Ô

• /usr/sbin/yppush — (;Ð$��é|º��µ[Ì]Í�È5Á NIS ��µrñ�)Fµ�Ï�Ð��]ê�*�+(Ð NIS ´FµW¶(µ�ì,.- ÿ Ó]Ô• /usr/sbin/ypserv — NIS ´FµW¶�µ�Ð��µ��rÈ;Ò�Ó]Ô/10 Ð�2$3 ê&465�Ó|Ù}Õ�Ú NIS Ð�7$8�9[Á�:$;�<áÕ�= - ÿÓaÔ�>�Ï Ä@?6A�Ð�Ë$B#C�D6EF��íFG�ÿ;úH !�Ú�ßrÏ¿Å�µ�àJI Ã�Ì�¹Wâ ã�Ð(ærçLK�M6N$OiþØ}â�]ÿ�ÿ�Â¿Ã]Ä5Å(µ]Æ�ìQPSR�ØiÿÓiÔ�TFÐ�ôõ|Ú NIS ê�ü�ý�Ó|ÙFÂaÃ[Ä;ÅWµ]Æ�Ð�U�V¿ìWÁ�W�X[Ð�Y$Z|ê&[6\�â#]�Ø�×�â1G�ÿú H Ô^�}ìQ_L�L(rÕì�Ú NIS Ð��rÉ�Ê�` Ä�U�VFa�b�KQ7�8�9rì�c#]�û$�(ÿ Ó]ÔNIS ´�µ�¶Fµ(Ð�d�e¿ê�f�V1!�û6��Ù�g�h¿Ú�i 5.2 Ð�j$kQlmGÚ�nWõ[ì portmap ´�µ}ÎÏ(Ð�7�8�9¿ê�o?"!:ûQ�]þ��Ô^T�ÐQp]ÚWÂ�Ã�Ä�Åµ�Æ�qQr(â¿ãtsrìWí�u�Ù�v�w�ì�x�yz!:ûQ�[þ��FÔ

5.3.1. { { {z|||~}}}��F�� Q��.��6�� F��NIS Á(äFåFæFçaê^M�N�Om! â�rÿFÿ(Â]Ã[Ä�Å�µ}Æ&�]ì�ò ó ÓaÙ�ô�õaÚ�7�8rÒ]Ú�·L��Ë¿ÈaÄ@Oaþ;ØrôÂ}Ã�Ä Å�µ[Æ��Ð}É6�Ç^��}Ê µ�`�Ð��Ò�´�µ[ÎÏ[ê��Ó¿Ù��K�í�Gÿ�Ó¿Ô NIS ÐWæ(ç$K�7�8�Òâ6��Â}Ã�Ä Å�µ[Æ��ÒWò ó þ5Ø¿Ùô��¿Ú��¿ê��6]�Ù[º�Ï[ÆWì�þ6R�þ�Ø¿ÿ5Ó]Ô�(Ð#��â�v�w¿ê�4�5!�ô��FârÂ[ÃFÄ�Å�µrÆ�UQq]ê Ó}Ù�(�Õ�Á��â�·W¸[¹�º�»�¼!µ��(Ð��&��ì&�(â�K~G;ÿ Ó[Ô

5.3.2. � � � ~��¢¡¡¡J££ £F¤¤¤z¥¥¥�¦¦¦ NIS ¡ ¡ ¡�§§§.¨¨¨.©©©QªªªL«««.¬¬¬L ¢}} }�ªªª1�®® ®#¯¯¯NIS ´FµW¶(µWÐ DNS >�Ï�Ä!Ý|Õ NIS à Ë�ÇFÈ�Ý]ê�°.�5û$�FÙ�Û(µ�ÜFµ�ÁrÚ NIS à ËFÇFÈ�ë�ÐrïWÈ�ðW¹;µñ;µWâ�R�?�AFâ~!�Ò[ï;è[È[à�ê üL�5û�´�µ�¶(µQ �R:æ�ç[ê�±#²^³;ÓL(FÕJK�Ò6²�ÿ Ó]Ô´�- ×}Ú�µ$ �KL¶;µáÄ¸· PC ê�Â[Ã�Ä�Åµ[Æ�ì&¹�º�Ó}Ù& [Ú�»�¼� ~RÂ[Ã�Ä�Å�µrÆ�ì&½�e"!�Ú#�;ÿ$;ë¼ IP �|à�¾;Ï[ê�¿�ÿ� F!�ô�g�h]ÚJ��}ï;è�È]àBÒ /etc/passwd èaÃ:érê�oQ?�Ó}Ù�((ÕJK�Ò6²�ÿ Ó :

ypcat -d À NIS_domain Á -h À DNS_hostname Á passwd

(;Ð�Â�Ã�Ä�KQ`(µ�Ä!ÛFµ�Ü(Ò�í�Ù�g�h}Ú�sFÐ[ï;è�È]à�ê�e�Å�Ó]Ù(Õ /etc/shadow É��5Ç&`}ê�e�ÆWÓ]Ù(�ÕJK�Ò²�ÿ�Ó}Ôypcat -d À NIS_domain Á -h À DNS_hostname Á shadow

ÇÇ Ç�ÈÈÈ

Kerberos ÉtÊJË&ÌÎÍ�ÏÑÐ�Ò�Ó /etc/shadow Ô�Õ@ÖØ×^ÙtÚ NIS Û�ÜÞÝ�ÙtÚ�ßJà�Ì¸Í�á¸â�ã&ä

42 å å å 5 å å å . æ æ æ�çççQèèè�çç çQé ééQê êê#ëëë6ìììÑíí í"îîî

ï�ð�ñLòó�ôNIS õ"ö�÷�ø6ù#ú6û�é$ü.ý^þ�ÿ ò��ô�� o7hfawtgmhwg.domain.com ù ó��ò� � �

DNS ��ü��ý��! "�# ò �%$ �ô&'� � � NIS (*),+,-��.ý%�'�.�/�0��! 1%2 ò$ó&34��ï�ð�ñ#ò$ó�ôNIS æ�çQè�ç^ø�ù�ú�û&é�ü�56�7�þ�ÿ ò��83�9%�

5.3.3. /var/yp/securenets : : :8;; ;0<<<�===�>>>,???&@@ @/var/yp/securenets ACB,+,D8E�F8G ��H�I � � �!J�KMLON�AQP�DR��+Q-�üS�&ç&D~ù&T ò,UV�W �

NIS 5 �!X �$ù�Y~öZ�%[Qç.û$ýLì�ö�ü�-�� 94� ]\ ^ ò��~ô 1Z_ 5 � Y�öZ�tõ�üLû _ Y.öZ�[^ç6û&ù�`#ú$ý0A!B4+]D ò4a�b �� ypserv E�c V � Y#ö!��[^ç6û]G�dJù�e�f�ù�g ò]h�i��.ôQóZ��ò� 9j� /var/yp/securenets A!B�+]D G�d�k�-��ì�ç�l'5��0m�ù�n 3po�� :

255.255.255.0 192.168.0.0

qq qsrrrt�u

/var/yp/securenets vxw�y'z|{�}�~ NIS ��j�]v��%�%{/�s�!z�{/��%�

1 ù�í#û��ö�û o 5 IPò��Q3p��9 � �Qï�ð G�d�� .ô 1!_ 5 oZ�09%�'� E �%�'�� _0� NIS æ�ç�è�çEQæ�ç&��ü�� .ô Yö!�/[^ç6û�ýj� � �Lô 1'_ E o&��9%�

5.3.4. � � ��&��&��S��s>> >!��S �¡¡¡�¢¢¢¤££ £ IPTables = = =�� !===�>>>,¥¥¥&¦¦¦rpc.yppasswdd — § çC¨Sç ò¤©¤ª +«-�¬mü[~ç®(�ùC¯¤°¢ý&±�² �¢ô N1ç¤³´- — µ�¶ù NIS ·8¸zæmç~è1ç ò�¹ ��º"ç»��ù8¼ 3 V �CEQ²C½ oQ� Z¾1ù NIS æ"çzè"ç.Nzç.³- o�¿ôrpc.ypxfrd

_ypserv 5 � AZB+�ú À�P�ç'D'D$ç�D�ý � Á � � ° ò NIS æ6ç�è$ç!N�ç ³�-�ý]Â'Ãñ G�d�Ä 349%� Å�Æ0�.ô�ò 5 �jÇ ù&È�+!-Qý /etc/sysconfig/network ò4É'Ê ��]� :

YPSERV_ARGS="-p 834"YPXFRD_ARGS="-p 835"

Ç ù IPTables D$ç0D�ý Å'Æ'��ô 1,_ ò6ó�3]� º�ç�� òË �s��æ$ç�è�ç'Ezì�öJü�- ��ô YLö,�j[�çû�ý¹ � �.ô 1!_ E o&��9%� iptables -A INPUT -p ALL -s! 192.168.0.0/24 --dport 834 -j DROPiptables -A INPUT -p ALL -s! 192.168.0.0/24 --dport 835 -j DROP

ÌÌ ÌsÍÍÍ�ÎÎÎIPTables ÏÑÐ ÍÒÔÓ4Õ%Ö*×�ØÙ �/Ú�v�ÛsÜsÝ�Þ�ßjà%á�âsã�ä/å 7 åRv�æxçsè/��/��

é é é5é é é

. ê ê ê'ëë ë�ì ìì0ë ëë0ííí0îîîZïï ï!ð ðð*ñ ññ�òòò 43

5.3.5. Kerberos ó ó ó&ôôô�õõõ,ööö&÷÷ ÷ø ë ùZë!ú8û!ü,ý!ï�ë8þ�ë�ÿ�� ü�� /etc/shadow ��0ë�� !�#",ïú$ �&%'�ë)(+*��,.-�/�0��132 ú54 NIS 6�7.8)��9;:.��<.=��>�?.��@�A5��B.C&D;E3F�G3� 1 H&IJ'K�L�M ��N+O�P�Q!ú NIS �SR � ü3��T�(í��6+U�V $ ��%W�]ë5(�X.-�6��Y#Z�� J 4 ø ë0ù ë;[ J�&�)��ë��\�]�"'ï�6+^��_�`��? J ú�a�b M ��N�c�d�E.�e'ú�f�� J �&�)�]ë��(�g5�sî&ü �� g�h�i�4+j&k&E.�&�)��ë��+6+l�m�a5b�V;n;o�Q�i $ ��%'��ë5(��;p�q&E�T3r&s,ü�% ��T�(]í��t�u Vwv M#x�M ��NKerberos i;y�^�z&{.|�}�6+9.:.��+�.a�4+��]ë!�~�]��"�ï�ú $ ��%W�ë�(+*)��,.-�/W0.��4."��ñ�h'í'î�ï&ðsñ¤òpë'ú��*!v M ��N Kerberos �H x V��;��i Red Hat Enterprise Linux ð��3�'ü�.� � � �#� Kerberos � é 6��wv V3��/ x N

5.4. NFS �� ]�� $ ��%+�0ë�(�"3� ñ&h (NFS) i $ �5%��0ë�(0ú)T�(�í��.�&��E��)� �#� "#� ñ&h�6&(�g � TZüw%� "!ü��3��w�4êZë��&a.�wN NFS ��y��.�&�w��&�)i�4 Red Hat Enterprise Linux ð3��.�,ü�� '�3� Network File System (NFS) � é 6��.��/ x N NFS ��;��i�4 Red Hat EnterpriseLinux "��'ñ�h;�� +6+�&��v'V3��/ x N+�;��ê)��í)(&"��jü�i NFS �;�� ¡�6+¢�� J v'Vx�M ��N

££ £'¤¤¤Red Hat Enterprise Linux ¥~¦'§#¨ª©�«�¬� NFS ® ¯W°�±3²´³~µ3¶´· 5.2 ¥S¸ ¤3¹~º�» «�¼� portmap ½�°¾\¿¹~ÀW¤�Á�»�Â~Ã�Ä3Å

NFS Æ�Ç+µ È�É+Ê�µ'Ë�«�®�¯�°#±.²~³�Ê3¶ UDP Ê�µWÌ;Í TCP¹ªÎ�Ï�»

NFSv4 ®ÎWÏWÐ ¥ TCP¹´ÀW¤;Á+»\Â~Ñ3Å

NFSv4 µ RPCSEC_GSS Ò�°�Ó~Ô�Õ±�ÖS°'Ô+®W×WØ Á�» « Kerberos Ù�°�Ú+°Û'ÜÝ Ô�°WÞ�ßWà ¹ªá�Ä Ê�¬ Â~Ñ3Å Red Hat Enterprise Linux â NFSv2Á

NFSv3¹ ½�ã'°&ä » «+¬ Â~Ñ ®Ê�¶Såª©WÊ ÎWÏ ¨ª©3 portmap ® æ'ç�µ Â~è á3Â ©�«�¬ Â´Ñ#Å

5.4.1. é é é�êêê�ëëë�ììì&íííwîî î3ïïï5ððð�ñññ�òòò5óó ówôôôNFSv4 i $ ��%'�]ë)(+*&a Kerberos 6�9.:�v V;{;|.õ�/�0&A3ö3÷�6Wø5��ù56'ú�û+V x ��Aü�4�X3-ú�� ý ë�s�þ%ë � �;ÿ��d�D $ ��%W��ë�(;��+<�=&i0ê!ë5��6��5��? J ú� a;��N NFSv2

JNFSv3 i��'ë�þ�6� ��E��}�a�!v'V x ��A;ü�4+:�� ú�f�� M ��N+�� V;��&a�� $ ��%'�]ë�(.6 �ù � ü'��;? J ú��;O!�6�"$#.�5��&�&%��&')( M ��N

5.4.2. * * *,+++.---0///3ííí�ôô ô111.222.3335444�ò��&(�%'ð36 /etc/exports �)� �3�7698 a�:�ø&�� ;)��)� �3� "� ñ&h��9<.� % i NFS ê,ëì ë'ú=��!v M ��N�?�� 6�>�`��4@?��A&E��B ë��6�C7D]v E x)E)F ��G�6+H.H#V;�/ x NI L�J 4 /etc/exports �� .f&��K.��L&i�<3�]% bob.example.com � M�v�V�N�O�P�O / Q�b@PO�R�S�T&a��ò'�;(�%�ð /tmp/nfs/ 6@UV�v M ��N/tmp/nfs/ bob.example.com(rw)

W M5��4 /etc/exports �� f��.?��L&i�<3��% bob.example.com �&M]v'V�N�O�XY�[Z.:&�R\S�a\]�^_�¤ò��.(�%�ð6�U�V�v M ��N�`�4 world ��M!v�V.i\<3��%ª[��a�� 1 b�c)� E û�V54�N\O�X� / Q�b�P7O$R7S.a��ò'�;(�%ð�6@U�Vwv M �5N/tmp/nfs/ bob.example.com (rw)

44 d d d 5 d d d . e e e�fff�ggg�ff f�h hh�i ii,jjj)kkkmll lonnn

showmount p q.rts�u@v�wox&y�z�{t|@}�~ NFS �$��.u��ox��t|�� :

showmount -e � hostname �

5.4.3. no_root_squash � � �)��0�� &� ��)�� ,�� .�7��0�[� y NFS �� ¡7��¢7�&£7f�¤7f7¥$¦\§7r �¨�\©�ª nfsnobody «7� � f � £�f$¤�f�¬�tu@��5x�®�¯±°�²)³ ��´ � � f �¶µ·t�\¸&¹&� � nfsnobody £�f�¤7f�º»��x&y setuid ¼.½ � h�½ � u�¾¿7À7Á7Â�Ã Ä �7¥t½ À\Á f�s�u�Å$Æ�x&®_¯9°no_root_squash ºv�w±|�}7~�Ç�Èty)k�É�f �¶� f � £7f�¤�f�� 7¸ ¹&�tÊ Ë l Ä � �7¸ ¹&� u¬��¯ ª ³)Ì�º �9Í�ª ~Î±y�Ï\�£\f¤\f�ºÐ�ÑÒ.Ó�Ô�Õ5x_��x�®.Ö&×.Ö_¢.y�Ø�Ù)¥ À k�Ú$f ÊtÛ ru�ÜÝox��x&®��\®�¯t°

5.5. Apache HTTP ÞÞ Þàßß ß�áá á0ßß ß±ââ âoãã ãApache HTTP e±f.gtf9� Red Hat Enterprise Linux Ì�ä9å9¯ ªæèç�é {�x�� é9´ ¢,e±fo¼ Ë9�¯�° Apache HTTP e.f)g.f�u$ê)ë,¯ ª�ì À ÊoÛ r�í9ltî7ï�½î��\ð.ñoò�Ó ©oó ®�¯o° —

© ® óÓ ç ñ\�$~�Îty³�³ � ��ô�õtu@ö÷9|�ø��7�$~�ù Í ®�¯.°ú\û ¥ À k$Úf Ê�Û r�Ó�ü7¯ ª�ý7þ u ÿ�� Apache HTTP e.f7g)f�u&z){0x��7��|��.° ý7þ��èÌ±x��oy Red Hat Enterprise Linux k ��¸� r Ë��¹ s�Ó ©±ª Apache HTTP e±f.gtf9�d�y Red Hat Enterprise Linux

Ê.Ë l Ä� �� 5¹ s�Ó ©Yª Apache HTTP e5f�gof��±z�{5�d�y http://www.redhat.com/docs/manuals/stronghold/ Ó ©tª Stronghold q.ï±j7¥ � u��àx��\��|�\° �� º��tu ¿�� ¢ � }��¢ � ¢7� z�{ ì À Ê.Û r�� ó�� ¯9°

5.5.1. FollowSymLinks³&� � n î�l0n�� 9�)�_�à�� ! .Ó$¢"&�7�)®�¯7� � y$§�#��&e\f�g�f��Ys¨i9j%$.r �¨� f �Ó Ê r'&tk�½ î,k&rî�u µ· ¯ ª Ç�È��(�),Ó&Õ�¢�" ��t|��\°+*-,.�,y / Ó$� Ê r'&9k�½�î.k rî�u/ ,�¢\�\×,Ö�Ó9x&®�¯t°

5.5.2. Indexes 0 0 02111�333�44 4�5552111.666³&� � n î�l0n�� 9�)�_�à�� ! .Ó$¢"&�7�)®�¯7º9y87t®.x��&z�{ � � ©�ó ®�ø��.°�e\fg7f9 � �\¸ ¹&� u¼�:�; f�º�<�= �,Í ¢±ò�¯ ª Ó&�.³�� n î l5n>�7u@?�A±x��$�t|&�\°

5.5.3. UserDir 0 0 0B111�333�444!555211 18666Ê Ë l Ä Ó%C�D¯ ª £7f�¤�f\¥$¦\§\r � u��oxm��x&®,Ö�~$Îty UserDir � n î&lYnE�$� �.�\��F �Ì�¢"&�)�)®�¯±°�e\f�g7f��£\f�¤\f � n î � kG<�=tu�� .Ó�¯ ª Ó��'�\� � n î&l0n�\u@v�wox��9|$� :

UserDir enabledUserDir disabled root

³ �,×,Ö�¢ � n î&lYnE�� /root/ H�I7��£�f�¤7f � n î � km��£7f$¤�f � n î � k�<�=,u�� Ó±x�®�¯±° F .¥�¦\§7r � ��k ËY� Ó £7f�¤\f.u+J�K�¯ ª Ç�È\�.y@£7f¤7f�� space delimited k ËY�u UserDir disabled

Ã ¹ r$Ó%J�K�x��t|��\°

L L L5L L L

. M M M!NN N'O OO�N NN�PPP�QQQ�RR R�S SS>T TTVUUU 45

5.5.4. IncludesNoExec W W W2XXX�YYY�ZZ Z�[ [[2XXX.\\ \!]]]�^^^-___a```.bbb�cccde�fGgih>jk!l%mnporq!s!t!u!v�w!xy R%N g!z M�N�O�N�M�{ oG|%}p~8�-~8�p�� N z��%�T��'� j�l.m�no�q�s��-�G��!z��.��j�k+��j�w��%��>��8�'��+��Ew��%j��%��

5.5.5. � � �� ¡¡¡�¢¢¢-WWW2XX X%YYY�ZZZi£££�¤¤¤.¥¥ ¥�¦¦¦�¡¡¡V§§§�¨¨ ¨©©©�ªªªV«« «��¬ SG hr® CGI�8}�¯!d U+° ¬�h S ��g N hr± N�²�N |��!³!´pµ8¶�·!�!·�+¸!uV�G¹��p�'��8�º-l8m�n-o�|'¹�k+q�s�j�µ�~+�

:

chown root » directory_name ¼chmod 755 » directory_name ¼½ k8¾!¿p�8À!Áp�+Â�|��!³p�%� T!� j�q!sp�@��¹��%��¬ S� h>z�Ã�¹�Ä@Å�Æ+Ç��rÈ!ÉV��¹��.Ê�ËÌ��E¹��-�'��

5.6. FTP ÍÍ ÍpÎÎ Î�ÏÏ Ïe�Ð { g�Ñ�Ò �Ó h+l+g (FTP)��Ô��h�Õ N ¬ � |�e!Ð { g�Ñ�Ò-�+s�w�ÖG×%Ø!� TCP �Ó h@l+g�j��± N�²�N Ì!Ùp�8}�¯�Ã�¹!� M�N�O�N h8Ú!n ² ¬��Û8n%z�Ü�Ý!Þ-�8��¹�Ç�ßG³-k8à!Ã�á��â�� Ó h8lg�j��8ãk+ä�å�æ��%��z��!j'�-�

Red Hat Enterprise Linux�

3 ç � FTP M�N�O�N �+è�é��8~+��

• gssftpd —Ô��h�Õ N ¬ � j'Ì�Ù�ê�ë-�Gì�í��>w��k Kerberos

�+��îxinetd ï�N �� FTP

d N xn.j��• Red Hat Content Accelerator (tux) — FTP ð v��.ñò�ó�ô�õ�î-k%� N Ô.g��ö N ��÷�ø�ù M�NO!N j'�-�• vsftpd —

��n-o�� Ó'N n�k P�Q�R�SETVU�N'ú�û � FTP M�N'O!N j��-�vsftpd FTP M�N�ü �� P�Q�R�SETVU�N�ý�{ o+Ú { n8��þ��ÿ�� j��

5.6.1. FTP� � � ¤ ¤ ¤��[[[2XXX�� ± N�²�N� �� Õ N o8��p�8Â�|�� SGN!TVU n�� O��!N z��-�8�p~+�p�%d�e�fGg h>�~�~%j�-¬�Ú-�+� N z-�'� T�� | �"!�w O�N y�Û.n%ê�ë�z-�� O��N |'}�~.��¹��~�-�

vsftpd�#� S N T U n$� O%� N � � � � � | � þ � d U ° ¬ T U ù�

/etc/vsftpd/vsftpd.confe�Ð { g�|'&�(��¹��-�� :

ftpd_banner= » insert_greeting_here ¼� º�d U+° ¬ T U ù��) insert_greeting_here * �� SGN�T U n+�',�� P�N y%� T�Q � h�|'-µ/.10�~+�-�2�3�Ú { n�� O��N ��4�ó�k O��N e�Ð { g��5�6�z�7�8�j!��'2�3 O��N ��9�:��;�<�Þ��|�-k O��N � /etc/banners/ � �pÖ>=V�8��d U+° ¬�h S |�?�@ ��~8�p��%��A�j!�-k FTP B�C � O��N e�Ð { g�� /etc/banners/ftp.msg |'w��.~@��e�Ð { g��º�A��"D�Ö@|��@�~+�� :

##################################################### Hello, all activity on ftp.example.com is logged.#####################################################

46 E E E 5 E E E . F F F�GGG+HHH�GG G+I II+J JJ�KKK"LLLNMM MPOOO

QQ Q�RRRSS S

5.1.1.1 TVU�WVX"Y[Z/\/]_^a`�TNb cN^�dfe 220 gNhfi jlkfm/n�o�Ylp[q/r's

vsftpd tvuwLxGyMzO|{}u�~v��%�|��}�%��}�w�|��ty�zO��}��M�Ox�� /etc/vsftpd/vsftpd.conf ~��'��'��>�� :

banner_file=/etc/banners/ftp.msg

�5.1.1.1 t �� +¡£¢�� TCP ¤�¥V¦�G��/§+¨P�N� ©�ª�«�¬"�'��H��G"�/®�ª+��¯�°�±�²"³�´��µ

5.6.2. ¶ ¶ ¶�··· ¸¸¸1¹¹¹�ººº¼»» »/var/ftp/ �½O��¿¾�L>t+À�Á�Â+Ã+Ä"Å�Æ�Ç�{1¾��/È+É��1�'´f�µ¯�t��½O��¿¾�L'�/Ê�Ë��Ì�Í�� vsftpd ¦ ¥�Î�G�Ï��{�Ð£¾_G � �'´/�µ+¯�t�¦ ¥�Î�G¼Ï�ÂÃ�Ä�Ñ�G�Ò�G"��Ó£�f��ÔO/��Õ¾+L�Ö¿LfG¼��×�Ø ��'Ã+Ä�Ñ�G+Ò�G"� ��ÔO��Õ¾�L��Ù�Ú�Û½¢_Ü�¨°��´/�µ�¼~�Ý>�Ô¾_²��Ã+Ä�Ñ�G+Ò�G�t Þ1³�ß�Ú�à�á��â�ÉÕ°�ã"ä��´��1µ

QQ QfåååFTP æ�çNèfçVé�T>êNë'ì�í_îfï'e[ð�ñ�òôó jlõfö ÷[øfù�úfç'ûaç�TNüfý�õ�þ'Z Qfå�ÿ�� s

5.6.2.1. Ã Ã Ã ÄÄ Ä�Å ÅÅ¼¥¥¥��GGG��Ã�Ä�Ñ"G�Ò"G�t"Å¿¥ ��+G��à�á��¿��¿� /var/ftp/pub/ ��t�Þ¿³�ß�Ú�Ü�¨��ÔO/��Õ¾+Lft�ÌÍ��P�'´��µ¯�t�� +�1��'´f� :

mkdir /var/ftp/pub/upload

Ã�Ä"Ñ�G�Ò¼G¼�� O�� ¾�L �� !"�ã��$#&%��+�Õ�('��1�¼��)��*�P��à�áÕ� +,½�/��Õ��µ :

chmod 730 /var/ftp/pub/upload

�½Of��¿¾ L>t�-��~�Ý�G�.�¥�¾0/�1��t2#3%/� 4�5¼��61´��1µ :

drwx-wx--- 2 root ftp 4096 Feb 13 20:05 upload

77 7 888êVë�9�ç;:/ç�ZVú�<0=>í*>�? T�@�A�B�YVò�C�DFE�A'eFGIHfó jKJ L M/Tfæ/ç>è�çfn�N O*Pf\�>RQ�SNìNTT=VUTW�>?YX ÿZ��ÿ pT[]\�^(_�`_o+Ylpló+s

�3a�� vsftpd ²¼�/��t�� /etc/vsftpd/vsftpd.conf ~��"�'�� N�+�¼�� :

b b b5b b b

. c c c�dd d�e ee*d dd*fff*ggg$hh h3i ii;j jjlkkk 47

anon_upload_enable=YES

5.6.3. m m m&nnn�ooopnnnrqqq�ss s&tttpuuuwvvvFTP x*y�z3{�|�}3~&��I��d2� �3{*��3�*�3d*�3d*��d�� l� |�}3�� 2� �*��3d*�3d�� ¡�� ¢��*c3d�e�d*£3�$¤T��j�¥*�3d��3d��(f��¦�§��I¨�©�ªp«�¬2��*®�� ªp¯vsftpd �°�±d²�³d±�²�± ³¡´�µ�µ¶¸·¹¢ºª»«¼¢²x¹�µ½³�¿¾ÀkÂÁ¸�ºjÃkÅÄ� /etc/vsftpd/vsftpd.conf ¢TÆ�Ç��È2É(}3¯ :

local_enable=NO

5.6.3.1. � � ��dd d(� ��d dd��(�� ¡ ¡¡2��K��ÊÊÊËËËÌ

4.4.2.4 �$Í�Î$ÏÑÐ�� PAM i(�Ñ�*ÒrÓ�ÔÕl�*Ö2�$ª�«�×��ÕpdÑ� ��d3��d�� sudo Ø&Ù��rÚr«�2d3�&d�|lÛ�Ø$©&��Ü�Õ2d$Ýp��p &¡��I� FTP c&d�e$dp�2��f$�r��Þ�ßr¢�¶�·r¢*ª�«$à&×(á�{ãâ��ª&¯ vsftpd � PAM ¨*©pÒ3Ó ÔTÕ�x /etc/pam.d/vsftpd ¢T|ãÐ � ªp¯ä �Iå�cd2æ �*{�ç�è��d(�d�(� 3¡2�I��¶�·$¢ ªp«�à3×*é�ê*ë�{�ª&¯vsftpd ��Ø©��d��d$��$ $¡�� ¶�·p¢(ªr«�¢*x /etc/vsftpd.ftpusers ¢(��d*��d*�ã��ÆÇ��ÈpÉ�}3¯

5.6.4. TCP ì ì ìrííí�îîî&nnn�ïï ï�ððð$ñññóòòò ôôôrqq q2õõõ�ööö2÷÷÷�øøø2ùù ù�ïïï�úúúlûû ûÌ

5.1.1 ��ÍÎ�ÏlÐ TCP ü$��d2�IÖ�� 1 ý� FTP ¾�d�þ2¡I£��f��$� ÿ��(ÈpÉ(}¯

5.7. Sendmail �� Sendmail x��d*Õ��3d ��¡p� (MTA) x SMTP (Simple Mail Transport Protocol) ��Ö��l�(�� MTA ×��d*Õp��ü(Ô��3¡�� ä x�¾ãi�e�i��d��¡��*{��f*d�� p��|3}3�ªr¯r� ü3Òãk��(�� 3{&â�« MTA é��! (ÚrÐT��ª3á&� ��3{&âT|�} MTA é"�$}��*��#�$~2�� (d$��{��d�Õ�*��x�y�z�%á'&$}�(*)�h'+�,Td$¤ -I¡�.�/�0�×2143��ª&¯�*� �2d�Õp�65*748p¢�93ªl«':*;w×�<�=*>6?&��¨�©r¢�93ªl«'@*A&x Red Hat Enterprise Linux iÒ�ÓÁ2¡��B�Ô��2� b � Email ��CED F$ÈlÉ3}2¯$à�� b x Red Hat Enterprise Linux i�Ò�Ó3Á2¡��BpÔ ��{�ÍpÎrÉEG2�p}p« /etc/mail/sendmail.mc × running the m4 (�H�¡��I*J � ��K$·| /etc/mail/sendmail.cf L�?�ªp«"M�N�O�P�á3Ú«�à3×(�"Q�R$¢ Í�Î$É"G��}3� ªp¯Sendmail cd�e�d��S�T&�"U�©��}«"V�Wx$��½3¢*ÚEX�«ZYE[�¢Z\�]ã��È2É�}¯

5.7.1. ^ ^ ^&nnn`___�÷÷÷6aaa�bb b*ccc�dddlïïï�eee4ff f��d*Õ3��N�g�h�|�Y�[�éTÚrÐT�Zi�jr×� ��k�l�m3x�n�o�h�Þ�ß2¢Tc3d�e�d&� �2¡�� ªp«�à�×Iá�{â��'p��q�r�c�d2æ ��s�t&��u�v2É"wp�Iª&¯ /etc/mail/sendmail.mc x��½��*¾�k�Á*� j�kVÄ�{�ÊË2�I¨�©�ªp«�à× ¢3¬2Ð ��à �$¬��|3��y�� ·�z�á(ÊË$É�G&�Iª&¯

• confCONNECTION_RATE_THROTTLE — 1 {�|p��cpd�e&d�£p��è*}2ê2ë��p{3ªl¯�¾�Ò�~ Õ ��{x Sendmail ¢�¬�«�è�}��Ê3Ë�x�ÚrÐ �"w��&¯Iè�}�ÊË�á�¨*©pÉ"G��è�}��á*ÊË3¢�� V�Wp�"��}Tè�}x��pÉ�Gp��ªp¯

48 � � � 5 � � � . � � �� *��6��2��

• confMAX_DAEMON_CHILDREN — �6��6��!�� ¡6¢�£¥¤��¦Sendmail §6¨�©��6��ª�« ¦�¬�Z®"¯�° ��Eª�«��±�²4³�´�µ"��*§Z¶�·¹¸�º�» µ"¼�·"½�¾�¿ ¦EÀ�Á ³�´ ® �4�

• confMIN_FREE_BLOCKS — ��Â��£�Ã�Ä*§�Å�Æ��Ç4¡*�¹��È��4ÉZÊ��E��Z �¡�¢¹£¤�� ¦ 100 È��4É�Ê�§E��ËZÌ�½ ® � �

• confMAX_HEADERS_LENGTH — ÂÍÉ¹��Î�Ï�É"ÐE��E��Ñ�ÒE�*Ó'Ô ( ��ÓÍ¤ÖÕ�× ) �� • confMAX_MESSAGE_SIZE — 1 ÂÍÉ¹��Î��Ñ�Ò��*ÓEÔ ( �6Ó�¤ØÕ�× ) �E� �

5.7.2. NFS Ù Ù Ù SendmailÂ��E£��£� Ú��Û�Ê�¤�� /var/spool/mail/ Ü NFS Ý�Þ*ß��à�§�á�âÍ·¹��½'�4ã�ä6³E½��NFSv2 å NFSv3

¦�æ ��ç��!åEèZ£�� ID Ü�é�ê�·¹��½�¸Eë4µ"ì�� æ ��ç��í'î UID Ü�ï�Þ��©ð å"�� ñ�µ�ò��¸�ë�µ�ò�� æ ��ç��íEó ¦�ô ½'��Â��£�Ü�Ã�Ä`·�¸ µ�õ ° ä ��© ð å"��ñ ®�� Kerberos Ü�ö�÷��© NFSv4 � ¦ µ SECRPC_GSS ø��ùZ£�ú Î��£�� UID û��ü�ý�Ü�ö�÷·¹��½'þ µ"ÿ�� ¦�� · ®�¯�° �

5.7.3. � � �� ø�£ æ ��ç��6§6¨�© Sendmail ��ö�÷�Ü��§ ¦�� Â��£��6��è��à�Ü�ö�÷`·¹Ì�µÂ��£ æ ��ç6��*ÊE��4Ü Sendmail �*��*§�«�²��!©'��*��!�'Â��£��6��ÿ�� "!�£��ø#$�¤ ¦ Ñ��`·��6½��%�³�½6� /etc/passwd ¡&�Ó�£��' æ ��ç�� "!"£ ( £��Ú¤ æ �ç��(�) ¦ �� )

¦/sbin/nologin §Z±�²�·�Ì�% ³�½��

5.8. ** *,++ +"-- -/.. .�00 0211 1�33 3544 47666�88 8:999<;; ;ù É6¤>=E��ÊZ��?��±�²��@�µA"�"B��`¤�� à��ù É�¤>=E�*Ê�Ó$�C�� ¡�!��Ü��É¹��$·¹Ì�½�©�D�E�F ÜHG5I�Å�Æ�� ¬4�® �4�HJ��$�B��`¤ ¦�K�L Ü>F"M!· ® ��ù É4¤N=��ÍÊ Ü!��É��O$E��©�B*� ¤EÜQP*ü*��©QR�S�� ¦ 2 T ¬��® � �EÄ�UV �W�½��Úå ·Ì4µ netstat -an or lsof -i �OA��XQY�$:ZZÜ L�[ ·Eµ�ù4É�¤H=�� ÊE��C É'Ê�Ü�ÊN\Ú��!©]�� ¬!�® ��6��è��à��ù É6¤>=E��Ê]D:^HY� ��$E§'¾�¿ ¯"_ µ� ��à�ÿ��Q`"a�³"´�Ì6½�©]DÜbP�ü��©b�"��¸�ë�µ�Ä"U"V ¦ W�½ ådc�e ® � ��ò��¸�ë�µQ�� bfE�� gb$��Qh"i�ÜHj�k ©Hl"mn �6½�½C��o4É6¤'å"� Ë�Ì · ® ½ ® ��Ê��É2ø��p�q��*ù É6¤d=E��Ê]B��Ú¤�Ü]J��$�·¹¸�º»4µ K�L�r�s Übt�ò�I�å�· ® � �ù É6¤>=E��Ê�Ü��É2��$"�4©�B��Ú¤"ÜHP�ü�� ©"Ä�U�V��u6½]��Íå�·2Ì nmap ��A��"B��`¤��vNw��Ü"ö�÷��4©H�� ¬�Z® ��X"$"x��£�D:^ � Ä�³�´�©by��X]Y�$�Z¹§6¨�Ë�Ì�ù�É6¤>='��Ê'� TCP ¾�¿4Ü��É��$6·�Ì6½�©]B��`¤ÜHz�²��4© ð å��ñ ® �� :

nmap -sT -O localhost

ð ��X�Y�$�Z��{ [�¦ y��6¨�I�§'� Z® � �Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-09-24 13:49 EDTInteresting ports on localhost.localdomain (127.0.0.1):(The 1653 ports scanned but not shown below are in state: closed)PORT STATE SERVICE22/tcp open ssh25/tcp open smtp111/tcp open rpcbind113/tcp open auth

| | |5| | |

. } } }"~~ ~Q� ��~ ~~�� <�� 49

631/tcp open ipp834/tcp open unknown2601/tcp open zebra32774/tcp open sometimes-rpc11Device type: general purposeRunning: Linux 2.4.X|2.5.X|2.6.XOS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7)Uptime 12.857 days (since Sat Sep 11 17:16:20 2004)

Nmap run completed -- 1 IP address (1 host up) scanned in 5.190 seconds

�Q��N�<��H��:��"�sunrpc �� Q��O��Q� �� portmap �N��>��] �¡�¢£�¤ ��¥ �� H¦�§�¨�� }�~�© � ��ª�~<« 834

¢ �� ¬��¥ �� b� ª�~5«®��¯�°�}"~�© ��d±�²��³ ��´�µ�¶��N¢Q·�¸��H¹��O�º�Q»�¼Q� :

cat /etc/services | grep 834

�N��½N¾�¿:Àº´OÁb��· ³:Â ¥bÃ�Ä"Å5�d� �bÆ· ª�~Ç«¬��È�É ¼�Æ��Ê�Ë (0´:Á

1023)¢ ³,Â �Ì ~�Í ¿ � ��¢]Î ~<«ÐÏ�Ñ �>Ò�Ó:��b� ¯�°�}�~�© ��>·�±Q² � £ ��]�HÔ,�]¥ ��¸�¢

netstat Õ · lsof �HÖ�×,�]� ª�~<«ÙØ�Ú �H§�¨,�¬��»�¼N� netstat Å ª�~<« 834�>§�¨ � �N¢·��>¸��½�¾�¿�ÀH�HÖ�×5��»�¼N� :

netstat -anp | grep 834

½�¾�¿�À � ¸��N�Q�O�]¥�� :

tcp 0 0 0.0.0.0:834 0.0.0.0:* LISTEN 653/ypbind

Û ¹��H�� Å�ÜQÝ�¢ ª�~Þ« � Ì ~�Í ¿ � ��ß�à�á>â ~ ·��N��½N¾�¿:À>¢�ã ¤ ��ä�åO¼�Æ £�ã�æb¢ � �]�� netstat � Ì ~"Í ¿ ª"~Ç« � �"��ç §"¨�¼HÆ��¢ £ Â ¥ �� ¥�� [p] ÌÍ ��èb¿�¢ã ¤ �� ª"~Ç« � Ì ~"Í ¿��d� }�~�© �"� Í�é�� ID (PID) ��ê�ë �N¥ �� ]��ì ~ �"Å·�� Ì ~�Í ¿ ª�~Þ« · portmap }�~�© �:�dí"Ã��Ö"×�¼�Æ�� RPC }�~�© � ypbind (NIS)¢QîÞ�>��¥ ��

lsof½]¾�¿�À�· }�~�© �� Ì ~�Í ¿ ª�~<« � � ¿�ß � �bï�ð ��³ ��Q��NñNò�� Ø�Ú � ë Á>´�¢��]¥�¬� :

lsof -i | grep 834

��½�¾�¿�À¬¢�ó�ô � �Q�]��·Q¸"�Qõ Â Å �� :

ypbind 653 0 7u IPv4 1319 TCP *:834 (LISTEN)ypbind 655 0 7u IPv4 1319 TCP *:834 (LISTEN)ypbind 656 0 7u IPv4 1319 TCP *:834 (LISTEN)ypbind 657 0 7u IPv4 1319 TCP *:834 (LISTEN)

�]��ã�æ £ö ~ Î��bÖ�÷]ø"¾��"¿]Å��"��¼HÆ�� }�~�© �"�� "¡��´ £ Âºë ÁH´�¢ � �� Å�ù¥ �� ¥]�� ö ~ Î�·�ú"û � ��üNÎ�Å��ý�á «>þ]~ ß }�~�© ��ÿ�� É ¢�± � �� £ Ø"Ú ��5�d�� Æ�¥ �� lsof � netstat � nmap � services � man �~�� 5�¬��»�¼Q�

50 � � � 5 � � � . � � �� !

"6"

.VPN (Virtual Private Network)#%$'&�(�)+*�,%-�.0/21%35476%8�9�&�:�;=<�>%?�@�A�B�C�D�E�FHG�I�JH)+K�L�M�N5O'P�Q�R�)�S�T�UVXW+Y 8HZ V\[�]�^=_ C�`�a=b5F=c�OedXf�$hgjilkeb5men5olpX?lqj$e)Xr=s�tl6�>X3=uhI=vxwluhI(�y�z�{=|=}�~=I\� (ATM-Asynchronous Transfer Mode) -+.��8e�5�5�0��j�t%��/�lI��%�� wh�HI%��O [']��Vx[']+� )�1%354�65O�we�� [�] #�kb�m�c��>%?��C�?�:�;�u��)�U VG%s�J��@�A��+��C�(�(%F�� V 8��o��d��'�� [ S�#�BH�� )%r�s�tH6 (SMB) C%Ol¡ ] >�¢0$�&$lc=OeCl�0iek�bXmch)�£�I�¤�Cl¥=¦�b5Fe§X? VPN(Virtual Private Network) d=¨�©5ªH�5k [ SXmHU V%WhY OHz5«�K�¬�® <5? VPN C�f5i�¯�°�� 2 �l��I�±�² ( k�S�>Xt5��/e�+I%�+² ) <=)�G5s=JH��@�A58h³�¬%C [ ?e´�µ) LAN(Local Area Networks) (�� WAN (Wide Area Network) 8¶+· [ kbXm+3�ueI�vjweueI�¸ ATMO�)l¹�#l>�ºl)!/-��e6�»+Ix/½¼�¾=<lbXm VPN >!/-��e6�»+Ix/½¿jO [�] G�I�J+��-ev�8Z V0[�] IP8�}�À [ ?�.��JHI�t%��/�8�@ [']5ÁÂ+Ã kH<�)l¯�°��+Ä�.�±�8�Å�Æ [ k�bXmHÇ5O'È5É)�3�w'I � 3/�Ê=ËlÌ VPN Í+Î >�?X/-+��s��/�ChD�E�FÏ=��FeÐ�6��HG+I�JlCH¥�b%Fe1�I�±��6�J��lÑlI!�7)+ÒÓ R%8Ôxi7Õ�� ] #�kbXmÖ ��w�,×4ÙØ+R=)�S�T�CHÚ�Ix��Ê�ËhÌ VPN

� we�eI��X��+8Û V bXF�:�;jÜegH��p�? � 3X/�Ê�ËlÌ¸�±�Ý!/HÞe�=��I�6�) Í�Î 8 V #�F�:�;0ÜHg5iHk�b�m Cisco ? Nortel ? IBM ? Checkpoint �jÉÚ�Iß�Ê�ËhÌ VPN� wH�eI��X��8Å�Æ�b%F�X�hÑhI+d�#�$�&�(�g%iekb�m Linux

V Ch>�?à�á�R IPSec ( #â�ã F Internet Protocol Security) Í�Î 8 �+V bXF FreeS/Wan Oe#XäH3�w�I � 3X/�Ê=ËlÌH�=I�6+) VPN� we�eI��X��d�g�iekb%m�c�ä [ S VPN� wH��I��X��e>�? � 3X/�Ê=ËlÌHå=>+Ú�Ix��Ê�ËlÌe�=I�6C�>��+æ��5$�?��ç=�+��I�J�O [�]�è�é0[ ?�g�Fe1�354½6�(5�'ê�)�1%3X4�6+ë=) IP `�a�)�²�Chì�í [kb%m

1 &j)!��-�.XÌ0�\/e(ß� 1 Äxî×�j/ed�©�A\ª��\FjO�?��5IX,ï4��%��ðXñXò�ó�)XS�T5)�ò%ó�ôõ�Ñ (AH=Authentication Header) OHö�p��0FHôß�HÑ�÷�øj8hù�ú=b0Fe��I�J�khS�>�û�Iß/Ê�Ë+.%8e@ [] }=A5ªH�5keb�mHG�I%JH>�Ò Ó R�ª��? ESP(Encapsulating Security Payload) O�ö�p��5Feü ®�ý=þ Oÿ�Ó R=d��Xª��XkbXm��A VPN �=I�Je>lô!�ÑH÷�ø%8Ôxi��# ] ?G�I�J�8 ÿ�Ó R [ ? Á'ÂlÃ ( �HI�h6�,�I%��keS�>�t��/'�hI��=)eI×� ) ë��I�,×4��+� [ k�bXm+t��/'�HI��H²�`�aX8 �+V![] ?�Ý�I��+�Xt%��/��lI��h) ��A�HI×�2>�? ÿ�Ó R�ª��=S�Ä�î%��/�8��EhÔxi2ü ® )�S+T=)+á��X8�� [ kbXm+t��=/'�hI��H²+) VPN `+a=<�)+Ò Ó R /ÿ�Ó R=)�±�Ý Ö 6+>�ÝHI��l��Ix��Ce¥ [�]��Â<�b%m

cH)%f�ä�ChØ�R�ª��S Ö �%��w',\4u��=<�g�¡ ] Ü�?+�=-��I�C�f�¡ ] Ä�îX�=/2d ��Xª��XF��E�<��0$�?�º�)�ÄXî��/�)��!Ü+ªe� ]![ k%ä��d�gjihkHb5m�khS�?e*�I� �I0O��-+.=Ì��5/�²) man-in-the-middle ! " 8Z!ä$#+Õ�%=>�?ò+ó Ö �H�X�� V )�&�Ce¥�bXFHÌ=� Ö 6�'%89+&%c�OeCH�F��+�jÜeg�iek�bXm�(j��>lò�ójO'Ò Ó ��=)+§�C*)�&=(�)�uh.�+=I�8Z V bXFeS�T%? VPN d-,�.�RXª��S�.��/�-�t%��/hO [']+è�é b�F�/�0�)jw'~�I!/�HIx�'Ch`�a�b�F�§=)+¯�°�<+P+Q�)�1�#�2�3�C��iek�bXm

6.1. VPN 44 4 Red Hat Enterprise LinuxRed Hat Enterprise Linux 5 I�6�I=>X?7�8+) WAN ë�)�`=a58e¯=°XClb�F � 3�/'Ê�Ë+Ì�) Í�Î ChZo�F�9�:�1�±%��8�9;�k�b�m IPsec ?�# â�ã F Internet Protocol Security >%? Red Hat EnterpriseLinux

V ) VPN Í�Î Cl¥=¦ [] Dxih?=cH��>X?�<�=�1%3j476�¸�>@? Ã 5 I 6�I%8�9=&�?*A�B�)+Z V£�I+¤�C�C�D�Ce¦!«HF�c�O�d�<FE+k�bXm

6.2. IPsecRed Hat Enterprise Linux >%?�.��JHI�t%��/2�5É) ,�G Â ��FHXw�Ì�t%��/��lI��*��< Ö �%��Ì��/e��tH�j8eZ5¡ ] w'~�I×/�I+6×/hOlt%��/��lI��=8 _ #�Ch`�a�b�FHS+T�)�±�Ý0/�Þ�� IPsec 8e*�»=I

52 J J J 6 J J J . VPN (Virtual Private Network)

K�LNMPOPQ�R�SIPsec TVU-W X K$Y Z�[ ( \P]�^�_�`�a�bVc d�be�X�f�bg�h�_�i�jlk�mPd-bFe�X�f�bgnh*_*o )

Q�p T�U�q�r K d�bVe Y Z�[ ( \F] LAN/WAN isjlk@m LAN/ WAN o ) t*unv M�w@xny*znQR�SRed Hat Enterprise Linux {�m IPsec

w�| T IKE (Internet Key Exchange) t�u�} L U�~ z T Z�[F�mg�X�f�� Y m-�� Z�� m@��u�} y�z ] IETF(Internet Engineering Task Force) { w�|�yz ]��@� K ^��{ R�SIPsec

Z@[ TnU 2 �m��@�P�F�F� �Pi zPMVOFQ*RsS*�� {�T�U IPsec �-b��NT��@b K �-b��$�TVU�qVr K d-beF�lm Z [ t* ¡ L�QlR�S ��b K ��b¢� / qVr K d-bFe�TU�£ ¤ L�MPO ]��b¥�¦m�§}�¨�t�©Vªr�e L U�«�¬@ Z�[ m�®�m ��¬�¯�t�°�± L�Q�R�S Red Hat Enterprise Linux mVg�X�f��² {�TVU IPsecZ�[ T IPsec ��b¢�³��@m�´�µ�¶�·�¸�¹�¯�t�u O@Q�RVS ´�µ�¶�·�¸ IPsec

Z�[ {�TVU�«¬�m�W�X K IPsecZ�[ m ��º ��»�¼ R ]�®@��½�¾�¿�bPt�ÀVv M�O ]�Á�£��\�Â Q�RS

IPsecZ�[ m ��º �P�@{�TVU SA(security association ) IPsec

Y {�Ã�Ä y*zÅQ*R�S ~�m �@��TVU*Æ�ÇÈ ¹ ¯�U�É�Ê�Ënr�g�h�_*¿ b�°�Ì�ÍVÎ�Ï�bc�U�Ð-m�Ñ��Òlm-Ó�Ô Õ Ö�t@×�� SA Ø�bc�Ù�b�Xt�Ú�Û LQ�RVS ~*m�� TUF��b K ��b¥�*��qPr K d*bFe@�lm w�Ü m IPsecZ�[ tlÝ�� L�Q�RVS

Red Hat Enterprise Linux m IPsecw�| ��TVU�ÞP_�c�bqVr K t�ß L�p W�X K$Y m�¿�b�m-¶�·F� IKE tu�} L�Q�R�S racoon ¿ b�Ø�b��P_*TFU IKE ¿ b-à án��°�Ìt�â � L�Q�RVS

6.3. IPsec ãã ã�ää äVåå åçææ æ�èè è�éé éIPsec t wP|FR ]��TnU R@êM m IPsec W�X K ( W@X KlY ÓPÔst�uF} R ]�ë � ) �TnU��Fbnc ( q�r Kd�bVe Y Ó�Ônt*u�} R ]�ë � )

² � ipsec-toolsRPM Í�r�ì�b�í�t Þ_�X K b � R ]�Á�£@F\nÂ QR�SRPM Í¥r*ì-bVí��T î�ï�mFÎ-Þ�ðPÎF��U�Ø�b��V_�U�ñ ò IPsec

Z�[ m Ó�Ô��ó�Û��Ó�ÔVô@õ*Þ��öVv M@O@Q�RVS Ð L�M�÷�ø tlù�ú Q�R :

• /lib/libipsec.so — Red Hat Enterprise Linux {Pu} y-z ] IPsecw| � Linux ûbÅq � Ym PF_KEY §�ü�¿�b�Ý ��ý�ìVr K Þ�_�c�bô ª*b�XFt�ù�þÎ�Þ ð�ÎF�${ RVS

• /sbin/setkey — û�b�q��Vÿ IPsec m@¿�b�Ý��¥�*Ë�¿�aV�lf��t*â�� L�Q*R�S ~�m w��ôPõ�Þ��@T racoon ¿�b Ý��Ø b��_-��Â� �� y�z�Q�R�S setkey �� O-M m��TVU setkey(8)man ��bí�t�� L�M��y�O@S

• /sbin/racoon — IKE ¿�b Ý��@Ø�b��V_*{U IpsecZ�[�y�z�p g*X�f � Y {�m�¿�b-¶�·s�lË�¿aP�f��t�Ý�� / � R ]*mP��u�} L�Q�R�S ~*m�Ø b��_*T /etc/racoon/racoon.conf ô@õ*Þ��t! �" R ]F�lÓ�Ô R ]�~P��{$# Q�R�S racoon �� O�M m��@T�U racoon(8) man �Pb�í�t!��L�M��%�y-O@S

• /etc/racoon/racoon.conf —Z¥[ ÿn{Åu¥} yFz ]F�¥�¥¬¥¯s�sÆsÇ È�& �('��)¥�Å�Ò�U IPsec

Z�[ m�*+�´,�t�Ó�Ô R ]�mP��u�} y�z ] racoon Ø�b��V_�Ó�Ô�ôPõ*Þ��{ R�S u�}@{-#]*Ø.�%/ e�f.��ð�m�0 ��12 TU racoon.conf(5) man ��bí�t�� L�M��Fy-O�SRed Hat Enterprise Linux {�m IPsec Ó�Ô@TPqqqrrr K K K d d d�bbbFee e�ÝÝÝ��-333-bbb-��tlu�v M�� 54NiU�¹�¼�{Pqr Kd�bVe� IPsec Ó�ÔnôFõ�Þ��nt! �" L�Q*RnS qq q�rr r K K K d d d-bbbVee e*ÝÝÝ�� -333�bbb��@m�u O ¬�-� O M TVU Red HatEnterprise Linux g*X�f��-Ý��6@ÞÅ�lt�� L�M7��Py-O�SÐ z$8-z q�r K d�b�e Z�[ny*zFMFO ] 2 9@mPW�X K t IPsec { Z�[�R ]�� T�U�, 6.4 t!�� LlM:�;��yO@S \@] LAN/WAN i�jNk�m LAN/WAN o IPsec { Z�[�R ]��-TPU�, 6.5 t�� L�M$��Fy-O�S

6.4. IPsec << <¥åååçæææ�=== (Host-to-Host) >> >@?? ?IPsec TVU-W X K$Y Z�[ m ¬�¯�{�\@]*Ø�XFe K r�� Q�p T@d�bFe�X�f bg�h�_*inj�k�m�Ø�XFe K r�� Qp TFd-be�X�f�bVg�h�_�� Z�[�R ]�-4�Ó�Ô R ] ~P��{$# Q�R�S ~*mVc�Þ-��m Z [ TVU�*FW X K Z�[�y�z ]�qVr K d-be� «FW X K t��@��AV]�Ë ¿Va & � K _ q*��t�Ã�Ä R ] p�B ��u�} L�Q�R�S WX K$Y Z�[ ��Á�£��F~@�lT�C��%D�Ò�� U�*@W�X K {�m IPsec Ó�ÔÅ×�½FEF� � �54�~@�lT@\ Q Âl\�Â QG D S W X K ��T�¿IH�� & qVr K d�be;J@m�K�} Z�[ ( ÞP_�c*bqFr K �nÒ ) ��U IPsec

Z�[ t�Ã�Ä R ]p�B m Red Hat Enterprise Linux @\ z�L�M ��{ R�S

N N N6N N N

. VPN (Virtual Private Network) 53

O�PRQTS�U�V:W�X�Y7Z�[T\:Z!]7^�_$`�a�b�_7c5dTeFf:g�cFa�b�hRi�j�kIl�^�_$`�m�n�o5Q!p�q.rs[V7tTu�avl�w�O�PIXsY-Z�x�m-y�z|{sn�o�}s~��V$t

• � u�a@l�m IP �:�� a• IPsec

O�P7Q��:rTZ��m��sa��O�P5i!�!��V$W;�s��ms��mF��( � Z ipsec0)

• 1 � m��_�f racoon �7�|��X!��U-��$W!��_•O�P7Q; �¡@r£¢:k!c7d�es¤�X!��_IQ�¥�¦�V-W!m�XT§�¨7��-W

pre-shared ©�ª ��_�R«�¬ Z�^_�`�aIb�_:cRdse A

i�^_�`�a�bI_:cRdseBQ

IPSeclFe�j�RQs§R®�¯I°�±5²�X�OIP³r�-²5iIr�[FV:t�^�_7`�a�b�_�c:dFesY�´

foobarbazQ!µ � pre-shared key

QF§7²�O�P�r�ZT¶-_·I_Yracoon

��]-u�a�l£w�m ©ª ��_$Q��%��U�ZT¸¹V5Wº�iFX�»s¼vr�¯�²�[!V�t ��½ m�u�a�l�¶�_·�_�Y-¾�j�`c$d�e��7Qipsec0

X7r![�r£�It¿�À�X^F_I`Ta�b�_-c7d�e

Bi�m�usavl�w

IPsecO�P�m�Ám�^F_I`!a�b�_-c-d�e

A¨�m

ifcfg Â�Ã �TQ;ÄvrF[;V�tºTm � m�OP�Q;��V�W;Å¹��Y ipsec0 ��V�m�-Z Â�Ã �F��Y /etc/sysconfig/network-scripts/ifcfg-ipsec0

Xs{:Æ![�V:

DST=X.X.X.XTYPE=IPSECONBOOT=yesIKE_METHOD=PSK

^�_�`�a�b�_�cRd!eA��Y

X.X.X.XX�^�_$`sa�b�_7c5dTe

Bm

IP �v�!� a�Q!Ç��5[FV�}7Z�^�_7`sab�_Ic7d�eB��Y

X.X.X.XX^T_I`Ta�b�_Ic7d�e

Am

IP �:�� a-Q�Ç��7[�V7t�È��ÉXTO�P�}� s¡�VW�y�zËÊ��7��(ONBOOT=yes)

Zpre-sahred key ©�ª�½�Ì Q�§I²�[�V (IKE_METHOD=PSK)

t¿�À�X�Z

/etc/sysconfig/network-scripts/keys-ipsec0i�Í ¬ �7W�Z�Î��¸�¹�Ï Â�Ã �!�mÐsÑ7Q;ÄvrF[;V�t �½ mI^s_-`Fab_$c�d�eT}°s±-²�Q ©ª V7WTm�XT§-²�[�V�tº;m Â�Ã �F�m�ÐsÑY ��½ m�^F_I`!a�b�_-c7d�e!��»7Ò|��{�ÓT� ¬ {7g|\$Z�[!��Z root¶�_�·�_�m�Ô�}-º;m ÂÃ �T�m�ÕÔÖvÆ

/ ×7Ø�Ù Ô-QsÚTÛ7W�Ü�Ý��Þ�W�ß Øà m��FV7tIKE_PSK=foobarbaz

áá á%âââroot ã�ä£å�ä%æ;çËèsé;ê�ëËì�í�î�ï£ðIñóòóô�õ;öT÷�ø�ùTúËò keys-ipsec0 é!êËëËìsíóû�ü%ý�ø%þ|ÿTò�é;ê�ëËìí�� í�� ý��chmod 600 /etc/sysconfig/network-scripts/keys-ipsec0

©�ª ��_�Q��V:WF��$X�Y�Z ��½ m$^�_$`sa�b�_7c5d!e! I� keys -ipsec0 Â$Ã ��RQ�"�q�rs[V7t�#%$�{�O�P�XsY-Z ��½ m��_�}»�ÒË��{�Ó;� ¬ {RÆ�[ &�'It¿À�m � Y$Z)(+*_vlËu�a.l-,�m�.�/10 O�P�m��m�2�3�Ê��sV�t Â�Ã �F��Y X.X.X.X.conf X{@ÆT[;V(X.X.X.X

X�Y$Z)(+*_.lIPsec

�_54TmIP �R�;� a$Q;Ç��[;V )

tºTm Â�Ã �F�Y$Z IPsecl�e�j;�}�È��$��7W�i��Ë��X!��U7�%�$W!�F�7Z�6�O�"�qRr|{�²�y�z�X�7�¼@r|¯98�:-�F²t;remote X.X.X.X{

exchange_mode aggressive, main;my_identifier address;proposal {

encryption_algorithm 3des;hash_algorithm sha1;

54 ; ; ; 6 ; ; ; . VPN (Virtual Private Network)

authentication_method pre_shared_key;dh_group 2 ;

}}

IPsec <>=)?>@%ACB�D)E>FHG>IKJ5L!MON�G�PRQ�S>T�UHVWJ5X�YZM\[^]K_ Red Hat Enterprise LinuxG IPsec `â%b�c^dZegf hî%G�j^;�?�k)l D�m%n%l�e :

remote X.X.X.X

‘ o�GZU�V9JHX�YM�G�p^qKr s)fut)v^wux%?)_ X.X.X.XIP yWzu{�t�bZ|%}gB D�EK~��Z��N �!��z[�G^��^d5B Dgfô�r�>��C�ul e5�

exchange_mode aggressive

‘ Red Hat Enterprise Linux �%G IPsec d%GÎ>J�L�M�N-UZV%]��^�^�Zs��%�Z��z+� cZdW�!_Zo�D�?�^� G%��tCN�r�G��^��^G IPsec <Z=Û^Vg� �Z�C��s^?9�_�<^=^�Z�Z�Z��W��z+� �Z�K��l�e5�my_identifier address

‘ �� z+G��)F)[Zc%d%e\f!|>}�¡%¢\�V%£��l�eK� Red Hat Enterprise Linux ]9��¤z�G%|H}[ IP yKz {!t>� c^dC��l�eg�

encryption_algorithm 3des

‘ ��5¥%[�c%d�e\f�¦�§%¢K�!V%£��l�e\�IgJ>L M¤N¨b%]g_ 3DES(Triple Data Encryption Stan-dard) ��c^dC��l e5�

hash_algorithm sha1;

‘ �Z�1z+©>G%PªQ�S)T�«�¬)GH©5[�c�d>eKf��Z®�¯%y�MW°9~u±�²K��³�V¤��leK�ZI9J5LuMON�b])_ Secure Hash Algorithm G��)´gµ wCQ¶?�c^dgB�Dgl�eg�

authentication_method pre_shared_key

‘ ��z�«�¬)¥�[c�d�e9fu��^¢9� V�£C�l e9� Red Hat Enterprise Linux ]�I5JHL+M N·b�]5_u��>[�¸^¹^ºZ»%¼^�)� cZdC�!l e)�

dh_group 2

‘ ½��Z¾�¿�G�ÀW�®gµ w�¼^�)��Á^Âê9fuÃ�G Diffie-Hellman Ä!M��ÅZÆ�§9�u³�VC��l�e9�!I)J�L�MN�b^])_ 1024 Ç>�%N�ÄuM%�^ÅZ?�c^dgB D)l e5�

/etc/racoon/racoon.conf JgX�Y^M>]\_ include "/etc/racoon/X.X.X.X.conf" tHÈ>�¤NÉ wCN��Êgn�mK_�Ë)m>G IPsec �Z�¤z��5b)Ì�Í)b>sgÎZD5ÏHs ÐZlÑ5Ò\�>o�G>t>È��1N É wWN�] ( ÓÔ _�Õ)Ö�eCfHJgXZYZM ) ]K_ IPsec N�w�×�M)?�Ø>½HeCf5r!¾>¿WB�DKl�eK��ÙZ�\ÚZtHÈH�\®Wµw A b]5_ include t�È��N É w9N·G X.X.X.X �ZÙ��)Út�È��5®9µuw B G IP yWzu{�tH[9�lue9�ZÙ��)Út�È��5®9µuw B ]HÛ�GZÜ�bZe9�uh�i)[H_ IPsec <�=�?ZØ�½��+E\r�Ý�GZÍ�Þ��s racoon.conf JHX�YMg��ßC��l eg�# Racoon IKE daemon configuration file.# See ’man racoon.conf’ for a description of the format and entries.

path include "/etc/racoon";path pre_shared_key "/etc/racoon/psk.txt";path certificate "/etc/racoon/certs";

sainfo anonymous{pfs_group 2;lifetime time 1 hour ;encryption_algorithm 3des, blowfish 448, rijndael ;

à à à6à à à


authentication_algorithm hmac_sha1, hmac_md5 ;compression_algorithm deflate ;}include "/etc/racoon/X.X.X.X.conf"

á�â�ã5äHå+æ ç·âracoon.conf

ä�è!é�æ)êë)ìIPsec í�î�ï â î�ð9ñuò%ó^ô^õ ì ö^÷^ø�ùZúgì û^ü^ýþ�ÿ�� ò�� sainfo anonymous

â5ä�� Zæ��·ëIPsec � ��â�� SA �� — IPsec !#" â%$#& ( '^ïgñ ò (�)+* �ç-,/.10�2�3�æ54�68719 � �+: ) ;�< ú%â>=#? �@ A â6 õ ç�ë1�B��/�^â)ä��C æD� ��îZðE��+� �� :

sainfo anonymous

‘ IPsec F^ï ý þ�ÿ1G#H#� (I�J ì�K�â5L>3�M�N O8P1Q#R/N SAÿ#S1T#� ( á�M �VUE� �V�

pfs_group 2

‘ Diffie-Hellmanú ;#</W�X çVY æ � î^ðE� ìZá ò ë)ì IPsec � B� ÿ IPsec !#" â1�B��+�Zâ�ZHê[/\ ê%]+^�â/_�`>a�bcuú �d/e � ( =/? �f�îB� �� ã5äHå+æ ç�N�ë5ì Red Hat Enterprise

Linuxâ

IPsec g#h ë Diffie-Hellman.�0�2^ú ;#<ji æ+ W â i æ+ W � ( �>k�l5( modp1024) �'^ïE� �V�j i æ+ W �¨ë)ì 1024 m `�ç�n5o�p#qr 1s t�u �V'v� ì�á ò ë W qéxw# �ç-ú ÿ1y�z

ñ ò+� O�ì�{^÷%â IPsec |#F êx} � (V~��#�+�� â>�#� ��%�E� �� lifetime time 1 hour

‘á�â ô qx�/ j��ë5ì SA

âjq�éHä ) é��!æ ��îB� ìx^/�5ì��ë�ã/ j��â#�>éWçC�+N5ì�/�#2�Nt �V� Red Hat Enterprise Linux

âIPsec g#h ë��^#�^â1�� V�^îE� �V�j

encryption_algorithm 3des, blowfish 448, rijndael

‘��5� ï ê )j* 1ç ñ�ò)ó .�0�? �x�>îD� �>�� Red Hat Enterprise Linux

ë3DES

ì448-m `�ç Blowfish

ì û^üRijndael(AES

ì �%k�l5( Advanced Encryption StandardN 'Zïgñ ò ( .10� Q

) �V)+* �ç �8�� V�jauthentication_algorithm hmac_sha1, hmac_md5

‘ )j* ¤ç ñòE(%� ý ï â��`#a�p+3�æ�4�67�9 � 6 õ ç � �x�E )5* ¤ç+â�n� ��ëKì sha1Mmd5

â��`xa#pr��`�_# 5o � ý5Yr E�CN � (HMAC)

compression_algorithm deflate

‘ IPCOMP(IP Payload Compression) )5* ¤ç ï â+��Y�c W�� `�a�brc/3�æ�4 6V7�9 �î%ð�� ì^á ò ê+� J��#�+�%!#"� N IPã# 5� i qr9^â �#��J�¡#�/�%¢�| ÿ Nvt ��

!#"j� S1T#� ( ê�ë)ì1£> �� õ#¤ vajbVc ��¥#¦�§ � (r� @ â5Y¨vcj� � rootM �8�%©�ªõ ç�N g#«��V�j

/sbin/ifup ipsec0

IPsec !/"��x¤�õ ç � ( ê�ë)ì tcpdump ¬ ¤ �>6 ¤ � ��g#«E�8�+ªZõ ç (� ó ëv5`%ç�£> v� )

�#N ¢|9ñuò��( j`�ç8£> v� ôv® `�ç � � UE� ì IPsecN#.�0/2 ñ ò+�+��( á�M ��d/�E� �V� ôv® `�çê�ë

AH ¯ `° ÿ��j� ò ì ESP ô�® `�çxM �8� � Ugñ ò+�+�%��±�ò+²��J �V³+´v ESPN�µ ò/² .�0#2

ñ ò/��( M �j¶ á�M�N �5V·j¸ ² ì17:13:20.617872 pinky.example.com > ijin.example.com: \

AH(spi=0x0aaa749f,seq=0x335): ESP(spi=0x0ec0441e,seq=0x335) (DF)

56 ¹ ¹ ¹ 6 ¹ ¹ ¹ . VPN (Virtual Private Network)

6.5. IPsec ºº º¼»» »D½½ ½#¾¾ ¾�¿¿ ¿�ÀÀ À�ÁÁÁ (Network-to-Network) ÂÂ ÂEÃÃ ÃIPsec ÄÆÅ�Ç�È�É+Ê Ë�Ì5Í�Î�ÏEÐ Ñ�Ò�Ó+ÔDÕjÖ�ÅD×�Ø�ËÙÉ+Ç�ÈEÉ/Ê5ËDÌ�Ú�Ç�ÈEÉ/ÊjË�Ì�ÛÜ

(LAN Ý WAN) Ó>Î�Ï�Þ�ß�à�á8â+ã�Þ�ß+ävå�æç è�éxÞ�ê/Ç�È5ÉVÊ�ËjÌ1Í#Î�ÏjÚ#Ä Å#ëvß LAN ìÐ 1 írËBî�ï ð+×8Ø#ËBÉ LAN ì+Ð 1 írËBîòñ#ójÓVô#õ+ö�Ú>÷�ø%ù#ú�û�Ö1ü+Ë#ýEþ�ÿ��VÞjß��vÚ+Å�Î#Ïû�Ö�Õ�ß#ÇjÈ�É�Ê%Ë5Ì>Ð��î�ç IPsec ü�Ë��xÐ�â/ã� ��ç�Þ�ê�� 6-1 ç5ÇjÈ�É�Ê%Ë5Ì>Í IPsec Éÿ�ÇVü#Î#Ï Ó��û8Ö�Õ�éVÞ5ê

� � � 6-1. Ç Ç Ç�È ÈÈ/É ÉÉ8ÊÊÊxËËË�ÌÌ ÌÍ ÍÍ IPsec É É É�ÿÿÿ1ÇÇÇVüü ü1ÎÎ Î�ÏÏÏäxÐ��/ÄjÅ��ÿ��xË5ÇjÈ�É�ç��ð�� 2 ��Ð LAN Ó��Bû�Ö�Õ�éÞ�ê/äxÐ 2 ��Ð LAN Ä IPsec ü�Ë��Ó��5Õ�Å��ÿ��xË5ÇjÈ�ÉÓ��ßxù�� !�ÉVÿ#Çrü/ç�Î/Ï Ó�"�# Å%$�&Eû>éÞ ê��/õ�'/Ú�(�)+*��,�.-/ È�É�ÄjÅ/äxÐ 2 ��Ð LAN Ð/Í/Ð.0.1�2�3,- / È�ÉÓ#Ì,4vÈxÌVÞ�ß��vÚ�5xü�ËBÉ�6,7VË#ú�8.1�9 Ó��:Bû>éÞ�ê 192.168.1.0/24 IP ;�</Ð�ë�ß/íxË�î�ï�ð 192.168.2.0/24 ;�</Ð.= íxË�î?>�Ð��@�÷�ø1ùú/Ä�A/Û5Ú�0.1�9 / 8�1�9�Ð�B�C�å�û�ÖjíxË�î�Ú%DBû�Ö1ô/õ�ö#çjÅ IPsec - / È�É�Ð�ü�Ë/ýDþVÿ.�>Ä�AÛvÚ IPsec ü+Ë�>Ú�à.ErÖ�B�C+*�� éVÞ5êÇ5È+É�Ê>ËvÌxÍ%Î#ÏvÚ%�.�.F1ñ�ó�Ú>Ä�G#ÐvàváHF�æ�Ð. /ëJIé�Þjê• K#Ô IPsec ü+Ë�Ð�L.MN!+Ìrù#ú�O.P,F IP !�îRQú• IPsec ü�Ë��% �D�S/Þ�ß LAN/WAN ÐvÇ5È+É�Ê>ËvÌ�!�î�QrúNQ�ÿ.T (192.168.0.0/24 or 10.0.1.0/24 FU

)

• ÇjÈ�É�Ê%Ë5Ì+íxË�î�ï�ð%�ÿ��xËvÇjÈ�É8Ú�V�Ë��#Óü+Ë/ýDþ�ÿ.�Þ�ß�W%ËBÉ�X�Y��V�ZN%ú/Ð IP !î�Qrú• IPsec Î#Ï Ó�[�=�ûxÅ�\+Ð.V�Z�%ú1Ý#Î1Ï�å��=�Þjß��+Ð�]J^�Ð�_.` ( a Å ipsec0)

• 1 �+Ð.b1ã�0�1.9,�#Ë#ï racoon ç+^dc+ö/Ú�e.f*��jß��1Ë• Î#Ï Ó�$�&Eû8ù�È�g+hVÿ�'#Ú�0�1�9��ËvÓRi�j#Þ5ßrÐ+Ú%�1Ô+*R�5ß�k�`�l�m."�#,��Ëaonqp Å LAN A (lana.example.com) å LAN B (lanb.example.com) Ó IPsec ÉEÿ�ÇEü çÆÎÏ û.��ÕÆåBûjé�Þ ê LAN A Ð�ÇÆÈBÉ+Ê Ë�Ìr! î�Q5ú�Ä 192.168.1.0/24 Ðr;s<ÆÅ�t�Ñ Å LANB Ä 192.168.2.0/24 Ðu;v< Ów�¼Ô û�ÖÙÕ é�Þ êxWDË ÉJXvYx IP ! îwQBú¼Ä Å LAN A 192.168.1.254 Å LAN B 192.168.2.254 ç�Þ�ê IPsec ü�Ë��xÄ�y LAN W%Ë�É�X�Y�jå�Ä�=+çvÅ 2 �Ð5ÇjÈ�É�Ê%Ë5Ì�V.ZN1újÓ��#ÔBû�Ö+Õ�éVÞ : eth0 Ä�L�M!�Ì>ù/ú�O�P�F�z�ö IP !�î�Qxú�Ú�{|I%}xÖ�ð��ÿ��xË5ÇjÈ�É�Ú�!�Ìxù�ú�ûxéÞ ê eth1 Ä�ü�Ë/ýDþVÿ.��~��ÿ�Éxå/û�Ö�c��EûxÅ1ë�ß1ÇjÈ�É�Ê>ËvÌírËEî�ï�ð+×8Ø�ËBÉ�Ç5È�É�Ê>Ë�Ì#íËBî�Ú LAN - / È�ÉVÓRB.C Å��.��ûxé�Þ5êy�Ç ÈvÉÊ1ËjÌ>Í/Ð IPsec Î+Ï�Ä.� r3dh4tl1nux ç.k�`�l�m��Ó��/ÔBû>Å A å B Ð.�,C,�vÄ.y IPsecü�Ë��xÍ/Ð�"�#��/Ë� racoon Ú�à�I�^�c�e�f�ådl�mJ*�� ß/ä�åxÚ��Bû8Ö�Õ�éÞ ê LAN A Ð��C��Ä IPsec Î#Ï+Ð�_.`jÓ ipsec0 Ú ûxÅ LAN B Ð��C.�+Ä IPsec Î#Ï+Ð�_�` Ó ipsec1 Ú û8Ö+Õ�é�Þ ê�s� Ð�a�Ä�Å LAN A ÐÆÇ�ÈDÉ�Ê�ËÆÌ Í IPsec ÎEÏEÔ�Ð ifcfg 6�� ü�ç�Þ¼êEäjÐ�aBÐ�ÎÏ Ó�[�=ÆÞ ßsb�mu_¼Ä ipsec1 ç�Þ¼Ð�ç Åx�DÐ�6��sBü¼Ä /etc/sysconfig/network-scripts/ifcfg-ipsec1 årÕ áH_.`�Ú�F�Iré�Þ ê

� � �6� � �


TYPE=IPSECONBOOT=yesIKE_METHOD=PSKSRCGW=192.168.1.254DSTGW=192.168.2.254SRCNET=192.168.1.0/24DSTNET=192.168.2.0/24DST=X.X.X.X

�s��(ONBOOT=yes) ��|�|��q��q�u .¡q¢�£�¤�¥ pre-shared key ¦|§q¨s©vª«s¬®+¯

� (IKE_METHOD=PSK) ° LAN A ±.²,³,´Nµ�¶�·�±N¸�¹|º�»�¼�½�ª�¾�¿w�¯��J°�À�¤�µ LAN B ±¸�¹ºR»N¼�½ (DSTGW=192.168.2.254) ÁÂ�Ã�¥,Ä�¹�Å¸�¹�ºR»�¼�½.Á�Æ%Â�Ã�¯��r°.ÇJRÈ+¥ LAN A ±¸N¹Éº�»w¼�½ IP Ê�Ë�Ì�Å+Á� (SRCGW=192.168.1.254) °s¶�·+±|ÍqÎ�º�ÏN¹sÐrª.¾�¿u�¯.��°À�¤sµ LAN B ±�ÍxÎ|º�Ï+¹�ÐsÌrÑ�Ò (DSTNET=192.168.2.0/24) ÁsÂ�ÃN¥rÄN¹rÅ�Í�Îsº�Ï¹Ð (SRCNET=192.168.1.0/24) Á.��°�Ó,Ô � ¥¶�·,± IP ÊsË�Ì�Å�ª�¾�¿s�¯��r°�À%¤�µ LAN B ±.ÕÖ Ê�Ð%×.Å�Ø.Ù�Ú IP Ê�Ë�Ì�Å�Á�� (X.X.X.X) °Û ±wÜ�µ�¥Ýq¨�±uÍ�Î�º�Ïr¹uÐJ�sÞuß � ¦q§|��+àwá � «q¬q��q¥�âqãqäqåsæ�çxè+½é

(/etc/sysconfig/network-scripts/keys-ipsec X êìëîíï¤ð�ñ° X µò¥ 0 ª LANA� ¥ 1 ª LAN B

� ¾�¤�� ) ª%ó��¯��°,À�±+çNè�½ é ±Nô�õ�µ�ö�÷�Á�ÚNø�¤�í�Ú�ù�úr¥�¯�à+¥,À�±ç�è�½ é ª�û,ü�ýqÃ / þ�ÿ��,ü�ÁNÿ��±�µ root �,¹��,¹��,ø � �+��,��Â+Ã�¯��°IKE_PSK=r3dh4tl1nux

��root �� "!�#%$'&'(�)"*�+�,�-�. / keys-ipsecX ��0�0�� 1�2�3�,�/�45&��0��76�8:9<;�=�/�>"?5@�A�B�C �'D�EF9�G'3 :

chmod 600 /etc/sysconfig/network-scripts/keys-ipsec1

¦�§%H�¹�ª"I:J.�� µ¥�Ý�¨�± IPsecé ¹LK"M�Á keys-ipsecX ç,è�½ é ª�NOq%¯��+°�Ý.¨,±�H.¹

�,ö%÷,Á.Ú�ø%¤�í�Ps�ß%��,µ�ÁNÿ�¯�Q�RN°Û ±.Ü�µJ¥ IPsec �,�,¬�± /etc/racoon/racoon.conf ¡�¢rçNè�½ é ª�óq�¯��r°�çè�½ é ±S Ö�include T�µVU � · �5W:X £�¤+¯��¥ IPsec º�Ñ.Í é �Y:T[Z�±\],±�ü¥"^.¤+��À,ê �5_�` È�S�£�ß�°# Racoon IKE daemon configuration file.# See ’man racoon.conf’ for a description of the format and entries.

path include "/etc/racoon";path pre_shared_key "/etc/racoon/psk.txt";path certificate "/etc/racoon/certs";

sainfo anonymous{pfs_group 2;lifetime time 1 hour ;encryption_algorithm 3des, blowfish 448, rijndael ;authentication_algorithm hmac_sha1, hmac_md5 ;compression_algorithm deflate ;}include "/etc/racoon/X.X.X.X.conf"

58 a a a 6 a a a . VPN (Virtual Private Network)

b:c%dLe[f�g:hji�k[lFi�m�hon"p�q:r:s�t�uFsv�wx�y%z�{}|�~F��FdX.X.X.X.conf ��{

(X.X.X.X � dLe[f�g:hjiIPsec

�%h[��sIP ��"��o��:�}� { )

|:��so~%��Fd[eIPsec

i"�k��}� �}�%�� F� �� L� t�u[e��q � d�� ¡ �F¢F£¥¤0¦§ ¡�¨L©�ªo� ¢ |;remote X.X.X.X{

exchange_mode aggressive, main;my_identifier address;proposal {

encryption_algorithm 3des;hash_algorithm sha1;authentication_method pre_shared_key;dh_group 2 ;

}}

Ipsecq:r ��«¬ { �"[� e IP

~¥®5m�h:¯±°��² ��³ h[k"�%z´�µ � ¡�¨¶©�ªo� ¢ | root � ¡�¨[e:·�¸�F¹Fº%��¹»i0zIP~%®�m5h¯»°��² � ´�µ � ¡ � {}|

1. /etc/sysctl.conf ��¼�½ ¡�¨oenet.ipv4.ip_forward � 1 � xy�¡ � {L|

2. ¾ s[¿�À[� ��Á�Â ¡�¨�� Ã�Ä ¡ � {}|sysctl -p /etc/sysctl.conf

IPsecq�r ��«�¬ { �� doe IPsec

�:h[� ��Å ��{ ��Æ e root � ¡�¨�Ç��Fho��z ¾ so¿�À[� ��ÁÂ ¡� {L|/sbin/ifup ipsec0

q:r%� «:Æ� e LAN A � B�È ¢:�5É:Ê zLË �:£¥¤�� {}| IPsec

q:r%zifup �"Á:Â ¡�¨:ÌÍoÎ� � tÏ:Ð:Ñ � nLf�¹ji �"É»Ò ¨�%hji�� %� �5Ó:� � �¶� {¶|�k[l¥i�m5h[n5s��%hji'ÔFÕ ��Ö:×{ �5� d[e ¾ so¿�À[� ��Á�Â ¡ � { :

/sbin/ip route list

Ipsecq¥r ��Ø%� i�{ �� d}e�ÙFÚF�oh±i0ÛFÜ � ¯:Ý[� � z tcpdump Þ h Ø °�f Ø ° ��ÁFÂ ¡�¨

(�s¥ßLz[d

eth0)eFà � i

( � tod¶k�l}i�m:h¶n) á z%â¥ãä� � ¨ ¢L� k�lLi�m�hVnå¶æ�lLi ��Ö¥× �ç¶e

IPsecz�è�é:Ñ¶� � ¨ ¢¥��Æê:ë ¡ � {¶|�ß¶ì�íLe LAN A

sIPsec

q:r:î �"ê:ë { �� dLe ¾¶��Fï ¡ � {}|tcpdump -n -i eth0 host lana.example.com

åLæ¶loi � d AH ð l�ñ��ò �� eESP

åLæ¶loi � ¡�¨ ÖF× � � ¨ ¢�[ó�� í �»�� ç¥ô}| ESP �d[e�èé�Ñ}� � ¨ ¢%�%��¢[¤ � � z�{}|�ßLì�í (Ý�l�n �oõ l�·�ö�d 1 Â r�© ��÷�¤�§:ø ):

12:24:26.155529 lanb.example.com > lana.example.com: AH(spi=0x021c9834,seq=0x358): \lanb.example.com > lana.example.com: ESP(spi=0x00c887ad,seq=0x358) (DF) \(ipip-proto-4)

ù7

ù.

ú ú úüûûûþýý ý ÿ ÿ ÿ � � ��

�� 1 �� ! #"%$��&�'�(*)�+-,�.*/%0�'�132%465378�9&:�� ;�<� �:=%> �?�@A5:B�CD��EF!GIHJ%2LKM&NPO-Q �*R%S%T%U%VWX%�*Y G�(6 I5IZ[�4�� 35-\]�4D[:^�`_;acb*�*4*��d*K;ebMfb�gIhPij0�k�l�_nmIb�C��3ocb��G;Hpqi31;2�r

Red HatEnterprise Linux

gs��5Dk�l�_nmIb�C:a;t*u� � BC3�*�MH*J �*vMw G;x �*y*z*{*| �* ��j�`�~}�D� V B �s�L� G��D�D26Kc'�+ � Q �s�D� &�cbsu*4s��1�/*0:':1n2�rIPsec( � 6 � �:�� )

&P� � VPNoA�M�MbL�q� � (-�Ag��6�s�%B%�A�3b:u��AkAl6_-m*bACM�% A�A�� 6�� ( � &LK�� s� bAk � _j�2!rD�b X e�b:f�b��%� 1 �� PC �¡ Q!O:5I¢�£�&¤�¥%�%qGI¦�§Ag �¡ 2qKM¨bL©I� � ©IbLo6�D�IbL�L� � 1M��5Iª« � §!act%u6g%��:0��6�I�B��!�sb%u¬oq�*�Mbq�P� � GI�®�ic0�'AKIt �¯ b�46'q+ � Q��P D1s2Pr��6�D��B��q�3b�uLg��5

Cisco5

Nokia5

Sonicwall&A��4M*®Pij0�'�K*��c�*B*��bMu*°*±&A� �D²D³*´:µ b¬¶j�·sBo��I�3b��A� ��¸ �A c1;2�rDr*1c¹�5 checkpoint

5McAfee

5Symantec

&L� � t �M¯ b�g)*ºc0A»j¼½*¾QAOs¿ � k3�M½*¾�1c�*ÀMÁ�Â;/¹MÃ S o*��_��·sB��c�DB*��nbMu�o%�3�cb%�� "$ ¸ �A 1�2�rµ bÄ¶��·*B � ��3�:B��;bDu!(Mo�A_n�%·MB � �%�3�:B�6�-bDu �DÅ 'M�*]�gAin065:o6�I�3b�L� �cÆ gMÇ%&AK�%�s�:B:�6�cbDu � ±^ � ½ � ¸ Ç�&¬ I1-2LrnÈ 7-1

��A)%+3�%K3 �� %�I�:B��jbsu6©I� � (-É � ±D^g � '30I�:��i�0'*1�2�r

� � �MÊÊÊ Ë Ë ËMÌÌ Ì Í Í ÍMÎÎÎ Ï Ï ÏsÎ ÎÎNAT NAT(Network Address

Translation)��5 ��Ð �-t:b_

IP Ñ�Ò k�l_jmcb%C*GD5Ó � 5�Ô:�sÕDÖM× �sØ � IPBL¶na-� �sÙDÚ*�sÛDÜ gcÝÞ!i�0�5�ß � Q � o-bD�g�D�M&�+ Ó �:� o-bD�gc§0 � £Dà6GIác2�)%â#&DãD�U a;bP¶ ( ä � )

G%ic1�26r

å LAN æ:� ã�� gcçDè:9gcéMê:��dDKå Ó � Ô*�sëDì �síMî IP

B¶�a;�ïDgD�K;ð�+ � ã�� ( Ñ b�¿-� �IyDz ¥Dñ6GòDó�gc26Kå e:bIf:b�( LAN ôM� B:C�D� � H:pM� NAT

��-�MB��nbsu

/ õ bP_#�:·I� æ:�� bP_�G-À6+ / öL÷ KDø(n�éDê:��dDK

å e:bsf:bD4%��-�DBD�%�nbu �síDù gD�K Ñ b%¿-�gúDûD26K:(#üDý%�K3B:C�¬�n¿-�P�nG-þ�ÿIø:(n4D�d-&'

�� l_��u6©

�� l_�� u�©%� ��;�DBD��nbIu:��5LAN

�síMù�� ï ù � | I( Â�/�K�:¨Db�© �� l_�G�� 1�26r��!l ¯ �D� �� l_�G�� :ND�DQO�� z i#0�5D�:�-�DB��jbsu yDzD{ g)� ��Â�/*0'K �� Ð-X [D^&su*bsu:�Ll_nG�%g6i#0�� l_�GD�� u6©%ic126rLinux U b%k�u�

Netfilter U b�k;u Ñ%Ò ��D� X��I�� ´ �� l:_�� u6©�� ±D^G�x�º-0'1�2�r

å iptables � � � _~} �¶~e*bD�¬�3�#�P� � U ��©ã� W 4s[D^å 2��:0 � k�l_jmcb%CsBCc�P�n¿-�¬� 4:B � � � b�6� � a�tDu:�M�D&�+I5u:b%©Da�tDu:�%�� u6©%�� Â�/6K-¹ � 5MC Ð �DB� _ Ñ �L¶ � �MU ��©-ã�W 4��D£å �� l_ � �� DG�?!i0��6Â�/� 65MC Ð �MB �_ Q�O:��!MbP_��s�P_#" �¯ �aMC�_ úDû%gI&�K;¹� 5Mk�l_#m3b%C � �:�nbã � �D4�$�%�&!ic1�2�r

å �� D��-�MBD��nbu � )%â#&%� � � � _�gchi#0D� �� l_�GD�� u6©��d-&'å �� _��u�':� �� l_G� z 26K;4�5IB � � � b�6� � ':�M� �� l_nG�� u6©-�%d-&'å E%g IP

ãM� U a-bP¶ Q�5� b U u Ñ%Ò k�l_(

DMZk�l_jm3b�Cc�súDû

Â�/:0':K�« Ú 5�ë�(:&k�l_jmcb%CsBIbD M�%C)�* � �� l_�� u6©%�� u*bsu�+ ³ 4�,!is+&�K�[D^�-:4�K

60 . . . 7 . . . . / / /�000211 1�3 33�4 44�5557666�88 8

9 9 9�::: ; ; ;�<< < = = =�>>> ? ? ?�> >>@BA�CD @BAECFD /B0G1�3�4F5�6�8HFI

LAN J�K�1�3BLNMPORQ@BAECFDGSFD L�T�U�V�W�U@BA MX8NYGZ HF[ 1 @ U\�]�^�_�`Fa /Nb#8 [�c Y^Nd�e�f I�g U \�]Na A 6h 8FJ�K�1�3BLiM fkj�lFm` 1�L [ 6�nFo�M fkprq Y^Nd @BA�CFDGS�D L HFIst�u�v�w�x 6rM#y�6�z�6R{nFo�M7|E6�J�J�K�1�3BLNMSFD LG}�U�~�oG/B0�{ c `�� c Y ^Nd

� LAN U�� ^Nv 3 @w2� 6 DN� LB{ @BA MX8a��fk��i��Nv� @BA�C�D� 6�~�6�UB� fHFI2� 6 [ a A 6 h 8 fC�� o D�� F� vB� U�� uv2� I�� f � 6 [ a\�]^Nv U f 1BL [ 6�nFoBM��Na�� ¢¡�\ ��£R¤ I¥ ¡\ £�~iLN¦¨§�U�©�ª a«�¬^Nv U fk�®id� @BAECFD� 6F¯2° H A�± a{ m Z q I�²�³ fk´�µ�^Nv¶ {��F� I nFoBM7|k6�J· U wk¸ 6�° ®�¹Na ²�c ¤��^Nv ¶ {��F� v�d

� @BAECFD HFº ¤23 @ w� 6 DN� L2»�¼�� uBm Zq(HTTP

Itelnet

I £R½ )I@BA MX8 fk��¾ � u�m Zq¨^Nv

( ¿R{�ÀR½7U @BA�CD H � 6F¯2° f � �U TCP ��U�Á�� )� 3 @ w2� 6 DN� L � 6F¯° H @BA�C�D�Â ��Ã � �F�£BÄ�Z�Å I 3 @ w2� 6 DN�L � 6�~�6 H�Æ U�Ç�È�UnFoBM7|E6�JkÉ CF� wËÊ ba��¹�^Nv�¡�\ � uBv�d^�_�` U \�] {�Ì p HFI JK�1�3BLiM¨ORQ w�x 6rM� 6F¯G°�� fkÍ ��Î�� vU�� H £N¤ I 1 Ï�U ¸ 6�°�OQ�Ð q { qG�ÑNv Z�Å I @A�CFD H nFoBM7|E6�JkUBÒM�8inFo2J f £ vÓ ��Ô��uBvÕ Õ Õ

7-1. / / /�0 001 11�333�444�55 5�6 66E8 88�UUU [ [ [ 1 1 1 @ @ @

7.1. Netfilter ÖÖ Ö iptablesLinux

h 6FnG8 HiI netfilter {×�Ø ÑRv2ÙBÚ £FnFoBM�|E6�J ��ÛBD ° Ê�Ü ��V�ÝB� ^Nd netfilter�FÛ�D

° Ê�Ü H ° Ê 6ÞM2/28RYkZ H ° Ê 6ÞM2ßk°�U�à � o�M2/áb¨8 [ w L ± �� f�âNãE` I NAT ä�å IPS

° h ßk6æ¦ � 6i¯k° �7ç�è c Y ^Rd YkZ I Netfilterf HiI2é�ê £�8B6 Ê bL ± ä�å�� ë È �� U�ZÅBU IP ìro2íEî�ï a mangle

^Rv �� GuRq Y ^id NetfilterHIPTables yB6 Ê b w�Ê b�6�� c Y^Nd

7.1.1. iptables ð ð ð�ñññFòòònetfilter U g UFà�|B6æ{kóFô�Ô H iptables 1RL [ 6õ/Fö�6F°F�B÷Fø ��Ñ Y ^rd ¶ UõX S Lr¦�K1iL�ù�6�8 HáIEúBû f�ü Ä `�ýBþ U ipchains f�ÿi` ÄiY ^ � I iptables H netfilter

�RÛND ° ÊÜáa��¹ c ` nõoNMG|�6RJ�� I�� I�� £ ½ a�Ù�� c Y ^õd ipchains HõI /rb¢8 [ w L ±¸ 6�°Bä�å��TFU�à�°� ��B£r¤�� 9 U�� 6 M f�� c `�� £�8i6�8iÉroNM a��B¹ c `ÄRY c Z d iptables H�I�éFê £ A�� L ± I pre- { post- U�8N6 Ê b�L ± �� I Network AddressTranslation

I � 6 M/B5k|E6 � b�L ± U�� ^�_�`�a�� 6�8�1�L�|�LGU 1 Ï�UFX S LN¦K�1BLE1�L [ 6/�ö26�°��÷�ø c Y ^Nd¶ U�ÉFJ DR� Lk� H iptables U�� \Ra�� c ` Ä�Y ^Rd iptablesf ÏFÄ ` U ;�< î�ï f HiI Red

Hat Enterprise Linuxw /B0�ß�L2°��B1õ¦ a��! c ` ¤� � Ä d

7.2. iptables "" "$## #&%%%('' 'iptables

a2�r�2f HiI Y�) iptables � 6i¯k° a�*�� c Y ^Rd2e$+ UiX S LR¦¢� *��R�2�Rv ¶ {��F��Y ^ :

service iptables start

, , ,7, , ,

. - - -/.. .10 00�2 22�333�444655 587 77 61

99 96:::iptables ;�<�=?>�@BA�CEDGF�HGI�J ip6tables ;�<�=K>�@ML6N1O�P?Q8RTSVU6W8XGH?YTZB[1\1]�^�_?`BY :

service ip6tables stopchkconfig ip6tables off

a�b!c!d!egf 5(h?i$j1k l8m -g4n7�hpo iptables q�r!sut1v$jTlTwyx chkconfig q�z${�|�}�5 ~ b� ��1� 7 � b�c 5 � b q1��iyj1�� e��y�� iu�chkconfig --level 345 iptables on

iptables��!� w��!�/��l8��|g� � i$��!��/w chain o�i$� chain o�� u�gh e��!� t��$j�� q1�� &¡ � iu�1z��¢�w�£ �T¤ � o8i :

iptables -A chain -j target

-A ¥y¦ a(§ � w 1 ¨ � 7u5g7&q�© ª � 7u5�7u«¬�$h �� ® l!¯y°¬¡ � i±� chain w 1 ¨ � 7u5g7� chain ² o�i³� iptables � 3 ¨ �/´gµ�¶ chain( ·¸�yh�¹�5$ºgq�»�¼/i³j8�u�³� hGi�½ | l�¾g¿�ij chain) w INPUT x OUTPUT x FORWARD o�i¸�/À��&Á � chain w/Â� /Ã�o�ÄgÅ�iÆj�ÀgÇ1w/oyÈ �vgÉu� -j target ¥/¦ a¸§ � wux/À ��Ê � 7�5�7 egË�Ì � ¦!i!½$È iptables 7�5�7�«³�gh6Í �Î�Ï q1�� &¡ � iu�Ð/Ñ � chains ( Òg5�Óg5! /Ô chains Ç�Õ�Ö(× ) w -N ¥�¦ aÆ§ � q�z!Ø(¡6|�Ù!Ú�ouÈ � i$� Ð!Ñ � chainq±ÛÜ¨�Ù�Ú�iuj�À�Ç�w�Ý e � � ��x�Þ/w8��ß/�87/5T7uq1à b ��á/08âTiyj � l�ãglTä!å � i �

7.2.1. æ æ æ�çççuèèè ééé³êêêÆëë ë�ììì ííí îîî³ïïï8ðð ð�ñññuòòòôóóó�õõ õ�ð ðð�Æö�¨y� ��÷gøyù �gú�û a 5�w¸x�ü ��ý�þ l�Òy5!Óy5! �Ô � 7�5�7¸q ��ÿ ¡1|u�$ö��ul�� T�iu� iptables w�úÆû a 5 (-P) q1z�Ø³¡G|�mg-�4G7�h � 7/587uq�Ù�Ú³¡ � iu��«��û c�� w!äg��|g��ú³û a 5ÆÇ�¡6|�i!½�| � � �y�gh�q��$�n¦³¡6| x �� l��n| Ê �� u��h�q��!ij!ÀgÇ�q�� i$�� 7�5�7�o!w ·y��h�¹T5gº� T5±h63�!T0�"�o � i!½/| �$#$%�& ��' % ��u�h1q f �u��º ¡ � i :

iptables -P INPUT DROPiptables -P OUTPUT DROP

� ä&xgÍ)( � º � 0 2 � h �+*-,-. l$üyj/0 � ��5¸·¸�$h�l+/³tT�u|¬¡ � ×1032³q�435�i±j�ä6 x�-�4T¹�57��t��ä�� u�gh — - .80/2/3u4�5�7��ÆÁ�8 ù Ç6i$j�9�5:� � o�7�5 c;� ��< t��$j· �/h6¹85�º$h � - � ��º — ÕGi�½/|�=�>�iuj�À�ÇTq@?�A³¡ � iu�iptables -P FORWARD DROP

ú¸û a 5 chain q@B� &¡nä$Á8x Ê � ·��h6¹85�º & �/«��-��û c:� l��/� Ð ¡1��7!5�7yq1Ù�Ú³¡ �i$��£ � « º a$§ � o!wyx iptables -g.�0!2!3y415�7$q �!ÿ ¡6|g�yöDC�E/o$F�G�o�È!jT�yön¨�� 7/5T7uq1H�I&¡ � i :

7.2.2. iptables J J Jgñññuðððgñññ3JJJ+KKK�LLL / M M M�NNN-g.�0!2!3y415�7 � 7�5�7�w�O ��P ��5y� e ¥ � l��y{�|g�gj�Q �!¶�R�S o�i$� a�b!c!d�e$T r�s!ijgÇ�x�7�5�7�wVU6s ù l � �$t��±û6«³�ghnl�� i$�1W�o��T5:�?iuj!ü ×p7�5�7yq�X!ª�i$j�lTwyx£ � O�á � �1q�z�� i :

/sbin/service iptables save

62 Y Y Y 7 Y Y Y . Z Z Z)[[[�\\ \�] ]]�^ ^^�___�```baa a

a+`$a+c /etc/sysconfig/iptables Z�[d\da-e�f�gih1jik1l+`-mdn$c$o�p / q�o$p�r3s1t-edu�v3hj3w@r3x�w�y-k�z-{�|�c�q�o�p~}��3�Du�v�h1j-w1r�x

7.3. �� 7�� iptables �� -�� D� `�� LAN ed��b�)�+�� 1edr�s�¡+¢@£-k�¤-¥+��¦�`�§d¨�©-ª ��«:¬®�¯�° ��±�²�¢@�³ w�rVx LAN�´)µ)¶ £�· ¯ �3Z�[d\�]+^�_1`$a)a+`$a-e�� ³¹¸)º+�» s �� `:�¹¼+`$½�`�¾V¿�fÀ }��j+Á�� ³ w�Â+Ã�xdy�Ä~}�k�r�Å+� $Æ�Ç�È-É ¥+��k�Ê Ç)È-É ¥��k�Z�_�¦d`:Ë È�É ¥��1��ÌÍ ¥�§dr�s)�� @¨�¥-��}�y)Î�Z�_�aÏ� �Ð�� {d`)Ñ�£�k�Z-[d\�])^�_1`�a / Ò�`:��^-Ó�\�¢�Ô�± LAN

¼�`)½�`+c�Ô�±)Õ+Ö)±�¢1× Ç ��rVs)¡-¢�£�Ø)Ù)Ú�Ñ�rVx�¼�`�½�`-e�¤i¥��1¦�`�§�Û�Ü)Ý)Ú �Þ)ß ¢¤�¥��@¦b`-§$]�à ��É `�{iá�| $â vi��ã�Ù�ris�e�£�k1ä�å��)c$× Ç v-e�æ�ç �Ð `:��èVé�ê ° c»i³ w1r3xë�ì Áik�Z-[�\+])^3_�`�a)í�Ñ Ð `;� 80 î ]�§b¨+n3��ã)Ù)r~s$e$£3kdï a�`�a��$]bðV|VË�}bwr3xiptables -A INPUT -p tcp -m tcp --sport 80 -j ACCEPTiptables -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT

¡�j-e�� ³ k Ð `:� 80 ñ-ò�Ñ$× Ç r�s�^+Ó�Ìdl-\��¹¾V¿ $ó × Web ô�õ�c�Ñ�ö�s��- �eb� ³ w�r3x¨�©�ª�]��^�ÓbÌ�l�\�� (https://www.example.com/ �V÷ ) î ]+§d¨�n-�@ã�Ù�r�s�eb£-k Ð `�� 443 �èié�ê ° c »i³ w1r3xiptables -A INPUT -p tcp -m tcp --sport 443 -j ACCEPTiptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT

øø ø�ùùùiptables ú¹û@üDû1ý)þ1ÿ�� ú�� ø@ù � ú�� "!�#��$�% &� '�(*)�+��, ü�-�û1ú 192.168.100.0/24 .0/�1�þ1ÿ243®ú�506$þ�ÿ87�9�: ��; , þ=<�9*� >0?�� chain ��@�AB�� C ��D�ú chain ��EGF0H0;�&�I (-A) � 192.168.100.13 ( JKI�7L; , þ=<L�M�N�O�. / 1�þ�ÿ=P ) 243 ú�5 6bþ�ÿ��Q�RB��S0� E"F4H*;"&GI M@û�ü�û��T�UV&GI4WG9V' 192.168.100.13 ��X�Y �"Q�R�94��>�?G�¹û�ü�û*�"ZAL�8��203[��. /�1bþ1ÿ]\1úB; , þ<�û�ü�û��GZ�A�9��^ ù ��_*`GWG9�'a�b ú�û1üDû��Gc�d 1 d�ú�e�f chain � 1 d�ú�û1ü�û��g�#��"h�i�9*��70� -I �Gj kB�=��ú�l0�¹û�üDû4�h�i�90� chain ��m�n@û1üDû��Go�p�9��[M�q1ú�û1üDû�r�s (1,2,3,...,n) ��t0u�W�9�'�(�)�+ :

iptables -I INPUT 1 -i lo -p all -j ACCEPT

û@ü¹û�� , ü�-�û1úDû�ü�<�v)þ�w"x�v y�z)ÿ�{�|�}DþGw��Q�R�9*��M�q0� INPUT chain � 1 r*~�úDû1ü�û C �K�h�i0&KI0WK9�'

LAN Ö)¾i¿ LAN î ��D� `��])§d¨�n�cbê ° eb��s�¡+¢�c »3³ w�r3x LAN l)`-m�nbî 4�4�V�~�� `��G�V��e SSH �i÷ ¨$©-ªb]b��l�`-m�n-� â v)Ñ-ö�w1r�x PPP �)`�n �� `�n (

� ÎV�*��|$§�wy�£ ´L� ISP ]*��^�|i�¹�V÷ )

�» s�ä�å��-e�¢��d��£-k � Î4�*�L�)£��\��§V�G�V�)Ñ » s�y4� ´V�� e�£�Z�[d\�]�^�_@`$a / Òb`��^�Ób\ Ô0��e��V�}D�+��s Ñ-k �V��e+Z�[�\�]�^�_@`�a � � ]�*�0��risdy4�-e�£��\�]�a-]i¥�à�]+§�¨�n�c â v+Ñ�ö�w�rix�y�Ä~}dk�Ì Í `:Ë"�-|iË��V� ~�D� `�®¼+`$½+` 4�L� £$æL�+�4�V��Ñ ß ��+w�r3x iptables ��ç~}�� D� `� SSH §B��\�]�|i�¹¾V¿ �L�i� �-��s��- 1e�}dw1rix ë3ì Á-k �D� `� SSH ]+§�¨�n��ã�Ù�risbeb£�k� V¡ �- D�ba)`�ac â v)Ñ-ö�w1r :

iptables -A INPUT -p tcp --dport 22 -j ACCEPTiptables -A OUTPUT -p udp --sport 22 -j ACCEPT

¢ ¢ ¢7¢ ¢ ¢

. £ £ £B¤¤ ¤�¥ ¥¥*¦ ¦¦4§§§©¨¨¨�ªª ª0« «« 63

«�ª4«¬ ®L¯L°± ²L³�´�µ�± ¶Bª¸· ¹Lº*»½¼½¾ µ¿ À�°Á iptables ÂLÃLÄLÅ�ÆLÇ¸ÈÉ Ê*¼0Ë½Ì*ÍVÎÏVÐ4ÑVÒ º½Ó Red Hat Enterprise Linux Ô £�¤�ÕVÊ ¹VÖ�¥Ø×�¬�ÙLÚØÛ�Í¸Ü�Ý½Þ Ì�Áß àâá Î4«�ª4«�º�¥�ÊLã ª½ä¸å�æ�ç£�¤ ¥L¦L§¸¨�ª4« / è�ªéæ�§�ê*¥V¼0ëLìLìVíÞ à ÍBÌ�± îBï PC ðñ�òBó Î¸È ¹LôLõ�¼ öéÛ"÷VøØù�úVøBÎB¦�û üV¹¸¬�ýVþâÛ0À�°ÿÁ©Û��ØÛ"«Bª4«Bº½£�¤�¥4¦V§¸¨�ª*« / è0ªæ�§�ê*¥*Î��L¼Lµ�±�� ªé×�¼*º½Ó ß�àâá Î*¶Bª¸·�¹��BÎ4ýVþÿ¬©Û0À��¸Á ß�àØá Î�¶Bª½· ¹�¼ LAN¦Bû�üV¹½¬�ýVþ4°ÿ±�¼�º½Ó iptables £� K«ÿã�ª*«Lª0«ÿ¬�4Ë NAT ¬��V°ÿ± ß ù�´��VÀ�°¸Á

7.4. FORWARD �� NAT �� ù�� ñ Î��Lç�� ½¼�º¸Ó ISP � á Î�!�"½¼0«�ªLô# �Ê�$%�&�4± IP ¦â× Õ ¹LÎ�' ¿%( Í�)�´�* á�àÍ�Ì�À °Á+)½¼-,.*L´�µ�±%/�0Ó+1�2�3�º¸Ó LAN 4½¼Lµ�± °�5�ÍLÎ&� ª ×�¼-,.*LÎ�µ�±+!�" IP ¦â×Õ ¹¸¬+6�7+8½¼�Ó*¥�ÊLã ª½ä¸å�æ�¶�ª¸· ¹9��Î�¦Lû0üL¹½¬+"�:��&�L± ï�;.<Vð�=�>¸¬+?LËA@9B�CVð ¿À+.�¸Á Ç&D*¥-E�ª æ IP ¦â× Õ ¹LÎ��´�F�G.<��½Ó LAN 4�Î4°�5�ÍLÎ&� ª ×[´�HéÛ4ÜJI-K / L�KBÎä½åBæ�M0ª©û ¶Lª½·�¹�¼V¦Lû üV¹��4±�NPO�¼¸Û À�°ÿÁQâå%R�¼*µ�±�«Vª½ã ( £B¤�¥V¦*§½¨�ª0«Bð ñ ) º¥�Ê4ã�ª©ä½å�æS� á Î*÷Vø�TVøÿ¬�UA@JVé¿�Ó+WAX½å�æ�¬.Y<4Î LAN ��ª ×�¼ «BªVôZ �Ê�$½Û À�°ÿÁ-[\ ¼�ÓL£�¤ ¥L¦L§¸¨�ª4« / è�ª æ�§�ê*¥*º LAN � ª ×]� á Î4úLøL³�^¬½Ô�_Lª æ�¥�ÊLã ª½ä¸å�æ�¶�ª· ¹�¼0«�ªLô# �Ê�$-�&�LÀ °Á ß Î½ä¸å�æ�M�ª½ûÿæ+DL£� �å û Î¸£�¨%M�ª�à �Ê�$�º \ ¼%b.ç¬�dZOß ù ¼*ð¸±+e à ´�µ ¿�Óf½¼�Ó�g�h�Î©û�D½åji½Ê�$9k�ª�«�Î9l�m¬��L°¸±�ù*Ó-I%K IP ¦â× Õ ¹�¼*ð¿"°¸À©Û�Í LAN 4©¼Vµ�±��ªé× ùBÛ�ÍØÔj_Vªéæon�p�3BÎ�q©ÈVÊV¬�r�s¸Þ�ÿ± ß ù�´��VÀ�°¸Á ß�à ¬t9u °ÿ±J/90©¼BÓ iptables º�«LªVôv �Ê9$�ù £�¨JM ª�à �Ê9$ Î9wØÔ�È�ª�¬�x�yâÛ�Ó4ä�åBæ�M�ª©û©Ôz ª4¹VÎ9{�|Vð��BÎ t9u ¬�}�~âÛ�À�°½ÁFORWARD wØÔ È ª�¼.N½¿ LAN I��WAX½å�æ"´*«Bª4ôa �Ê�$4Þ à ±��9�¸¬�,9�V°¸± ß ù�´9��4À�°ÿÁ�7JC©Ó LAN ��©¼�£�¨%M ª�à �Ê�$V¬�ýVþV°ÿ±0¼�º ( £�¤�¥V¦V§©¨�ª*« / è0ªéæ�§�ê0¥�´.I%K IP ¦Ø×�Õ¹½¬ eth1 ¼%�&��Í�Ì�±�ù��V® ) Ó��BÎ*«Vª*«L´9�*®��*À�° :

iptables -A FORWARD -i eth1 -j ACCEPTiptables -A FORWARD -o eth1 -j ACCEPT

ß Î�«¸ªB«¸º £ÿ¤�¥��©ªÿ§¨ ªL« / èVª æ�§½êL¥VÎ��¼�µÿ±�È*¹�ô�õ¸¼PI�K ä å½æ+MLªÿû��©Î¸¦©ûü�¹ ¬%6�7�À °âÁLè4ª æ�§¸êV¥Vº��=Ë½Î LAN � á Î�W�X å½æ0¬��LÎ�YJ<��*ª ×�¼4«©ª æVÛ*Ó��Î eth1 `��¥�¹½¬Tv��Í9�BÍ*Î�WPX½åBæ�¬��âÛ À�°ÿÁ

�� J��.��%

Red Hat Enterprise Linux ¡j¢+£ �J¤]¥ IPv4 ¦�§S¨S¢© IP��«ª ¢ �.¬oj®]¥j¯ ¦�¢ �o°²±³%´�µ�¶�·�¸²

Red Hat Enterprise Linux°o¹�º�µ�¶J»�¼½��¾¿ ¢�À«©�Á+Â�Ã�Ä]Å � ¢�À+Æ µÇ¶jÈ�ÉPµËÊ+»ÌJÍÇ´-µÎ¶�»�ÏoÐ9Ñ

IP��«ª ¢ �.¬²j®°²Ò�³%´SÐ�¼�´]�% oÓ+¥%½«Ô%9Õo°oÖ�×�µ]ÏoÐ�Ñ

sysctl -w net.ipv4.ip_forward=1

Ø ¥Ù½�Ô�ZÕ�° ¨�Ú ��ÛÝÜ��ÛÞ�JßZà�Ö�×&Ð�¼�á�âZ �ã�ä&º�å�ÁæP¥Pç&èÝ�P�&évê�ë�Ï�ìí Ñ/etc/sysctl.conf

�+î«ï]�9°oð�ñ�µË¶- �+�]ª ¢ �P¬²j®+°oòó�ô%´«ç�èPµSÏ²Ð�ÑSÓ+¥�×�°�ê © µ�¶jðñ�µ²ÏÇÐ-Ñ0´]�

1°oõë�Ï²Ð�Ñ

net.ipv4.ip_forward = 0

Ó¥J½²ÔJ-Õo°oÖ×.µ�¶sysctl.conf ö ¥jó�÷9°oÒ�³%´�µ]ÏoÐ�Ñ

sysctl -p /etc/sysctl.conf

£�¤ ¥L¦L§¸¨�ª4«�ÎPI-K IP `��©¥*¹¸¬+ø�ùÛ�Í¸£�¨-M�ª ×«W�Xÿå�æ ¬+U�@-ú�@�± ß ù��¸Ó LAN � ª×[º�û½ÌL¼-TLø.�&�L±�N�O ¼*ð ¿ À °Á½Ûj�âÛ0Ó0¥�ÊLã�ª½ä¸å�æS��Î9L�K�TVø�º��A�LÀ+��¸Á Ç�D*¥E�ª æ IP ¦ ×�Õ0¹¬J�BË LAN �0ª ×�¼9L�K�Î�!�" äÿå©æ�M*ªÿû%��TBø ¬ ýBþB° ±4¼VºÿÓ IP q�¹�ü

64 ý ý ý 7 ý ý ý . þ þ þ�ÿÿÿ��

� � ��PþPÿ�� "!�#�$&% LAN '�� )(�* +-,�.��þ.ÿ/��-&+�0�12-3 �4�+ IP �5� � 4�6-7�4�8�� ( #�+�9-:�; eth0) !

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

#�+�<��<%"; NAT =�>�?�@A+&B�:&C (-t nat) ��D&� � EÝþ�ÿ��<��-F+-0�1"G�?<@ H��82�3 ��4 (-o eth0) IF+ NAT (-A POSTROUTING) �F+-JFK-LFK�M POSTROUTING chain ��N��O��! POSTROUTING �<P�Q�;/=�>"?<@R%&þPÿ��<��-F+-0�1 2�3 ��4��S<T�UFV�6-W�X��T#<Y�Z�6�[��! -j MASQUERADE \��]"?<@R%<^<T�'�� )+�_�`��aF��@ IP �b� � 4��þPÿ�� / ]��O@c�Fd��+�0�1 IP �e� � 4�6�7-4�8��"T�P<f ��N��"g $"��!0�1F6-D��F6�[�T-P�f��AhFi�j�1�G�?F@�H��8�I&+�k/4�l-m�ZF^FT�9-:"; NAT j�+ PREROUTINGchain + -j DNAT \��]"?<@��D��O��E�;&n�o�p&+ IP �b� � 4eY�q�� @��N��"T�#&Y�Z�6�[��"!r #-65;�j�1<s��5t�4Fu�+FvFw��,�.x��E"i�TyFz�=">b?�@ Z�þ"��H��{� 6�[��!�|�}~5;�yz HTTP ,�.�� 172.31.0.23 ��^<T��F+ Apache HTTP sF� 3 �-sF� 3 �<�Pþ<��H�� hFi�9�:";�"� +��/7��"� �� :

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT \--to 172.31.0.23:80

#/+&��&% NAT +�C�Z�J&K�L&KM PREROUTING chain ��D��AE�y�z HTTP ,�."�<�c4O@�g�$�hn o-+ IP �5� � 4�6F^FT 172.31.0.23 ��e� oF��þF��H��O��"T�P<f��N-�b�/��!

��

FORWARD chain �c� DROP �c�/� ��R��-��/ �¡�¢�£�¤F¥§¦��/�c��¨ ©&ª��-«�¬c�� NAT��®&¯�°�±R²c³�´��cµ¡�¶�·��R¸ ¹ HTTP º »��)¼c� �<¯�°�±��½�³Fª)¾)¿�À�Á�Â-��Ã Ä�¿�¡��cÅ¤�ÆÇ �/È�É/°�Ê��Ë/Ì�ª�¾�¿ :

iptables -A FORWARD -i eth0 -p tcp --dport 80 -d 172.31.0.23 -j ACCEPT

Á)�c�/�c��Å�¸�¹/¿-¡ HTTP º »-� ¤��ÍcÎ�Ï��Ð��R� �/Ñ�Ò�Óc��/Í�Î�Ïc�Ð�� /Ô/� Õ�Ö�×)Â�Ø-«R¬ Apache HTTP Ù �AÚ��RÙ �cÚ �AÛ��)¼c��&¯�°c±��½ ³&ª)¾�¿À

7.4.1. DMZ Ü Ü Ü iptablesiptables "�<"%5; DMZ( Ý�Þ�ß�p�à — �"��\��5Gb?"@�á â/ã<ä�åeæ5��<I�6&s��bt�4Fu�+ç�è �"+<��é5ê&��ë<�s5ì�Gb?"@�H��e8 ) ��^�T�� HTTP í�% FTP s"� 3 ��á â+Fî��"+�7bk��uï@`PþOð�?-8<��ñ@R�bTFP"f��-�<��6e[F��b!�|b}~e;�yFz HTTP ,<.�+&ò�E5� IP � � �4 10.0.4.2(LAN + 192.168.1.0/24 óFô-0 ) ��^<T��é HTTP sF� 3 �-u�F� @��T�P�f��F�-��&�eT�+��; NAT(Network Address Translation) Z PREROUTING l&��ìe�õ�ö�Se� E&=�>�?�@/�÷ � i�n o�p��þF��H��O�� !iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT \

--to-destination 10.0.4.2:80

#�+��7��R6�; LAN 0�1F(�*�+-q��O@ 80 uF+ HTTP v�w&%��ø&E<j�1"G�?<@�H�<8�+�ùbY %�úFá�TG�?&@�H��8�I<��^FT HTTP s&� 3 �F�/��-l ðc�-û�g�$�� "!�#�f-�ch<G�?F@AH��<8�ü�ý�X&%<;-G�?@�H��8�I&6�7�k�� HTTP v�w"� þ�ÿ��"T�P�Q��ò&6�"! HTTP s�� 3 ��Z��-å��á�v�w�� T-P�fR��"g $&EFiFT�9�:";�q-��@ 443 ��þ&��H/��g�$"T �-,�ZF^�Q/� ��!

� � �7� � �

. � � �� 65

7.5. �� "!! !$## #&%% %('' '*)) ),+++.-- - IP / / /1000�22 23!! !4�5�6�798&: �&��<;*=?>A@�BDC LAN E�F?G�H�I3J&K<L�MON 4&5�6�P G?HRQ*�TSVU�W&�9X�Y?Z3;\[]�^R_�`ba\c FDd�e ^Rf e�gDChM i��C�j��?kDC I9�?l9� a W�m?n 6�o?_�p W�q<X9r��shM / I&�l��?W&�utv�9Z :Rw C\G?H9W�x9yh@\z I9�b{*Z3;[9| ^<_�`&a?} F3d�e ^Df\~D�*� C �?�uM 31337 �531340( X9r3L �Ds��*��&F elite �9��M a\��?�R_ ) �&F�I��D{�Z 6�� @ B3KDL�M\j��bX9;�Z��s^<_ M�i?� c z3��9�&�R�*e ^<f?`b� @�g��?�?�?�?�TMO� 5�� n ^<_�<�*: I9�3{\Z P �<�*e\��?WF<C `*� ;?J9iRL�X ^R_ba C?KDL�Mj��3X*�&W��9�&W�� Wb� _ Q��"S c?��6h ¡ ��M£¢9ZD¤��I��l?� a�� n ^D_¥�¦�§ ;¨�© ^3_�`?a�c F&d�e ^Df

iptables -A OUTPUT -o eth0 -p tcp --dport 31337 --sport 31337 -j DROPiptables -A FORWARD -o eth0 -p tcp --dport 31337 --sport 31337 -j DROP

e*g3C LAN6�ª?«?^<_ g�¬ 6� r��®9�TM IP ��S\¯*Z�°9± 6�: � ^ e p<��a�^<_\²?³?´?µ ;�J?i<LX ^<_?`&a?} F3d?e ^3f~D�*� C LAN

c192.168.1.0/24 °9±3;\¶?�A@�B&z _ :D5 C�� P ��s�¤ �KDL�M 6�· @ B�z _ K3LbM j��bX�¸�l��Z (~ C eth0) ; ¹�HA@�BDC ^?º B�W�»b¼DLbM\; p W�¸�l��Z6

LAN W IP °9±?W&��S\¯*Z�½<d*FTS�i<L @�e ^<f ¸3�&��"M¾� �¿ � a @�B3�&��j��TS 4\� g�»¼DL&M P�À?Á?^<_\Â?Ã ;b@�B&z _ W?F3C ²?³b6�· @�B&z _ ¸�l��Z (eht0) Ä9W�q9W : � ^ eb@ IP ��S¯ Z P z*Å �h}��Æ�Ç96*À�ÁD4 � e ^Dfiptables -A FORWARD -s 192.168.1.0/24 -i eth0 -j DROP

ÈÈ È ÉÉÉÊOË�Ì�ÍvÎVÏ Ð Ñ ÒÑ�ÓVÔ�Õ�Ö�×\Ø

DROPÖREJECT Ù Ò Ú�Û Ü�ÖOÝÞ�ß�à�á\â*ã\ä�å�æ¾çOè�é REJECT Ù ÒÚ�Û\Üêà�Ø�Êë¾ìí�ÓOî\ï9ðòñ�ØVó Ò�ôOí�ß¾õ\ö�ÓO÷\ø è�ùVú Ò�û*Ò*ß

connection refused ü�ý Ò�ÓVþ&ðçvè�éDROP Ù Ò�Ú�Û Üÿà��*Ý��bæ¾Ø��*Ý�� ß��Û ÜOÓ�Í��Û��9ð¾ç¾è�é��OÏ��VÝ Ù Ò�Ú?Û Üÿà�� Ý�� "!�#"$\è�ù"�*Ö¾ä�!�×\çVè�ä�ØOú*Òû Ò ä�%"&&ðvñ õ\ö\÷ ø�Ó('�æ þbðòñ&ð¾ç�ÕòÝ�Ó�)+*VÐ�,ß

REJECT Ù ÒÚ�ÛÜvÓ�-�.�ðVçòè�é

7.6. iptables ## # Connection Trackingiptables

6?P C /1032 c connection trackinga�4"��536 FbE ³ K<L3M\j��DX��bF�¶9�bFDd _ I&�{�Z�Ä�W ´&µ ;"738T@ gA�£[�|u@ gA��F<d _9o3�*6�^R_�¡:93; �� c=< e � B�z�e ^Rf Connection

trackingP C ´?µ ;�> 6 @�B@?+A ^<_"B C `\�b6&o �C/+0+2 PEDGF W ´�µ+H+Ib6 JLK B9�9X�Y?Zb;�M¥ @£g�� C�M ¥ @�g�� ^D_�`9a�c F�d�e ^ :

• NEW — HTTP N=O :<w W�P=Q?W ´�µ ;�N@O ^D_ »&¼3L?M• ESTABLISHED — R@A ´�µ W�S ³ F9� _ »&¼3L�M f• RELATED — P+Q9W ´?µ ;�N+OA@�B&z _*c C�R=A ´?µ W@S ³ F&� _ »�¼DL9M f?` W ~ha @�B3C ´�µ�?�TM c?P 20 F&� _*c C?�&��j��TS¾�?�TM c@T ¶?�9W 1024 U P&p��+V �9F&� _ »uL ¿ J FTP

´?µc �<�\e ^Df• INVALID — connection tracking >&E�F�W9z*Å � W ´�µ WES ³ F }�: z*»9¼3L�M f i$M3W�� @Xuc ZZYh� M9¯�ZRF } (UDP

: w) CDzbÅ � �RW�K"LuM?jb��X i$M+W9��Wu�_

iptables W connection tracking Z�Y9��M � � :@[?¦ ;\¶?�9F3d?e ^<f�DGF W ~ F P C connectiontracking ;¶��u@£B�\=]=^�W ´�µ�6E_(` @�g�»�¼bL9MvW=a�;�� j*�uS ^b_ �?��b;�b�@¾B9z�e ^ :

iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ALLOW

66 c c c 7 c c c . d d d�eee�ff f�g gg�h hhjiii�kkkEll l

7.7. ip6tablesIPv4( m n+o IP) p 32 qsr1t�gvu�w x@y3z|{�}+~+�G�+� IPv6 ��+�@�:��+�+�jf1�+�"ks�|r3tC�1�Zt��l3p@�+�3�@�G� IPv6 o 128 qsr1t�gvu�w x|{��3�+k�t��(� IPv6 �+�3p+�j�:��g3�|r1t��Eks�(o IPv4 �� :¡ p�l�kLt ¢=£�¤3g¥u�w"xj{�¦@§=�s�@¨3��©=�jª=m��:�Red Hat Enterprise Linux o|� Netfilter 6 �s«1¬ x++®Z� ip6tables �"¯s�:u�{�°:±"n IPv6 d1e f+ghsi�k�l=l�k�l|{��=kLt(� m��:� ip6tables {�°³²�Éos�=m�µ|� ip6tables ��kjq"xs{�¶=·v� m�:��ps�"¯s�|u��¦=¸³��m�� :

service ip6tables start

¹¹ ¹�ºººip6tables »�¼"½¿¾�À Á�Â Ã�Ä�ÅEÆ¿Ç�È(ÉCÊ Ë iptables »�¼"½�¾�Ê�ÌEÍ�ÉEÎÐÏ�Ñ À Ò�Ó :

service iptables stopchkconfig iptables off

¬�xjj®1©:«+kÔtC�v� ÕG´=ÖGd|i�l×t�� ip6tables {(¶3·¥Ø(Ù¥�1�G²(´��¥�+´=oZ� chkconfig {°:±�Ú��ksq"xEÛ�psÜ=�=w�Ý=l+x@@ks��xj{�Þ�ß³�"m��s�chkconfig --level 345 ip6tables on

ip6tables © 128 q|rjt�gLu"w x|{��3�=k�t¿�G�+¨1��à+áG��â+ã3o iptables ��+ä3Ú+åZæ��@�G��çè �j� IPv6 �=��p1�sr3t��(k1��k@é+k(Û�p SSH ê=ë�o�à@ì�ps�j²�¤El�k�l+�(í=î1´(�jª=m��ðïip6tables -A INPUT -i eth0 -p tcp -s 3ffe:ffff:100::1/128 --dport 22 -j ACCEPT

IPv6 �:rjt��k:�=´(ñ|ò�Ú+p@ó+ô3o|� http://www.ipv6.org/ ´3õj� IPv6 ö3÷+ø3k:ù+{�ú�û³��Ú ¡�ü Øò3�

7.8. ýý ý¥þþ þGÿÿ ÿ þþ þ �� d1e f+g+h|i�k@l� Linux Netfilter �s«1¬ x++®1´(ñsò�Ú|¨ p@c3��+�3Ú1ò�¤1ò1¨1��©3ò ¡ ñ� 1õ� m��:��ó=ôj´"ñjòEÚ=os��pZ��k=x1{�ú+ûZ��Ú ¡�ü ØEò��7.8.1. � � �� ! #"" "%$$$�&&&�'''�� (��• Red Hat Enterprise Linux ��dZe1w|�+x�)Zf u(´1o³�@�|äGÚ|p³�+¯³��u+*|�³¬(,@�+p.-�/G¤0

iptables ´21��:�%3�4�5=¤�c+©�õ � m��|�• iptables p man ø�kjùEÉos�76�8�*=�s¬�,��"p:9�;+¤=<=>@?BA�C|Ø��+Ú�ò3m��:�• D�E�5@¤��ksq"x:��FEp=�=kvtHG�I+p2D�J=oj�7K=L C �%�� /etc/services {�M7J ¡�ü Ø(ò3�7.8.2. N N N@OOO�PPP�QQQ web R R RS��T��• http://www.netfilter.org/ — Netfilter �� iptables ��3ù�U@�Gt¿p=V�W�X�k@®Eø+kjù��s�• http://www.tldp.org/ — Linux Documentation Project Éosd3e"f@g=hsi�k�l@â�Y¥�[Z�\3´212]v��n^ ´`_@ñ�)3f¥u�©�ò ¡ ñ� 3õ � m��|�

a a a7a a a

. b b b�cc c7d dd=e ee�fff.ggg�hh h:i ii 67

• http://www.iana.org/assignments/port-numbers — IANA (Internet Assigned Numbers Authority) jk�l�m2npo�q�msrBt�u=v�w�x=y=z�{�| h.}+~��hS��2�� v��:�!�

7.8.3. � � ��7�� s��#��• Red Hat Linux Firewalls, Bill McCarty � ; Red Hat Press — Netfilter �� iptables y!� ��h�� h~��!��+b��His �¡ ��¢+£¤�¥+¦�§p¨ u.© ��%ª:h�«��¬�S® | h�¯�h�b�c+de�f�g%hi°��±² xy�³�´��s�µ+t j=¶��b�c`d�ef�g%h�i.· ¢ ��¸�¹s��b�c�de�f�g%h�i�i�h=i��º» �� lokkit yS� � ¢�¼ b��½�i�¾=h�i ¥+¦§(¨ u b�c`defsg7h�i��½~� :¿�d=À y�� (�Á ��«�Â=Ã!Ä t�m�Å Ä �!�• Linux Firewalls � Robert Ziegler �� New Riders Press. — 2.2 ½�h © i ipchains �� Netfilter® iptables �=Æ�Ç ¥7¦ l�u b�c�d�e�f�g%h=i�=¬�.j2È �!É7Ê�Ë�y2Ì�Í Â=Î�Ï�Ð t�m�Å Ä �!� ¡Ñ hp�Be�«`Ò�~��Ó=Ô�Õ�Ö�×=Ø�Ù�Ú+~�Û�Ü y!� �=Ò�Ý.Þ.¡ßÛ(�áà=â.j�ã Å:msäßå�tm�Å Ä �!�

68 æ æ æ 7 æ æ æ . ç ç ç�èèè+éé é=ê êê=ë ëë.ììì�ííí2îî î

III. ï ï ïñðð ðóòòòõôô ô�öö öø÷÷÷úùù ùüûûûñýý ýÿþþþ��

�� ! "!#��$&%('*),+�-�#�"/.*021&3�4,57698�:!;�</=�>? :,@ 4��A&B�CD8�E(.��*F��G��H � �DI�#9J�K��7L�M&:�@ 4� A&B!> ?DN�O ��PQ�!3�4/5�698:�'7R&S&02MTH�U�� "9#!V&)�-W#,"�.�0�1

X X X�Y YY8 Z Z Z . [ [ [�\ \\9] ]] � � �9�� ............................................................................................................................... 71

^8^

._ _ _a```cbb bedddgfffihh h

j�k�l m!n�o�p�lDq(r�s�t�u�v/w!x�y�l&z�{ |�}�o�~��&�Q�T� ��p��&�/�D�(��(��Tv�� r��9�!�*��,�&��s��&�� mW�� ¡&¢��T��z,£D¤�¥�o�¦��D§�sQr�sQ�¨�� ¡©rs��p��v�ª�«��/w/��/�D¦*¬��(��T~��®*¯,°��*±,o�²�~�³/´�²µo ¶�|,·¹¸��/º9o»·¨¼/½³D��ª�«(¦*¾�¬(¦*�(��/�!¿�À Á/®*�(��Â�Ã�³�Ä�¼�ÅToD±�~ ¶ |/·7Æ!o z!�DÇ�È��9ª�«(¦T¾�¬��2��!¿�À Á/®*�(�VPN(Virtual Private Network)

~&É&Ê�Ë©r�Ì�p»·Dm�o��ª�« �DÍ�o�²�¦*Î»ÏD�/ÏÐ��/�Tv��®*�(�*��Ñ�Ò(��p��~�Ó&Ô w/�7Õ�t �9Ö�r�sD×�Ø��2��/�7v��®*�(��r�Ù�r�l��xÛÚ�Ü(�¨Ý,Ü(�WÝ,�&��z�£�¤�¥*o�v9Þ&ßD��µÙD~Dà�� á��¨�9��â�ã��9ä�å��á Ï*®T�:

•��z�£!¤�¥µo&�Dæ�ç2lTè&é2l�ê&ë��2��9ì�í�v�w��µp�²�|*Âµ�9î&ï&ã9Ò�ð

• ñ&ò&ó Ý&ô&õ,ã��µö,o ÷µpDøDù,}�o/¶T±/��úÛ|¨û/¦9w!s l�ü&ý�� T��þ•ì&í2¦7ÿ2§µs�¶ |,·�Æ!o�z��!×��¦��QÚ��,á��T�&þ

��³��|�z!��Í�o�²��p��Q�T� z,£D¤�¥�o�¦��©r¨s��/�� lDqD�� Qm!n�o&p��ª&«(¦¾�¬��(��/�T~�Ì��!¸�°��/�T��r��!�!��*��9�/l*�&��s�� p��/�!¡ r�s��©rÌ��(¦��v��~��â��/�TÙQ��rWx(®T¯�°�� &�� m¨�� !#"T��$©m*Ä!��%&��')(�±,��Òð(¦*ÿ�Ý��v��/��ÙQ��rWx(®*¯,°�v�l2Ý(®µÌ�~

3Ý�*�+��¡�,�$ m*Ä9��$��&p&ú&o»·��T��µp�²�|Â�¦*ÿ�Ý��~�-©r)�D��r��9�!�)�� m�� ~�./�0/�t©r¨s��/�µÌ�1(l�� m¨�� 2�¡

,�$�mTÄ�¦�34�*k&�5"76&ÔÛrÐè�é��&��vDä�84�7x2�TÙ(Ú��9��

8.1. 99 9;:: :=<< <;>> >�?? ?5@@ @BAA ADCC C�E EE#FF FHGGGJII I ��2¶�|/·7Æ9o z,¦*ê�ë©r�s��/�/�LK�ç©r�®*�(��á�� ¶ |/·7Æ!o z!~�M�N�ã,��O�P4'�o��» T´Q,��p��lDÄ�R�mTS9o��5U*´�l*ö�o�V,o l&¶�|,·7Æ9o�zXW�Y/²�o�l&Â/Ã�³&Ä�¼�Å�o�±(lT��Ñ&Ò(�p��lDqD��Z��[�Þ5�*x(®*�(��*x�ÚT�&ÜQ��Ý�ÜQ��Ý2¦)\�ý,��]�^��!¬��,��rWs��/��r!®T�(�_J`��(n�Â�·T¼�½&Ä9Î(¶(| ·TÆDo�z0a�b/��#�9ÙÛÚ�lTc�d2Ä/zD�,p�Î�V4Q9~,k�e��="�f��»r9®�(�&¶�|/·7Æ9o zµ«�g��&ú |�ûQ��ü�ý(¦)\&ý��]�^ �!¬&Ý(�/�7~�l)h�i��!&��p��¦Tÿ�Ý�� &~kj,v�lm�0n��Û�7� �µ�(r/��µ�î�ï�ã�Ò�ð��o�ä�p�q��L\�ý��]�^ �!¬�Ý�n��(¦�r�s�¯2�/�Dl�t��/³�´��Í ´(·Ðvku(��&l��p&��vD��v4�Tx2�&l*Í&o ²µv�w&xµ°m�7x��&l�ö�o ÷Tp&vky©Ï{z2®7x��*�2��vk|m}/Ú¨x��!�2��Q�2mT� W�,�2z�£�¤ ¥9o2¦T~,Ë»rTs2�!p,�,�(l�¶2|�·TÆ�o�z/l!Í�o2²!�&¬��Û¦T��,�Q�9Ì�1��~�l&z,{ |�}�o/�D��§�Ì�Ý��/Ï¨��5��s��&s�lT��¦�û ½ |�z*�(��T��µp�� m��» T¦�� rD®��!p��,�Û��¶(|�·TÆDo�z(m9n!o,p��D¡»r7s,��m�,ã��/��,ç2��á,§!s2l,z�{�|}&o�v�� r¨s4"9��¡��,v9��u ��Ï��*�T�k�2¦��(Ú�Ù,��rWs4"Wx2®��2��ç��T~ ¶�|/·7Æ9o z��D��p��&�� m��» ¨�DÖD�(��0��è��,��/��(�&��è��~�l*u��(l)��M��(l&¶�|/·7Æ9o z!��õ

( � 1.1.4��

)¦)�©r�®*�(�)��ç�~�� r�s�l¡�,��T��p��Q��m!n�o�p/�DÖ��(�)l&ä��Í�o�²�v��5�Tx(�)�� 2Â�½µo�¡�Ù2ÚL¢(® Ï�®*�2��Â�½�o�¡�~��p��£�¤(Â�½�o�¡�¸�¥2��l��lT¡�,�~D��s&��¦�Ò,�� !Ým�Ds�§�¨�ã�X©��5�*x(®*�(�)£�¤(Â�½�o�¡�ÙQÚ�'0ª�o©·*Â�½*o�¡��«m¬Qr�l��µ��~�l�©��v�%B¯®°²±��

2©m�p z!}��³ mT�X´�µ4�Tx2®T�(�!q2r¨s l*¡�,/�9ÖD�2��&��m¨�� ¶w�·��¸�¹(®µÌ&~�l��¡&��º�»��2¦�¼�½&�2��¸�¹

)v9Ñ�¾&�Tx�®T� �

¿LÀ��ç(¦)Á�Â©r!á ��r�Ì��QÚ9l0Ã/q�Ú�"Dl�2ÅÄ�Ä9v��DÁ9°Q��Æ ®�§�s��Ds�Ç,v�Ù�Ù §�s�/��ÙQ��Ù�¦*¾�È��(��r��9�!��®�Ì�l9q!x&Éµx��Ê2¦*¾�È r�s�l&�DÁ�Ú&�D�DÁ!°Q��Æ ®�§�s��/�Ù�l)Ë&}XÌ(¦�Ù�}DÌ�Ù�¦*¾�È��(��r��9��*xQ�TÍ#ÎÏ�5�)¸2¦��p&��l�¶�|/·¨Æ9o z�lTÐ�Ñ,Í�o²&�Q��Ò�� rD®µ�Û�µÓ,Ô2w �TÓ/o�Ô/o�~�Õ�Ö/��w�Ï!lT×/�m�&Í,o(²TØ�Ù�Ú/�&�Q�0Û Ú*�mÜ�o�±QlT×ë2l7t&u2¦&á�"Ý6&Ô r¨s��/��!l!q!��ÞDt/��¡Ûr¨s ñ&ò �0ß�à��á/�T��Ï*®T� �

72 á á á 8 á á á . â â â�ãã ãkä ää�å ååkæææ�ççç

8.2. èè èêéé éìëë ë�íí íêéé éïîî î�ðð ðêññ ñêòòòïóó ó0ôôôHõõ õâ�ã�ä�å�æ�ç�ö 2 ÷�å&øXùkú�ûXü�ý�þ�ÿ�� å��ù��å�� "!��# ��$� %��&��å��'��ù(�)â�ã�ä�æ�ç�å�)%*��ö$+� ��&�",�-%.�/$0�1�2'354�6��87%9�þ�ÿ��:; û5<%5þ� %�%=&û�>�?�+��% @�8A�B�å�C�D��&��E��$��% @�FA%B��G4þ(�Xÿ�H�0%I��3�� —J�K û��BMLON(P�> IP � #�Q -�+ DMZ û�R&þ(,"-(.�/�+(S@T�ù��!&U�B�� &å&ù$��ø"B&S�V�B-$+�W�å�X�� DMZ ��öZY demilitarized zone [ ( \%]%^@_ ) å�`��$+�: ; å LAN >&a�å�b%c��$��þ"�5�d �$L�e�B��$� J�f ù��ø"B d ��Lg>�a)å�b�c(��5>�h" �� d �@Le�B$�kå�imû�Rmþ�j��k�l5B4øm ö�n%o%p�å�q@r d �(L�e"B��û�s�t�3��u�v$+ DMZ û�ö$+ Web (HTTP ) q�B�w�B$+ FTP q�Bw�B$+ SMTP (e-mail) q�B�w�B$+�x%y DNS q�B�w�B%>&a0ù(��ø�B d ��Lzu�b&û��{�-�N�P�>�|�w�ù-��"}��~��$��5�%�'��( �!(� # â�ã�ä�æ�ç�å�)%*��ö$+�)�*%=��5�%=��(R&?�b%c��@��þ�-�.%B�ø�-$0��E(�~5þ0å%��%��>��%�&û�>�?��(�8��5��$,�-%.%/�û%��$�@3F�(h�þC�D��8G5þ�ÿ(�0û">�?�$�Tú��L�q�B�w%B@+�S�T)ù��q�B"w�B@+|�Bmø��B�-�+5WXå"X�å&��B�-�>�a�0G$�8��ÿXå 2 ÷må�â�ã�ä�æ�ç�û�ö��%��>��@h��R&?��: ; å(�"�%=��(38��å�æ�ç�ö%�%��0��E(��~5þ�ÿ�0û�>�?�� — %�%=��8�%��mû">�?��h��8��a�å�: ; ��ö@+ ��Lå�1��=�0� &¡%��h�654@68>�¢%£��%{%¤$l@�8.¦¥§��¨�ç$I�~��(�kÿ�H��@+�: ;�©%ª%« å(�5��å�¬%�0�®¯ 5þ(�8°'6g¢%£�ö%��aF±��8~%��h��²�� ( ��³�ü�S�TTù��!$U8B��+´�B�µ%B Q ��å��%��{�-¶%· +��5�'�5��B�-�å"¸�¹�º�»��%+5Wkå�X ) �¼�3F��+��a�å$,�-�.�/�ö�: ; û�<�3F�(��½��>þ0å%�(�5�%�'��( �!(� # å%¾�û�ö$4$?g¿&À�å&�5��B�-%�(R�?�� %��=��3g�&�8��0�¨�ç�38Á��+�Â@Ã�û5b%c��$��>(h$��h�68-%.%B�ø�-��E��8~��Ä�Å K û�+� %��&��Æ�Ç%N%P��>�þ�,�-.�/��B�-�ö�È�v�û"É$�F~%��h��@�â�ã�ä�å�æ�ç��F1%��Ê%.%-ËLÏå��@h(0�Ì%Í'3g��Î�I"h(�%�)â�ã�ä�å�æ�ç�01%��Ê%.�-ËL§Ï�å�Ð%Ñ�å%-.��Lú&�8Ì�E%��)æ�ç��Ò@h5Ó%Ô��$��Á�Õ%Ö�ö�.%-ËL0�5þ�¾�û5×�Ø�~��)æ�ç��Ù�Ú$� © N%Pä�å(R�þ)â�ã�ä�0�Û$V@��5þ0å�û5<'35+1%��Ê�.%-ËL ö�)�Ü�û�ÿ�~��å�Ý�æ%Þ%ß�û5<'3F��\%à��{�-�07�9@�$�d �(L�e"B@�Xå�ù(�%S% �-ËL� ��5Û�á0æ�ç�ö�â K >�ú(�"{%-%��{�¤$l@�F.¦¥ ö�+�Õ%Ö��8ã%ä K åå ¢&��"+â K ��æ�ç�å�)�*�ö�+ false positive � false negative ��æ�I~�þ¼�ç�0æ�è�3��$�{%¤$l@�8.¦¥zé%ä%=�å�ê%ë�ö�×%Ç%5þ�ì�B�� © �g��å�í�î&û5ï�ð'35��ñ�ò�+�Æ�Ç%N%P�>�æ�ç�ì�B��ö"ó��8Æ�Ç�3F�@+�,�-�.�/��)�ô�3��õ%>�À��h@ÀÝ÷��å"ö�÷�ø�ù (false positive) ��R�þ�ÿ��%�%ú�®%)&û�>�?��0ú(�� /�å�û�ü%��´%B�µ�B�å�ýË?�û(4�þ��å%��þ�ÿ�>�À�+�Þ�ß�ö��8��5ì"B��ö�ñ�)mûkö�ð�ò�3F>�h (false positive) â�ã�ä�0��G��þ��3O~$�²��@��Á��ÀF4þ��"+ì"B"��)�Ü�û�ð�ò�4þ (false negative) â�ã�ä�0��G�3F>�h"��3O~��²%�@�I��$+)â�ã�ä�å�æ�ç��81%��Ê%.%-ËLÏå��@h"��ç��$I�~�Á��ÿ�H"�$+��3�h5Ð��>�)�ô%º��38��å�1��Ê�.�-'L0�Ú� �4þ��mû%+�æ�ç�å"Þ�ß@0��ÀgG�Â�3F��9��(3��6��

�� "!�#�$�%�&�'(")�*,+�-/.� 10�23145(�6,7�85 �9�:�;=<�>�?A@��B-/("C�D�&E;GF�H�&,I5J�KML�NF�O�;GP�QSR�TVU�W

X Î�å�Ä�Y�ö�â�ã�ä�å�æ�ç@0)�*��þ�ÿ%�8��Æ%D$�8>&þ�ÿ��505h�ÀÝ÷%��R�Z��h��@�• Õ�Ö�{�¤@l��F.Ë¥Ïû1[�0G�\�3FÁ�]�D�0�^E_�4þ• �% ��gA�B��G�÷�ý�þ��mû�N�P�ä�å�R�þ�\�àE`�^@0��G• ,�-�.�/��a��I�~�+b��FÛ��@t��g~%Á"ùEcmû�>�?��• -&ø��STå�d�³ K í�î�å��e@0�fEg$+�hEi��þ• j�k K >�l�m��n�ç K >Eb(r@��,�.'¥80�oEp�3��8

q q q8q q q

. r r r�ss s�t tt�u uu�vvvEwww 73

8.2.1. x x xzyyy|{{{�}}}�~~~�� r�s�t�uEv�w��E��E��B��1��1��r�s�t�uEv�w��E��1�� ¡�¢��¤£��¥�¦�§�w�¨©��E�� ªE«E¬��®¯�°�±��E��ª�² � u¤��,³�´¤µ �¶�· ��¸¹ ¸B�Bº�»¼��½E¾�u�¿�µ/À¼¸��ÁEÂ�¢�Ã�Ä¤��¢�ÅBÆ�²�¿�Ç¼¸�È1ÉB�Ê�Ë ��ªEÌ�ÇE� ¹ ? ÍÏÎ�uEÐ��Ñ�� Ê�Ë ��¸�Æ�²��1u�ÇÒ¸zÈ�É ¹ ��Ó,©Ò��Ô��Õ�Ö�×�Ø��ÙBÚ��Ò�Õ�Ö�×�Ø��ÙEÛ�uE��Ü�Æ�u¤Ô�u�� Ê�Ë ��¸�Æ�²��u�ÇÒ¸�È�É ¹ �v�w�Ý�Þß�ªEà�¬�� Ê ¸�ÆEá�â�ß�Ç� ¹ ��Û1â�ß�Ç�� ¹ ? ��©z� Ê �¯��ã�ª��,��u,��¯��äE��å�æz±E��¢��Bç ¹ µ"ÇE¢�¿1��Ó,u�èEéê�ë ¢�ì��ä��Bu��Ô��Î�uEÇ�í�î�Ç��¯��u��z�1Î�²�Æ�u�ï�ð�ª�ñEò�u�ó�ô1õBÐzö�×��÷�ø¤¸�Æ¯¿�ùz¨,²��• http://www.isecom.org/projects/osstmm.htm — The Open Source Security Testing Methodology

Manual (OSSTMM)

• http://www.owasp.org/ — The Open Web Application Security Project

8.3. úú ú¤ûû û�üü üþýý ý�ÿÿ ÿ�� v�w�ª�¢ · £ ¹ u��E��è�é��¯�� ¹ £�ª��"�Ò£�© � �¯��Õ�Ö�×�Ø��ÙBÚ��¯�v�w�� ö��óÒ×��ÒÖ��Ò¸�ÆE½��u�� ×��Î�± � ��Î�±��¤£��,Ó,©! 1©�u�� ×��"$#z�&%�Ü � ��É�¸�� ×��&'�(��)Ò¿��ª*#�u��+�,��-�î¼��¢�µ � ��ì�u��E��èÒÉ=Ü. ¹ ªz��r�sEt¯��Î�±��0/�Ç&�¤Ô�í�î�¢��*1�Ö2�¯��¢z�Ç¤¸�È,É�3�4 u�5�6�u7��Ô��89�;:�¥��|É;<�¢��¿�¨ · ´¤µ � ��r�s�t�u�v�w��½�=��¯�1u��Ô>89�,��?A@ � ��CB�DA�1��1FE�G�H$IC��1�J�K��ML�N��OI.P�G�� Ê ¸�Æ¯Ô�Q�w�u��´�µ�EÕ�Ö�×�Ø1�zÙ ( è�é¯¨�©¯��R¼×�SB�,�z�CT�U¼¿ ) � Ê ¸�Æ�¨*@�Q�w�u��,��´�µ � �¯��V�W�u��E�ÒÔ1´,©�ç�X�W�u¤Ô�u¤Ô1´¤µ � ��Y*Z�[�Ç�è�²&K��²��E�ÒÔB´,©�ç��C\ ¹ µ^]Ò£�¿�_�`�Ô�a¢�¿�Æ�Ô��b�u��z��¢�²Cc�d��0e�Î��,��ÔB´¯µ � �¯�f�g ¢��¼�>��Î�±z��u�ª*h��í�¿B¢|µÓ¤É�¢�:�¥�Ç��¤�Ci$jzª*k�l��*m g Ç��¤�,Ç. B©zç¯�&1� ×>n�o��B§$) ¸�Æ�ÇO ��1ùz±�p¤¿�u��E��Cq|¸�Æ�r�sÒ��t$s��u�v|¸ � ��E��E��u READMEw7x ö,� ¹ man D��Oy��z�{|¸ � ��>|.@BÆ��}*_��C�*1ÒÖ2�EÑzö��1ÒÖ2��~�ö��,�E�z��¯�Q�w��LCG�H�L2�|×/¢�ì�u�ïEð��¯�1ö$G*��zÕzÖ�×�Ç�%EÜ�Æ¯¿�ùz¨,²��ñ�ò��C�*_��¯�,��ª��é�Ç� E�,��,��u��*��u�Ð!G>�9L>G�H��B�O� ��¶�· �

8.3.1. Nmap { { {�� !��!��,{{{��.��.��.��Nmap ª Red Hat Enterprise Linux �&��Å1Æ�²��C�O��n1��¢��E��Ç��Õ�Ö�×�Ø��Ù,uO��ö��óÒ×��äEw��¯�Bu��Bè$\�© � �� Nmap ª�rz²��é�¨�©�Æ! BÆ��¼µB�0�¼£E¿,��*��*��¯��& u��,��Ò��¸�Æ��ÒÔ��¿�è�\E©¯��Ô�u�ÇE�¯� man D��Oy��ª��1u��E��u*B��OI.P�G�K�è�é êEë ��ï�ðz�C_`�¨�©�Æ�² � ��*��ß�ª�Õ�Ö�×�Ø,��Ù�/�Ç Nmap ��è�é�¸"Æ��×�I��1*J��CI>�*1�J�/�u�BE�*��G��×��Îz±��Ç7 � ��Nmap ªEr�s�t�uEv�w��²�Æ�X��¢��u*��1¤Ö��¤��¢�µ � ��EÕ�Ö�×�Ø��Ù�Û�u��Ü�Æ�u��|×�C�ÒÖ��E��ÇO ��Q�w�� ×=ÇE½*�|¸�Æ�²��CB�DA�1�*1FE�G�H$IC�*1�J�u�»$#¯��q��>B��IAP�G��Ô�ÇO � �� Nmap ª�� Ú�¢EÐ��O¡C��uEè�é��¢�£�¤�è�éEÐ��O¡>��u�¥*¦��,Îz²Æ�u ê Ä¯��E�¯�B��u f*g ¢�T�§¼��¢¼µ � �¯�8.3.1.1. Nmap � � ��èèè�ÅÅ Å�Æ ÆÆNmap ª!I�ô��$�$R�G>�|×/Çz� nmap �2��¼¸B��Ó,u�¨$��©7ª$G��!I*G�u$��Ò×¬«��ª IP ��>��¯��Ç�½*��Ç! � ��nmap foo.example.com

74 ® ® ® 8 ® ® ® . ¯ ¯ ¯*°° °�± ±±*² ²²�³³³�´´´

µ*¶�·$¸ ²�¹*º ( » µ�¼¾½�¿*À$Á�Â>Ã�Ä*Å�Æ$Ç*Â>È 2 É$ÊAË Á*Á�Ì*Í�Î*Ï>Ð$Ì ) Ñ�Ò*Ó�² Ç�Ô�ÆCÕ�Ö.×�ØÙ�ÚOÛStarting nmap V. 3.50 ( www.insecure.org/nmap/ )Interesting ports on localhost.localdomain (127.0.0.1):(The 1591 ports scanned but not shown below are in state: closed)Port State Service22/tcp open ssh25/tcp open smtp111/tcp open sunrpc443/tcp open https515/tcp open printer950/tcp open oftep-rpc6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 71.825 seconds

Nmap Ñ�Ü�ÝOÞ µOß!à�á�µO¸!â�È7ã7ÌCÁOä�å Ñ�æ�ç!è�²�é Ï�ê*ë�ì*í!îOá�¼0ï Ý7ð>ñ*ò�ó�Ý ¼�ßCô*µ¼*â ÙCÚ�Û Í ²*õ�ö7Ñ äC÷�ø$ù9ä>å Ñ�ú$û â0í�ã Ü7Ý.Þ µ.ßCü!ýMâ0Ã!ã�þ$ÿ��OÆAÎ�Â&È��OÆ�� ÙÚ.ÛNmap ²�ú*û�� ÆCÀ�ã&È ²��$Ñ ä� ² URL Æ*Ð$Ì�� »�Ý��$Ý�� ß��â;È��7×�ã Ûhttp://www.insecure.org/

8.3.2. NessusNessus Ñ�� ì�í��¶� !à�ô"!¾µ�¶�·$# Ý�% ÚAÛ Nessus ²�&�'�() ¸�* Ý ¶�ô ð,+ · %-�Ý.�Ý�ÑÍ ² µ�¶O·�# Ý ß0/&µ$ô ��1 î.á�¼�ï ÝOðCû Æ2�µ�3,4 )5 Ú Ì�Í�Î>½ %�6 Ù>Ú�Û87 ² µ$¶O·�# ÝÎ89$:!Æ7ä Nessus Ñ;�< Ú Ì>=�?0@ Ý 3>A Ý µ7Æ,B�CA×�Ø Ù�ÚAÛ>D ã�ÆOÏ�ä Nessus ÑE�F Æ,G�HA×ØAä>I�J�à ó�Ý ¼0ä » µ�¼¾µ�¶7·$¸*ä�à�*LKM3 )$��¯*°�±�N�O�²�ç�P ß�QR� Ù�Ú.Û Nessus S Æ E�F ÆT�U % ä E�F Æ8G�H.×�Ø$È$ã�ÈAÏ�ä false positive Î false negative ½$Ð�Ì>ÁAÏ$â¾Ø$í�ã ²�%$V�W â2ÈM��!×&ã Û

XX X�YYYNessus Z Red Hat Enterprise Linux [\Z^],_a`�b8c8_ed>f�g�hLiaj�k�l�mano`$_ad�f,p�q\g�k$r�s�t^l�u,qg�v\wxzy\lL{$|o}\g�~��8[a�>��g>��o��l��>l�g��>��b,qag��Lsa�L}m�[a��$no`�b8c�_,��Lp

Nessus ²�ú*û�� Æ>À�ã�È ²��Ñ ä� ² URL Æ*Ð�Ì�� web ÜR) ¼0ß��Mâ2È��!×�ã :

http://www.nessus.org/

8.3.3. NiktoNikto Ñ��ñ��Ý ¼�� )�) ¸�3 ÝR� � ) µ ²� Ø�Ã CGI µ�¶�·$# Ý�% ÚAÛ Nikto Æ Ñ CGI ¯$°*±�²+ �!á ð>ç�P�²�� í��Aä>�� N�õ /Cµ�ô � ß>¡�ØAÌ�¢L£�ì�í�¤�¥MÏ + �!á ð Ú Ì ç�P ß�Q�� Ù�ÚAÛ�� í§¦^¶� L¨O¸A¼&Ï�©�ªMâ�È7ã Ù�ÚAÛ &0«0(�'>� ß>¬� Ú Ì�®!Æ7Ç0��¯° �± ��² 6 ¦¾¶� L¨!¸A¼½³�´�â�È7ã Ù�Ú.Û CGI µ ð à & ¼�ß Ü�Ý!Þ µ %�6 Ì Web Ü�Ý�µ$Ý ß�Å�¶�â;È�ã�Ì�Ä �$Ñ ä Nikto ½Í�Ô�â2Ã Ü$Ýµ*Ý*² �*¶� �à2ô·! + ��á ð ÆL¸�¹�â0ã.à>º Ý µ.Î�í¼»a½ Ù�Ú!Û

¾ ¾ ¾8¾ ¾ ¾

. ¿ ¿ ¿�ÀÀ À$Á ÁÁ�Â ÂÂ$ÃÃÃÄÄÄ 75

ÅÅ Å�ÆÆÆNikto Ç Red Hat Enterprise Linux È^Ç�É$ÊeË>Ì>Í>ÊaÎ>Ï�Ð�Ñ,ÒoÓ8Ô�Õ�Öa×oËÊeÎ>Ï$Ø\Ô,Ù�Ú�Û\Õ�Ü,ÝaÐLÞ�ßàzá Õ8â,ãzä�Èaå>æ�Ð>ç�èeé�Õëê>Õ�Ð�ì�íî>ï�Ì�Ð�ð�ñ�ò�ï�Ì8Í�Êeó�Ø

Nikto ôLõRö$÷Â�ø�ù�ú�û�Â URL ü�ý�þÿ��http://www.cirt.net/code/nikto.shtml

8.3.4. VLAD � � �� VLAD ú Bindview, Inc. Â RAZOR ��Rô��,÷��¿0À�Á�� "!��ü��#��$&%�'&(��)�*,+.-0/210Â SANS 3"4,5 10 *,�6387:9";<��=�4<>�?&�@� (SNMP /21BADC�E<F&GDHDI0ÂD/21BAJBK

) � Nessus L KNM�O�P�Q�R ü�ú�%BS��UTDV2W�A VLAD ú"X2YRô<Z[?<�U��

ÅÅ Å�ÆÆÆVLAD Ç Red Hat Enterprise Linux È�ÇëÉÊoË�ÊaÎLÏ>Ð�Ñ�Ò^Ó8Ô>Õ�Ö\×\Ë�Ê\ÎLÏ$Ø�Ô$Ù>Ú8Û^Õ>Ü�Ý^Ð,Þ�ß àá Õ8â,ãzä^Èaå�æ�Ð8ç�èeé�Õ�ê>Õ�Ð�ì�í�î>ï�Ì�Ð�ð�ñ�ò�ï�Ì8Í>Êeó$Ø

VLAD ô8õRö$÷�Â�øù�ú�û�Â URL ô�%�' RAZOR ��Â�\�=^]<_�F#3\ü�ý>þ$ÿ��http://www.bindview.com/Support/Razor/Utilities/

8.3.5. ` ` `�aaabbb�ccc� �dd d�eee"fff�ggg�hhhjii ikDlDm *&n<�D��ô&ojp�÷2qDr0ü�sD'"t"�2G�úD�#$&�<V�%BS<�@��2u�F<vBw<��x�4�3yu^��>@r0Â�t^�2Gz %��{�A Novell x�4�3,u<��>@r�Â�t&�"GA Windows |��+��"r�A Linux |��+��"r�A^}$Â"~�Â�t^�Gj��ö��0ö��%�S^��#�LÃ0Ä#;��'ô�%2��$÷ z�� $ô^��T J ö��>úBA�� J (��)*,+.-�A@�D�0Â2��A"�DF"� /PBX x�4�3Uu^��>8Ã�Ä J#K Â2�D�j?�ü^�B� war walking — u�F&vBw<�x�4�3Uu^��>,Â¿�À�ÁRô^��?ë÷2�2��Â"�� J �j3@�2><�� ;@�D�� ' —J#K Â2�j?>ö&�� ú�A@��Ãj?�÷2�D�0ü�%&��{Ã�Ä�ô& �¡2¢��B'D��W�ü�sD'@��£0Â2� � ü2��>¿�À�Á�Ã�Ä�Â2¤D¥ m ��W^¦�§��'>Â�ú�}$Â"¨"©�ª�N«21�¬"�Â�w,®�G�Â�¡�ô��S@�U��

76 ¯ ¯ ¯ 8 ¯ ¯ ¯ . ° ° °�±± ±^² ²²�³ ³³^´´´2µµµ

IV. ¶ ¶ ¶¸···º¹¹¹º»» »½¼¼¼¿¾¾ ¾ÁÀÀÀºÂÂÂ¿ÃÃ ÃÄÀÀÀÆÅÅ ÅÈÇÇÇ¿ÉÉÉºÊÊ ÊÄÀÀÀ¿ÉÉ É

Ë�Ì�ÍUÎ^Ï�Ð2Ñ&ÒDÓDÔDÕBÖ@×�Ø[Ù<Ú�Ë�Ì�Í,Î^Ï�Ð�Û&Ü<Ï�ÝDÞ2ß�à�á�â�ãDä�Ñ<åDãBÖU×Bâ@æ�×�Þ�á�âDçè�é2ê�ë�ì ×�í�î�ç è�ï2ðBñ çDç ïDé Ú<ò�ó�ô�ÛNõ.ö0÷"ø�Ñ&ù�úDûDü�ýDþ�Ñ<ÿ�� ð âDç è Þ ï�� â��Dÿ�� í��"Ú��ÞDòDó�ô�Û,õ.ö Ô�� ð â<Ø��Ñ è ×â�� "!yØ�#�$%�"î&,ü�'�(�)"!+* ðBñ *<Ø�Ú�,�-�Ñ/. ë â<ò�ó�ô�ÛNõ.ö Ô0�� 01��203BÚ�405 ð â@Ø��Ñ è ×Bâ6#�78:9�;<!:=�î�* ðñ

> > >�? ??9 @ @ @ .Ô Ô Ô"Õ ÕÕ/AAA�BBB

...................................................................................................................................... 7910 @ @ @ . C C CEDDD�FF F6G GGHD DD Í Í Í�III@ÝÝÝ/JJJ D D D Ý Ý Ý ........................................................................................................... 85

K9K

.L L LNMMMPOO OPQQQ

R�S�T�U�V�W�X�Y[ZH\�]�^�_�`�T�a�b6c�d/e�fHZE\�]�g0h�T�i�c�bkj%]�l�eEmHn�o�p�q�rtsHuwv0x�yz�{ x�W�|�}w~�U��wn�owp�q�r/sHuwv�x�y z�{ x��0��%Ww��0��0��mt��q%]H�/�6�[Z� bk��m��q��H�+��W��"�+p6q�r��H��k~/��/U�V�`0��Ed�� W�¡�¢0q�]w~/£[Zl0e�T/�0�¤��T¤o�p6q%r¥�¦�§�¨ v�©wd�y z�{ x�`�ª�v�©/Z��«t¬Ed��H�km��}0p�q�rt® ¦ ©�v[¯�°�±²��³�´�µ0¶�c�b:·�¸µ�¶�pw¹H�/d�º�»�W�¼�½"�+p�q�rt«�¾HZH��¿�À6dtÁ�Â�Ã¤�6Ä�Å0Æ��[�wp�q�r6Ç�È�dEnH]�ÉEv�Ê�v/`%Ëu[°kÌ�v��0Í<°kÎ�W��wÏ�ÏHÐ/THÐHy z�{ x[��±kÑ�®�Z+Ò0Ó"�kÏ�ÐH]�y z�{ x[��Ô�T�ÕEv�Ö z W�×Ø"�kÏHÐH]0¯�°H±�Ùtv[Ë+T�i/��Ú�Û�W�Ü[Ýw`�q[ÐE©wvßÞ�°H±�W0àwm��:ÏHÐHp6q�r��H��k~�á0â[Zw�"�Ï�ã�s+ä�©/®/x�¹��å�¹�æ�]�\[��ZH��ç�è0��6é�ê ¨ ã {ìë Î0v�x�d0í ¦�î vHZ+��m��0�"�k~[�H�W � bk��]/sHuwv�x�m�l�e��6T<owp�q�r6��ï � y z�{ x��[�wd�\ß�kT��0¶�y z�{ x��:Ï�ª�Êß® ¦à6��Ï�Ð�p6q%r

9.1. ðð ð<ññ ñ<òò ò<óó óôô ô�õõ õ<öö ö<÷÷ ÷ùøøøHúú ú"ûûû"üü üýý ý�0��ï � y z0{ x (IDS)�[�6þ0ÿ�d0T�Ð�� ¦ ±tã²`0Ç0È�d�n�]tsEË { ë Ö { ë Zw�<�:Ï[y z0{ x��+¯ß°±kÙwvßËwd�sEË { ë Ö { ë W��q�]+sEË {<ë�� T�EÑté z p�~��ª î ® z ¹/q�r IDS

m� �[W�ï � q]��E�0¿/¬E¹tqEm[�tÐ��EdIDS��0d��ã��v z Zw×��EZ�tí/v��0W��}Eb:�[]��ßZ��´�W �!�q%]0��¹tq%r

IDS�0Ú�Û�� " #�$��Ò�ÓEc�b/y z�{ x�W�j owp�q�r�pw~��0¯�°H±�Ùtv[Ë+dHs�Ë {ìë Ö { ë W&%�'�k~<ow�&( )0Ã[Z+*��kÏ[¯�°H±�Ùtv[Ëß�/y z�{ x�d,�Ô%W�ï�-<�k~<o��wª�v[©wd./�Ã�W��q%]wTit��¿�À�d[��+W6ØET�Ð�p�q%r�0�|�q�]6ï � �0�HZE\1�Ï[�

IDSW�#$0q[]�2E¹�d435 �/T687[�:9;�:Ï%Àt]&687/mEÐ[À=<Ec�n�o�p�q�r

9.1.1. IDS > > >@??? AAAIDS��+BEcß�0p�~

IDSm+C�D�q%]�E�F%W�è��0q%]0�E��m[� ¥0¦�§0¨ v[©�d�é0ê ¨ ã { ëHG ãwy6v�Z�IJ �E��]tdßZ4K�S�T�d��i6d�©/®+��c�W&L�Ô�q�]&2�¹M�e��6T<owp�q�r��wd�é[ËEy�N ¦ ¹�� IDS

Z+*q�]�O P¤�IDSd�Q�©/®+��dE�F��&R�S�d�ï ��T�U ��V/v�ä�mXWY<�d0Í<°�Ztv[�H�6T[1w~�\ß® � ã�°]

IDST�itW��^<�:Ï�ÐEæ0p6q�r

Ð�À&<ßc�dIDS

� �8_@` v z ¹ßn¤o+��\ßÀ+nß]�ÚHÛHdEªEv�© ` v z W�$�Ð�Ï0�E�ßm0�E�Eq�]��Z�éê ¨ ã {ìë ç�è��ab�c"�:Ï/�0��wp6q�r0�6�HZw�<�w�6Ød ` v z IDSmHn�ow�&8�HZ+*¤�:Ïtq�eEÏd�ã��wv z #�$�W&f�g"�+p�q�r&8��~HÐtÏHÐ/d4h�/��6Ç�È8�/Ø�d�d+i�j��=k�bk��p�q�r î °wË�lEum ¦ ] ¹+n�d<��6Ü�d ��Z�o�pEc%bkdt��qETtÍrZ[°E± d�Ñ l�Wßã�° z ¦ q%]�stu�ÕEvßÖ z d IDS

��nowp�q�r&v[Z��:w�x�y z�{ x@V/v�ä��&,�Ô�y�z��{�|[Ñ lEW�ç0è��d/Ò��:}�~�¹I J /8�/��Ï� ��T��ï � ê�°H±�W&n o6n+��]��H��wn�owp6q�rw¿4R�d��0��ï ��T�U W6ï��q%]��H�k��ßZ��+1�Ï�KET%��d[W0à�mtqEd�Z��t8��p�q�réEê ¨ ã { ëH� � ¹ ��à��]&�"��@��T IDS

� � z ± ` v z �+¯%°ß±6Ù�v�Ë ` v z IDS�ß��Ï� bk��]&��¹�q�r4� z ± ` v z IDS

��wd��<�d@�H\�o��/8��W&��&Q0³ ��d8� z ±H2�d�ï � y z{ x�d�×�0�W&�[ÐHp�q�r4� z ±²m��$�q�]�¯�°H±:Ùtv[Ë&��[Z4*��T�Àk¢��E��à��p6q�r0¯[°H±Ù�v�Ë ` v z IDS��Q@��Ô�� z ±6Z/Í[Z�°ß±:m� ¡�à��¤]��Zß��¢@s�ª î ® z W�»¤£�Ï�Í[Z�°ß±�W¥ ë ä�©wv��+p�q�r0¯�°H±�ÙtvßË ` v z IDS

��&��/8��m¦[Ð��:k�T�à��Ï�§�ow��¿�À6d¨�v[Ö�ä��Ed�� z ± �+¡©E¹[æ0]�¯H°�±:ÙwvHË�Í8Z[°�± ¥ ë ä%©6v�� ¢�HZ+�+6+$E¹Hæ�TEÐ�ª+«ßZ+T�o�p�q�r

80 ¬ ¬ ¬ 9 ¬ ¬ ¬ . +® ®®+¯ ¯¯°°°

9.2. ±± ±�²² ²´³³ ³�µµ µ·¶¶ ¶�²² ²�¸¸ ¸ IDS¹º¼»H½8¾�º�¿IDS À@Á[Â:Ã8Ä ¿+Å¤Æ�Ç@È�É�Ê�Ë:Ì�Í&Î�Ï�Ð�Ñ ( Ò[Ó »:Ô�¾�Õ+Ö�×4Ø@Ù Ú&Û�Ü8¿8Ý@Ú�ÞÀ Î�Ï8ßà�á ) â Í �® ( ã�ä8Ä�å ¿+Î�Ï�æ�ç )

È�è�é�Ë�ê�ë�ì�¹º¤»H½�¾�º�¿IDS Àí�î�ï ¿@ð8ñ ò@óô4õ

( ö ¾ Ò õ Í ÷�º�ø�ù�Í&ú8¾�û ¾[Í Ò[Ó »�Ô¾�Õ Í�ò@ó ô Ç�ü[ý&¾ õ Í+þ+¿ÿ )È��8Ì[Í�� ° ¿�� ×��ë�Ú��8¿@Ö ä� ¾��&½ ¾�º@×��¤Ë:Ì8ð8ñ�È��Ë�ê&ë�ì UNIX �� Linux

¹º¼»H½8¾º ¿IDS À Í syslog � þ¿��È ò õ à8Ñ¼Ë:Ì[Íð8ñ�� ô ½ ��»�¿�!�"$# ( % : & #r¿�'�Æ(�� ° vs!�# ¿ ö ¾ Ò õ�)�* )

×�+-, ô ½.��»�È(/10rÙ�Ë�ê�ë�ìsyslog 2�3 �.4 À Red Hat Enterprise

Linux×(5�67��8Ì Á Ú sysklogd 8�Ó�9 ¾�:�È ô ��º¼»�¾ õ ë�Ú�;@×=<Ñ�>�?�ê�ë�ì�@�¿ 8 Ó�9 ¾: À ÷�º�ø�ù@ð=A��ñ ��ö ¾ Ò õ$B ÓDC ¾�:�»FE Ó 'rÈFG�H�Ë�ê�ë�ì�¹+º¤» ½ ¾�º�¿ IDS À ð8ñ ( I�ÃÄ ¿ 9 ¾�º�> À Í Ò[Ó »:Ô�¾rÕ ��ö ¾ Ò õrô ½.�[»=ð ñ1J Ä ß ,LK�M�×4ßN,&ê�ë )

È�ò7O õ ��¾ Ë�Í4þ��È&É�Ê¤Ë:Ì[ÍQPSR8¿ C�T�U Æ:øVOFW&½ õ È�X�Y B ÓSC ¾�:+×1Z�[¤Ë=Ì[Í�\�]�^8¿4É�Ê�Ñr×�þ(� PSR¿�_a`rð ñ�ÈF5ab�Ë�ê�ë�ì¹º¼»H½8¾�º�¿

IDS> À !�c8ß[ò@ó ô�õ �Sd æ�e��ò8ó ô�õ ¿ ¾��Ff�g�h�È ¯�i ë�Ú�@ ��j >�?�êë�ì

IDS À�kal ò8ó ô�õ ( �a� \�]�^$J=m�n ËD��ò ó ô�õ )¿ ¾-��½ ¾�º�ÈF�a� Ì�Í md5sum (128 o@Ó»:Ç õ7p ÆSq�ù

)ê1� À sha1sum (160 o�Ó »:Ç õ7p ÆSq�ù )

ßsr B ÓSC ¾�:�ò@ó ô�õ�t�ô :�u�º¤»wv ¾øVO4Æ:øVOL>ax�ò@ó ô�õ ¿�y�u Ó Õ�ú ù[È�z�{¤Ë�ê&ë�ì+þ(� Ä å Í4¹º¤»H½ ¾�º�¿ IDS À @�¿ú8ù[È|�}�ò@ó ô�õ ×(~��¤Ë:Ì[Í&é��@×�þ+¿�ø T º¼»�ò@ó ô�õ ×�Ý8Ú�� ò@ó ô�õ y�u Ó Õ�ú ù[È��¤Ëê&ë�ì�ò@ó ô�õ y�u Ó Õ�ú8ù�¿ Á(� � Ä J�g��Ë:ß Á(� g�Í IDS À�� B ¾ õ ê1� À��9 ½ õ >a\�]^r×��Ë�ê�ë[ì�@F�$J�ÍS�9.2.1>+É��+ë[Ú

Tripwire>4Ð$��Ú�' ð C º�>+ë[ì

9.2.1. TripwireTripwire À Í�� jS�� Ë:Ì Á Ú Linux

Ñr¹+º¤» ½�¾�ºIDS>+ë�ì

Tripwire¿��a��^�>@Ý8Ú

Tripwire, Inc.À Í Linuxû8¾7:s��Ñ8¿�� ò�»:üQu+ÇQ��¾�º 2 ¾�4&È�� Ë�Í GNU General Public License

¿��$�¿��@×�þ4¿+Ð�Ñ[ÈF��e�Ë�ê8ËD�rìTripwire À http://www.tripwire.org/

> ®a� >-?�ê�ë[ì

�� Tripwire � Red Hat Enterprise Linux �w�( ¢¡�£�¤F w¥�¦S§�¨ª©�«S¬$¯®°¡= w¥�¦(±S²¯§1³µ´�¶¯·µ¬(¸=¹wºD�»µ¼ §F½�¾¢¿F¬ªÀ�¬DÁF§ªÂSÃaÄ�ÅÆ£1²S²L¨ªÇFÈ�§�É�ÅÊ£�¤F wË�±

9.2.2. IDS Ì Ì Ì.ÍÍÍ�ÎÎÎ-ÏÏÏ RPMRPM 8XÓ�9 ¾�: 3¤Ò ¾�:-Ð (RPM) À Ír¹�º »�½ ¾�º�¿ IDS � Ë4Ì j Ð�Ñs>Ñ?�Ú$' ð ñ7E8ù.>ë�ì

RPM× À Õ�Å¤Æ 8�ÓF9 ¾-: � þ4¿ 2 ��ø-�=Ò�Ñ�¿��ê�Ó�ê�ß�Ôa'�÷.�F��JaÕ[êF� Ì Á ê�ë[ì�@F�å ¿ ¯�i Ô�'[÷7�� À Í�!�c8ß[÷�º�ø�ù[ò8ó ô�õ ��d æ�e��Ö�J�×�Ø7�F�8Ì Á Ú�Ù Á J@Ý@Ú � g×1\a]�^r× �=Ú Ì�Û$Y8×1Ü��rÝ Ú�Ôa'�÷-�� ßN,&ê�ë�ìÝ �[¿QÞ�ß�> À Í Red Hat Enterprise Linux

÷º�ø�ùQà.>r¿ ò�ó ô�õ ¿Qf-g-h.J ¯�i eQ��ß RPMÑ�¿�Ô�' ÷á�(�¿ Á Â�Ã�Ä È=�-â Ë&Ì Á ê�ë�ì RPM¿ ÐrÑQã�ä × Ã Á Ìr¿�åQæ�KQM À Í Red Hat

Enterprise Linux÷�º�ø�ù=\�]$ç ô 4�ÈFè�é Ë�Ì Â�ê � Á ì

ëë ëSìììíSîSï�ð §=ñµò=º�óÆ§�ôF�D�=õ Red HatGPG ö1÷=¶SøwùDú�¬=ûF¸µü�ý�þ�§ RPM ú�¬�¶LºFÿS��ºµ«F¬Q Ë�¾� ì�� ½F¾��w§ � ½��¯ wËa±F²µ§�úF¬F�=õ�¸Lü�ý�þ1��1ºLüQ ¬�®w¡�£1¤�¾¯öQøw·D¬�� Red Hat ö�ø°·µ¬�� £1¤�¾�²�ÄDû��È$ÅL ¯Ëa±F²w¡��õ��D§SöQøw·D¬�� Red Hat §��S¨�½F¾F²�ÄDû��FË�¾��L§¨µË(± root ��¯õ íFî §(ñµò1º�ówû ��!$ÅÆ£SúF¬1û��º¯«�¬$SÅL °Ë ( " version # �L��õD¸¯üSýFþ��ºü� ¬�(®¢¡F£�¤�¾ RPM §�$F¬%�=¹wº�û � ¡= °Ë ) ±rpm --import /usr/share/doc/rpm- & version ' /RPM-GPG-KEY

( ( (9( ( (

. ) ) )�** *,+ ++,- -- 81

rpm -V package_name

‘ -V .�/1032�4%5 package_name 6%738�9�:�;=<=4%>@?�A,B�CED�FHG�I%AKJML�N�OQPER%<%BTS�+UWVMX�Y[Z�\Q]E^_V`�aKb[V�c�d�e[f�g�h L�i,; RPM jEA1k�l=A�>1S�m�n V�o�prq�s m[t�u cP�R�<%BE5 ^ 7K6�v_8xwEy `,YKZ�z1{ ;K|=8 ^M}T~ AQ�M�,�Ttu c�dQe 5 fS.5....T c /bin/ps^Q�3qp ; s mE�KP�R�<%B�L��1� q u o 7�O�; `Kf iM;=P�R�<%BKS��Q� Y O p (/etc/ j@��,�3?� LEN�O��E�rP�R�<�B=� s m[t�u o 7=O d�e=^[� )

f�X%c 5 f i,;TP=R%<,B3S��=� V�o i�;1P=R<�B��*3� o 7=O�F_G�IMAKJQS��<E4%>�?xA�B Y O p S��E� Y O��Q��EN3� X�YTZ��Q� ;�� `5 f + U�� L z 7 o�� - Y O 8 �¡�;� �¡E¢ ( £�¤�;�¥ ` 5 S.5....T ) ;�¦�§��¨3S��© V�o7 X�YTZ• . — + U ;Kª�;,«�¬KS�F�> V�o 7 X�Y• ? — EDM®ED `K¯�^ 7M°36 z ;�P�R�<%BE��D zEp � X�V�c�Z±rqQ²�f P�R�<%B�³Q´=LMµ Y O�¶·�`,Y• S — 0�>�¸Q¹�LQ<�4�>�?xA,B V�c 6 ¯ ;,º�;KP�R�<�BQ»�<�¼EL%½Q¾ oM¿ t ²^ � o 7�O f�X�c5MÀ ¯�²^ � o 7�OQP�R�<%B1S�ÁQÂ V%X�V�c

• 5 — md5 ÃKÄ�G��»E¹Q��<E4�>�?xA,B V�c 6 ¯ ;MºE;QÃKÄ�G��»E¹16 eQÅ_V�^ 7�PER�<%B��,Âz�p � X�V�c• M — iM;�P�R�<%BQ£=L�P�R�<%B=ÆE�%ÇQ>,È�; }T~ A f N�O�7�5KP�R�<�BTk�<M/ }T~ AKS+ \TVX=V�c• D — °[6 z ;�jQÉ�<,>1P=R%<�B�; major number

X%c 5 minor number ;�Ê�� Å S�Á�Â V�XKVc

• L — ËQ;KP�R�<%BQF�>�L s m1tu o 7EOQ0,4MÌ � G�� 4,�QSÂ z=Í�X�V�c• U — Î�A,ÏEA,ÐQÑ�ÈE� s mTtu c P�R�<%BKS�Â z�Í�X�V�c• G — Ò�BEAQ/,ÐQÑ�ÈE� s mTtu c P�R�<%BKS�Â z�Í�X�V�c• T — i�;KP�R�<%B�£ ` mtime + UQ}T~ AKS�ÁQÂ V�X�V�c

rpm -Va

‘ -Va .�/1032�4 ` 5 Y ¾ o ;=<=4%>@?�A,B�C�D,F_G�I�A1J�S�+ U�V�o1f iM;�+ U ¸�>@? ` N qÓO%Ô�Õ3S�Á�Â V�X�Y

(-V .�/1032�4,L=| ²�Ö�o 7 X�Y � f i�uK×%u�;�<=4�>@?�A,B�C�DQFHG�I�AJQS�+ U_V�o 7�O�; `E\M] 5K|=�xØ�Ù�L ^ � XY )

Z

rpm -Vf /bin/ls

‘ -Vf .�/1032�4 ` 5ÛÚ z ;=<=4%>@?�A�BQC�DQ;QF_G�IMA1JML�N�O�ÜEË1P=R%<%B3S+ U�V%X�Y3Z�ÝÞrV 7 1 P�R�<%BTS YEß,àr² + UHV�c 7 d�e L�áQâ `MYTZ

rpm -K application-1.0.i386.rpm

‘ -K .�/1032�4%5 RPM F_G�I�AKJ�P�R�<�B�; GPG ã�9 à md5 Ã1ÄKG%��»�¹1S�+ UQY O�;=L%äQå�æX�YTZGPG çQA � 4,Ò,LQ<�4�è�A�? V�c GPG F�é � G��%ç,AKS��K� o 7�O d�e L f <�4�>_?xAMBV |K8�6 V�o 7=O�F_G�IMA1J%� Red Hat

X%c 5�ê�ë�ìKL=|�� o ã�93t�u o 7=O p[� 8 p S�+ U�YO%;=L�áEâ `�Y3Z�í�V,² ãQ9Tt�u o 7 ^ 7�F_G�I�A1J�5 �� ;K|K8 ^�}1~ A�îrG�Ç�AKJ�S�ÁQï VX�YTZapplication-1.0.i386.rpm (SHA1) DSA sha1 md5 (GPG) NOT OK(MISSING KEYS: GPG#897da07a)

<=4%>@?�A�BKð�L�ñ�wE�,��Tt�u cMd�e 5 f Red Hat, Inc.`�ò�ó t�u o 7 ^ 7 c�ô iM;�F_G�I%A

JMLM5,ãQ9��N3� X�õ��KZö wQ;�NEO,÷�A_ø��Mù X u o 7�O�´�úQûQ��NT� XYTZ

82 ü ü ü 9 ü ü ü . ý ý ý,þ þþ,ÿ ÿÿ��

RPM�� "!�#%$&! ÿ�')( ��"*�+��,-/.

RPM 0&1�2�3�( &�4� 3)576/8:9/; Red Hat Enterprise Linux!��<�=�7&��>�? .

RPM @ BAC �� @EDGF�H �JI (/var/lib/rpm/)!�K�L�M

CD-ROM 3"N !JO�P&Q 5SR �T @EDVU ?�W)� H&U �X 9 ��YZ�&M 1 $:[ 9�9 - 89"; Y\"M:] 3)^ YZ�_?�` 5 .:a�b !�+Z�c��d�* @ �A C ��BMef_g) .&h !�i�j"Mk - �l�\�*Z+Z�_!�m .�n ��o�p�q�!�Y_! @ �A C ��?�r= V� ÿ�' M] 34^ !m 0�3 $ . O�P�Q 5sR �! @ �A C ��Z?_r= t��Z�_�_��u��)�<�JB��M ÿ�'�9 ��YZ�:*�m�v��` ^? 345<8:9/;

9.2.3. w w w�xxxZyyy/zzzB{{{}|| |s~~~/��B{{{Bxxx IDS��!�� 0 .&h !�� 3�� !Z+Z��E� C �� ý�þ�ÿ�� n ��o�p�!��$t��M��) t�� 89"; h \B��\�!�c��o D Ito D !Z�Z�_�E�S��)�V��B?_�B�&��!�� 0 .��"�&��&�� )�M:�� /$G�B�J� ;

�� G ¡£¢&¤£¥:¦s§�¨ª©s«J¬Jª®7¯

Red Hat Enterprise Linux °²±�³ ¢G´:µ ³²¶· ¥t¸�¹²º:»t«�¼²½ª¢ ³²¶·_¾ ¡²¢¤7¦S§�¨£©S«_¬J²® °s¿VÀ:ÁÂÃ²Ä «VÅ«VÆ:¥�ÇGÈ�ÉÊË´_¡G¡S¸VÌ:ÍG¥tÎ�ÊË´_µ ³ªÏJ¾

• SWATCH http://sourceforge.net/projects/swatch/ — Simple WATCHer (SWATCH)m 0 syslog mÐ�Ñ �,�Ò"Ó/�"��=M&ÔB � <� . c/Zd�Z�B�=�"��BÕ4?= <,ZÖ/×)M&Ø�Ù�Ú4?�Û�Ü� 89"; SWATCH 0 c��d��*��"�Z�_��B?�Ý�Þ� t,Z�� C �"�M 9�ß �ZÒ�Ó 9 ��` ^ ?��à"�\8 �, ; ��4 . �&�=� C &��! IDS

�� &á�$�â� /�:\�� 8G9�;• LIDS http://www.lids.org/ — Linux ý�þ�ÿ�� n ��o�p (LIDS) 0�ã Bä<��tå�mZ+ 5 . Ø�Ù ( ��mZ+ 5 . U�H�æ ��ç�è=It�E� (ACL)

m��Z�<��!�é�ê"MGç�è4ëtì�í�m 9"; h V� rootc��d��îG!&ï�ð�?_r� ��/ë X Ò æ ��J��<��MGñ�ò� 8:9�;

9.3. óó ó�ôô ô%õõ õ�öö ö4÷÷ ÷ùøø ø�úú úù÷÷ ÷�ûûû=üü ü IDSä"��ý� H C ��! ýEþEÿ�� n ��o�p 0 ��%� C ��! IDS� 0 Ö 3�þ ,�ÿ�ð�MB 8<9�; ä/��ýJ H C ��! IDS

!��à��Ù 0 . ��A_ 8 , 0 �&�E� F C ��m�!�ä��Gý� H �B�/��M<�� . �B�/�Z��!�� .&h t�� "v_m��Ò�Ó��Z�<�� 3 �B�/��s!��!ZÒ�Ó�MQ 5�� m 9"; Y\)î�� 3 �B�/��t?_Õ��&� . ä��Gý_ H C ��! IDS 0�� *!��" � !ä��Z�GýJ H$#�%�&�' ! @ �A C ��M_��(��Z t� .:� �B��Z�t?*)�+�, F C ��M.- 5 � � 8:9";)�+�,�! F C ��*/B�10�2B? 0 . Û�Ü�3�4�T��5�� C ��6 � * æ �87BI�o D å��p�!�T��<W�Z?9��G\/�<!�m .�h !&Ö�×�!�ê�:�M��î<?.; 9 ��Y��G*&mBv 8G9�;ä��Z�GýJ H C ��! IDS 0 �Z��A_Bä��Z�s!��+B?1<B�_��Z?1=�>� t�Bv 8 t, ;.? + 3@ � 3 �ä��Z�GýJ H$A ÿ"M_��(��B �� 3 6�BB?�A�Ó. DC&mBv�� IDS 0�æ �87BIto DFE�G K&m�á)$�H(Cþ \�îG\ 8<9�; TCP/IP

X Ò��$I��*�!��J�K�!��L��_!�, -".$M !�` ^t3 a�b +Z��ä��Z�GýJH$A ÿ 3�N:æ �87BIto D ý�N M*OP 9 �_, - ?&��(��Q� . sniffer.&h !��/ä��Z�GýJ H ��SR ÿ��( J�/M$TVU 9 ��Y�� 0VW CBîV\ 3 � �VX � 3Zþ ��v 8 �, ;

• IP� X B� D ��Ó

•� DY�VZ�P #�%

• arp�� n 7$5��[�\��Ó

• DNS '�]^

_ _ _9_ _ _

. ` ` `aa aVb bbVc cc 83

• d*e�f�gVh�i (Man-in-the-middle attacks)jlk�mln g(oDp�q�r1s(t.u�s�vg IDS w�xVvyq{z$v�|�}�oDp�q�r1s�t*~V��*v�� promiscuous ��s��l�.�l�.�� *�� 8�{�Vg�~��(��v��Do(p�q�r1sDt$��V� �.��{�� g��(��p�q{�.��*�* 8� k ��8¡ � �D¢{�V£¤�*¥ �l¦ Promiscuous ��s§��w ifconfig ¨*©8ªl��«�g8�D¢.� �� k ��D¡�¥ ��¦

ifconfig eth0 promisc

¬� z�®*ª1£y¯�� ifconfig �.°�± �l� k �.²�³�� eth0 w promiscuous (PROMISC) ��s´��£lµ �¶ � � k ��·�¸¤�$¥ ��¦

eth0 Link encap:Ethernet HWaddr 00:00:D0:0D:00:01inet addr:192.168.1.50 Bcast:192.168.1.255 Mask:255.255.252.0UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1RX packets:6222015 errors:0 dropped:0 overruns:138 frame:0TX packets:5370458 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:100RX bytes:2505498554 (2389.4 Mb) TX bytes:1521375170 (1450.8 Mb)Interrupt:9 Base address:0xec80

lo Link encap:Local Loopbackinet addr:127.0.0.1 Mask:255.0.0.0UP LOOPBACK RUNNING MTU:16436 Metric:1RX packets:21621 errors:0 dropped:0 overruns:0 frame:0TX packets:21621 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:1070918 (1.0 Mb) TX bytes:1070918 (1.0 Mb)

tcpdump(Red Hat Enterprise Linux �*¹�¥ �� ¶ � ) £ n g�º�s�»��{¼�½ �8� k �oDp�q�r1s(t��¾y¯�V¿�� ¶ �$À�Á gVÂ�Ã��Ä � � k ��¡¥ �D¦

tcpdump: listening on eth002:05:53.702142 pinky.example.com.ha-cluster > \heavenly.example.com.860: udp 92 (DF)02:05:53.702294 heavenly.example.com.860 > \pinky.example.com.ha-cluster: udp 32 (DF)02:05:53.702360 pinky.example.com.55828 > dns1.example.com.domain: \PTR? 192.35.168.192.in-addr.arpa. (45) (DF)02:05:53.702706 ns1.example.com.domain > pinky.example.com.55828: \6077 NXDomain* 0/1/0 (103) (DF)02:05:53.886395 shadowman.example.com.netbios-ns > \172.16.59.255.netbios-ns: NBT UDP PACKET(137): QUERY; BROADCAST02:05:54.103355 802.1d config c000.00:05:74:8c:a1:2b.8043 root \0001.00:d0:01:23:a5:2b pathcost 3004 age 1 max 20 hello 2 fdelay 1502:05:54.636436 konsole.example.com.netbios-ns > 172.16.59.255.netbios-ns:\NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST02:05:56.323715 pinky.example.com.1013 > heavenly.example.com.860:\udp 56 (DF)02:05:56.323882 heavenly.example.com.860 > pinky.example.com.1013:\udp 28 (DF)

�*g�©8z�ª (pinky.example.com) Å � ��w�£�¸Dµ*Æ��p�q1Ç tcpdump ��µ � vÈ�É�ª �.� �{ÊË�� g��·¸Ì�$¥ ��¦

84 Í Í Í 9 Í Í Í . Î Î ÎVÏ ÏÏVÐ ÐÐÑÑÑ

9.3.1. Snorttcpdump ÒVÓ�Ô�Õ�Ö�×(Ø�ÙVÚ�Û�Ü�Ý�Þ�ß�à�á�â{ã�äÕå(æ8ç�è�é{ê�ëyì*íîï�é{ð�ñ(Ý�ò�Þ�ß¤ì�Õ�àóô â.õ�öD÷Vß IDS Þ{ß�ø�Õ8ù.úlû.ü�ý(þ tcpdump ßDâ$Õ�÷8ÿ�ê�ëlé{ü��(÷��ñ��å(æDç�è��é�� Ù��û ó ß��ï�í��*Ú��ì*û��Dþ�� IDS ßDâ��Vå�æ8ç�è{é{êëÌì$â� "!�Ò�Ü$#%�'&Õå�æ8ç�è�(�)8é�*ï�+�,Dì*âí.-�Ù�/lç�è�0Dù{ú ó ��ïV÷�1�2Ìì$û3�8þSnort ß"4�5.6�÷*õ�ö�÷�â� �!(Ü�Ý�7Dç�è%8*Ù ��9�: é{õÌì";=<�>yì*â%?�@�Õ1Î�Ï�Ò�A�Byì ó Þ�C1÷�ßD�E�F ��(�Ñ��8Ý�ò�Þ�é�G%6lÞH��Ý�4�5.6�ÛVõ�ö�Õ IDS Þ�ì ñ"I�J�ù�ú�ñ�à�û��8þ Snort ßå�æ8ç�èK��L��ï�MÌç ��N �$O*Þ�ì�ñ"P�Q�� libcap î��R�î Þ tcpdump é�S�Tyì$û3�8þ��U$V�÷�W§á�X ÿ"Y�ú ó Snort ��Z$[ Þß�â�\$]¤Õ�^$_$`$acbdRfe 'g$h Û�� þ Snort ßi��f*(Ùj7´ç�è�kml�noW â�poqc� Ý¤òÌÞ�Ò�ÛjClÝ�^c_ir�Ùj*�syÙ é�äy÷�pcq ìVñyàyû.� þt Ù$u¤Ùlß´â�q ì�ào7´çÌè"8DÙ � ^c_�÷�vfwyàDñ�`fa´é�xcy ì�â Snort `faoz�Ù �lï �è ( http://www.snort.org/lists.html é�{�| ) ÷~}��~�8Ý�ò�Þ�Ò�Û�C�Ý��ÛDâ3��ñ�� Snort t Ù"u�Ù�Ò��"��é��,�Ýò�Þ�Ò�Û�CÝ��&{÷�Õo#$û��8þò��~� g�� E�� Ò Snort é�X�q�Û"�.��Õ�7Dçè%8*Ù � s�Ù IDS ÷~A��ù{ü�ñ�C ó �VÛ"�8þ

�� 3��Snort � Red Hat Enterprise Linux �K��3��H�%�=��3�.� ��"� ¡�¢~£ Snort �K¤�¥3¦�§3¨ ©��=ª��=«��¬H"®�¯±°~²%²K�H³�´%�%µ�¯¶°�� ·"£

Snort ��S�T�¸�¹(÷�º(à�ñ��"»�¼�ß�½�¾�¿�À�R�b��è�â http://www.snort.org/ é�{�|Ìì ñ$;3ÁDù�à�þ

Â10

Â.

Ã Ã ÃÅÄÄÄÇÆÆ ÆÉÈÈÈÊÄÄÄÌËË ËÎÍÍÍÐÏÏ ÏÒÑÑÑÊÄÄÄÉÏÏ Ï

Ó~Ô�Õ�Ö�×�Ø�Ù'Ú�Û%ÕjÜKÝ�Þ�ßcà�á�â"ã�ä"å�æ�ç�è"é�ê�ë�ì�Ó~í'ì$î�ï~Ô�ð'ì~Ô�Ý�ñ�òió3ôdõ~ö�÷cøù"ú è~ûdüHã"ý�þ�è�ö�å"ÿ��.è�û��÷��óHÝ�Ø�Ù�Ú�ÛHÕ Ü��Ö�× ��có3ôoõ�ö%÷$ø

10.1. �� "!!!ë�ì�Ó~í'ìcî�ï~Ô�ð'ì~Ô�é�Ø�Ù'Ú�Û%ÕjÜ ù"ú$#$%�& è�û�÷'��ý�þ�ôiÛ)(+*.Ó-,�ì/.�÷cø10�2�Ø�Ù�Ú�ÛÕjÜHè�3$4�÷'�65�×'ê$768~ë$($9�:)��;cà)<'=1>dõ@?�A�îCB ��*�×6D/E$F$G$à/H�I�ö/J�K�ã�ä6�1L�AM ��è�û ü%ã�×�Ø�Ù'Ú�Û%ÕjÜN$��Ö�×�û$�.ô O�Ý P+.�÷$ø"ë�ì�Ó~í'ì$î�ó�é�Ø�Ù'Ú�Û%ÕjÜRQ$S�×��ó.�÷cø�ï~Ô�ð'ì~Ô�é'ê~í$��T~×�U$V$Wcà1X�Y ü%ô�Ý Z"ê�Ø�Ù'Ú�Û%ÕjÜ[$��Ö�Ý O�×�\�]�è~û$� ü~ê1^S$àC_�`�a�è�b�ä/c�d-��åed�f'à�ü�ê g�ü=ãoÛ1h@��Ô�à~ä/i6j@k�÷��1H.è/l�m-nCo$ö%÷$øp+q ÷r�/s6t$è i$ä�ã$ê�goü3ã�g�×�s+t�V�u�Ý�v+w�x-Z1y-�/z�{�.rO�×-\�]�è�Õ-*+|�}�~e�ió��.ì� Ú/��T�Ó~Ô�Õ�Ö�èe�$� ü%ã�ä6�~×$H��'��ã$��ã-b)��n�ä�ø1��cê�Þ�ß�Ý6x+K~å�æ�çcê1�-�6Z�o-�1>�+�6� à/�6�jü3ã+�.ãrb@�'n�ä�ø.ö�åcê.Ó�Ô.Õ.Ö�×��9�ì�T�ë�Öió�í+�-T�×��é�J�H õ # ÷'ä ^S+.�÷�Ý'ê~í$��T~×��'�/�'ê

ID×��$�

( � ì$�"ë�ì1� %$�$� H Z )ê1�$2$�$Scê1��è�5��$� #'� ~�?�Ô

��î¢¡$��Ý+£�Ú/��Ô$.�^$Scà1¤'K~ã�¥$¦��èe§��÷'��ó~è+\'õ¢¨�©+��è�5�^$S'à�á�â+�1ª$�oó�ô�)«�¬�W-n�� x$õ�ö�÷$øDeEió�$Ecà1®$d�ã�¯$°�×�Ø�Ù'Ú�Û%ÕjÜQ�S�è�±�÷'�1²�³+.�é�ê1Q$S.×�ª$�oó�ü%ã ´$µ�Ý � ~�?~Ô�¶c�èe·�äe¸cö1o'�1«$¬$W¹5/x6�$��ó"à/º ZCH�ècü=ã�ä�ö�÷cø1Q�S�è6\�K~ãiÛ/h/��Ô�Ý�»�¼�½$¬�è/·�ä¸cö1ocê~í$��T~Ý��cö1o�ådõ¢�'�/��n1o'�)«$¬$W�Ý6xfõ�ö�÷cø�ü�Hiü~ê1¾$¿.ô O�¨�©+��ô�À�Á"Ý�Â��ô ù�ú é�Ã$Ä$Åcö1Å+�'ø�ÿ$�+��ô�ë�ì�Ó~í�ìcî�ï�Ô�ð'ì�Ô�Ý O3×�\�]�èeÆ�ò.ô�×$H�à1Ç$È�èeÉ$Ê�÷'�è"é'ê1Ë$Ì+��è$gcü%ã�Í$Ì+��è�5"ê1´$µ #�Î u�ô-O�é�Ø�Ù'Ú�ÛHÕjÜQ�S�è�Ï�â6�$��Ô�î�à)Ð$À ü~ê1¾¿�è�û�÷-�)¨�©$��ô�Ñ�Ò$à�À�¦�÷��3ñ�ò�Ý�xcõ�ö�÷'ø

10.2. �� 'ÓÓÓÕÔÔÔ×ÖÖÖ6ØØ ØÚÙÙ Ùë�ì�Ó~í'ìcî�ï~Ô�ð'ì~Ô�Ð$Û�Ý�´$µ #+Î u�V$u�è@Ü'K~ã�Ý$Þcê�û$�'n)ocê1¦�Ì+��è�Õ�Ô�î)n1o'��óé�Æ�ò�ô��ó�ó�ôdõ~ö�÷cø1ß�ÿ�ô�ë�ì�Ó~í�ìcî�ï�Ô�ð'ì�Ô�Ð$Û.é�à+á�×�Q$S.×�^$S'à1_$`�a�è�b�äecd-��ó3Ý�.�=��@��â .�ô�b�êC¾�¿'à)â�ã�÷-��ó%Ý�.6=�ö3÷'øØ�Ù'Ú�Û%ÕjÜN$��Ö�× ä6å�H'Z3é'êCQ�Sçæè�$S

(ë�ì�T/��?�A�îKô OéG�ê�.�=~ô�ä@ë�u$à)ì$¼dü=å � ~

?�Ô�í+î�è"é�ï'��õ/��ó)Ý�ð�ñ�÷'�1H'O�]òH�é ù�ú .�é�ô'b�ê1óoü1ô/Q�Sçæõ�$S.Ý.äei�ð�ñ�÷-�

H�Ý ù�ú .�÷cø"ö÷i�×'Ó~Ô�Õ�Ö�Ý�ørb�ù$ú$à�á�â # ÷�ä�ó�é��-�~ô�ä . b)��n"ä�ø1û$üfó.Ûeh/��Ô�Ýý$þ èeÿ'�6Z�o�å�ô Z"ê6O�o+v O�Ø�Ù'Ú�ÛHÕjÜ�� ü%å�Ó~Ô�Õ�Ö # ?�A�îCBe��*e.�x6K~ã'5��+H�Ý�QS ü%ådõ¢�$S��$à�ü�ö�÷'ø1´�µ�9� ��~~×��+��ô�> � H Z�ê

2002 � è�� .�ë.ì�T/��?�Aî�(+*�Ø�Ô�è"ô$� Z)H�×�� Scà)ï-�$n)Å'\�]�ó�üHå�;+� îDNS

?e��Ö��$��.×�ù�úcö1.�ê1_��.×Ø.Ù$Ú'Û�Õ Ü[Q�S æ �$Sió��+ø�W�è�±�÷'� �!�"�#�0$2�è�i�ä"ã�éhttp://www.securityfocus.com/

èx+�e9$ �%��ëfî

Security Focusà�& '�è�ô�o�( ý�þ .oü$)e] 1 ø

Ó~Ô�Õ�Ö�Q$S�×�½$«�*$Wcà +�,�÷'��ó~ä'].-0/6=�ô�10/�à�ó��ó).�ê~Ø�Ù�Ú�Û%Õ ÜN$��Ö�Ý�«�¬$WÝ6x6��x�Z)y�� Scà1_$`+a�èec$d'� ��2�1�3cà54�6+.�=$�$\�]�è"ôiõ~ö�÷$ø 7$8 ¤�,ió9��2�1�3cà: ��ç�J�Å.ã�ê1��Ö�é�Ç�;�è=<�Þ�è/½�»�ô �� è�ûdü�ã"û��÷��.ó%Ý�.6=�ö3÷$øë�ì�Ó�í�ì$î�ï�Ô�ð�ì�Ô�Ð�Û.é

4i.× >�?.è�@.â+��óHÝ�.�="ö�÷'ø

•ë�ì�Ó�í�ì$î�à+b�ä/c�d-��ê�_�`$a.è=A��å�d�×"ý�þ.ô�û��

•ë�ì�Ó�í�ì$îK×�²�³

1. http://www.gcn.com/21_32/web/20404-1.html

86 B B B 10 B B B . C C C�D DD�EEE FFF�DD D0GGG�H HH III�JJJ�DD DKII I

• L M�N�O�PKQ�R SUT%V=N�I�W�X�Y• Z�[\�]�^D�_ `�aW$C$D�EKF0DbGdc�eC�D�E%FbDfG H%I�JbD%I�g�h�i�j$k�\�R�lm�\Unpofq r�s0t�u�v�wfxKy�z${$|U}%~5wf� ��$��x�� {�\��S�ifq ��fP u��q ��bP5��w�x��5{b�%��i$��z$k�wb�� l�t��b}=q�CD$E�FfD�G�H IJfD�I�u$v�t��R�x�If��N�� U¡P=¢£�� q%u�¤0t�E�I¥¦�§¨�{�©ª��5S¤t�q0T�V%N�I�{�«�¬��®0t�\b¯%S�°�±$W�²�³´��µb¶ ·fxK¸�¹fPKº�»$¼$t�½f¶�x ¾�¿bP ÀÁ}5|�Âbx��{�Ã�®k�w��C$D�E=F0D�GKH I�J0D=I�Ä�Å�t�g Æ�ÇW��È9\�ÉfÊ�W�y�z�Ë�Ì�{|�} ~5w��

• Í�Î W ÏÐ�I�Ñ�NÒG9t$��x=]�N�¦ ( Ó�D��Ô N�ÕK��HKI�J�D I�]�N�¦ )

• Ö�×��\�Ø�ÙÚfnpÛ�Ü�¡Kl�Ý�Þ�¡5l�S ��ß• à�ÍÚ�n5W�á�â��\�ãJ�N�G• ä�å�æ�ç�èW�ãJ�N�G• é�ê�P5v\0¯=S�u�¤$t%u�v�Ã�®\ ��ë�ì�D•��í IÒGKH=N0O�q5î�ï�E=I�¥�¦0qKð�ñ ò óbñpë�ã�N0ô I�\bõ5W ö�å��\UT=V=N�I

10.2.1. ÷ ÷ ÷0øøø�ùùù�úúú�ûû û�üüü�ýýý0þþþ�ÿÿÿ��´øøø��ûûû�� (Computer Emergency Response Team= CERT)Ó�D��Ô%NbÕ ��fH%I�JbD%I�]�N�¦ (CERT (The Computer Emergency Response Team)) �Kgbq�Ó�D��Ô%NbÕ�t��$��\ ��${ �f�%S�¤�t�r�s�t��wfx��ï${ ��¯%S�Í�Î�W�ÏÐ�I�Ñ�NÁG.k��f¡Klfx� `�N�ë�W0�$��k�w�� CERT W��U�5\�xKZ � ��P��R$xKW�g��k�g�\�� Ú ��.lb~"!�#0�KZ�[\%$& WbÓ�D('�ëÁG.gbq�)�*$��\ +-, .�/fP�0�¶�q�1 2�°�1�3��Ã�®$\fõKW54$O%I�¥76 ñ%ò%I�\�è�8${z�9´��±�:��bq ��${�©�ª��S�¤�t�g%;�$$��\ ��<g =�>�� tf�9� ?�@bP�A�Bkb��x"$ &k�wb�K��U�5g�y�o�î CÒ�9\�� t(�0��xD��W�k�w��%�(��k��E��}�È%x��k$|b}=q CERT WMbD=ðN F-G�gbq��H$�I��a$W��${%9�i´n9lfx�J�KfP £D#�k�L0� Q0Rx�M�N�O�{�y�z´�¡Klb~Kw��P�Q ��t CERT ]�N�¦�t�gbE%I�¥�¦�ä�å��´� _bñ�G�R N�ò=ä�å��$W�S0t(<�c-'�ÐbÔ�T�¥T6U+-,�VW�YX~ lf~ wf��E%I�¥�¦�ä�å��$g�F�NbÕ%W�ðÒñ=ò�ófñpëbq[Z�¬�Ã�®\�ðÒñ=ò�ófñ9ë�\NÒ��]5^ ó�q�_ W S\´õ�E I$¥�¦�T V NIW�.-/Ò�`+5,�)-*UP[aDbÁ��~=wU��_�ñ0G"R�Nbò�äåD��gb_fñ�G"R�Nbò�ë�4ÒGÓ%N�`$W .�/´� _bñ�G`R N0ò[c�dfP�e$��t(f�`$NÒG wfxK®-gbP"a�b��%~ wf�"<�c-'�ÐbÔ0T9¥h6U+D, Vg�'�ÐbÔ0T�¥h6ji kfP�l�m$��tn�ofqfG H=N�I´�=q%p��$t�§�¨Ò��SbE=I�¥�¦�W ��=�Û�Ürqs8�tfPKv$\È9Wt(u�t(v�O~Kw��w ��k�\fÊ5� �� k�w{�q CERT t�g ��í $DG�{�y�zk�w��"�f�5\�xKÏ�TKó {?�@�t0�%¯=��x�8�k|�l$mbq%kb��x%¼Ò}=ò 4�IÁG H%N-y�D � PKu��wbx y�z{�|U}=~ wf�-�$� � q(zU�}9W�I0Õ0ñ{��ÚF�NbÕ%W |�F�}�3�~�F�}0t��wfx ��fP�.�nK\�Ú�¯%S�°�±fq�_ W $${��$W��0t�g ?�@�F�¾${��-g�5\�x��$�=t(� �Ò�9�fÊ`��¡ ��

10.2.2. � � ��5�� C�D�E%FbDfG H%I�JbD%I�W��z$\ ��´�$�9��µ��w��f��{�Ö�×-� �k�wf�['�ÐbÔ�T�¥h6 ëbì�D=g�Ö×-� �$W�IbÕ0ñ{�~%S�g ��±fÓ�D ã�`fÕ�D�G.\Uõ��0t%��©�w�x��f�=k´��È��_=l��lW ?�@{I�ÍD��KW |�F��ß��fP�N��$WU�[p%�0t�q"��?�@�g�Ö$��\ ��ÚUn%C$D�E%F0DfG P`¡�¢�È��ÍD�I�KW��£}fP�N��f�%k�wf��¤��W��¥fq�¦fq(§�W ¨�© ��ª$g0�%W�«$C´�.W�¬-bP"0f¶�~5w${bq"��=�Û�Ürq8�t$W�u��$W�S�iW�j�Ö�q"®\fÊ�� [_ W P èg�qKÖ�×D� �W�Ó�DKã�`�Õ�DbG9t��¯=� ( |�x ��g�Ö�×� �$WbÓ�D ã�`fÕ�DfG=�Y��t ) ¨��¡Klbx5�5W�{$|f} ~ wW�k0q�� k�¯�l��0��~Kw��"��±�Ó�DKã�`Õ�DfG.g °�¹rq²±�¹ ; òì�C�ó�DfG.W ;�$$��\ ³�´fq�~�µ�æ$W ³�´fq á�â�³�´$W�¶�·$W ¸-¹ ; º-» 3�¼v$\Uõ-½�ñ�E ¾ D�òbT�¥h6j¿�`$\ À�Á0t��$R�x ã�Nbô%I�W�X�Y�W��z�}$\Uõ5W�Ö�×��\ Â�ÃfP�)�*$IÕ�ñ[{ t(Ä�e�wbx��$�5{�k��~5wb�

Å Å Å10Å Å Å

. Æ Æ ÆDÇÇÇ ÈÈÈ�ÉÉ É5Ç ÇÇ�ÊÊÊ`ËËË�ÌÌÌ ÍÍ Í5Ç ÇÇ"Ì ÌÌ 87

10.3. ÎÎ ÎÐÏÏ ÏÒÑÑ ÑÔÓÓ ÓÕÏÏ Ï×ÖÖÖ�ØØ ØÔÙÙ ÙÒÚÚ ÚÕÏÏ ÏÔÙÙÙ ÛÛÛ7ÜÜÜÞÝÝÝ5ßß ßÒàà àÒáá áãââ âä�å-æÔç Ç�è�é�ê7ë�ìIí�î�ï�ð-ñ ò�ó î�ô�ë�õ ö ÷-ø�ù�ú�û-ü�ý�þWÿ`ù��ö ÷-ø�ù æÔç Ç[ñ úû�� -ì��Ôî��-ñ�� -ñ�!Ôî�"$#�%-ù�&�'�($)Iÿ�*$+5Ç�,Æ�-�ü�.�/��01�2 ÿ"ù30�4�5�6-ü879��:�; è ä ù=< >5ÿ�ü�"�4$?�ù@��A� æÔç Ç(ü ú�!8ú$B�C�D$Eû ä ��0�F��G-ü�HI8J<LK87 ��MÔî�N�O P��Yñ�780��$Q-õ�ñ�R-ü ä�å-æÔç Ç(ñ ú�û$Sï7ëõ$T�íVU$W�è�X3Y[õ�ú�û$�0�Q3Z�K[�A��$�\�]�$�Dü�^�_A�� CERT ü�`�aDù[&$'8�7%ì80�b�c�îLdAe�f0�Ë�Ì�Í5Ç[Ì$� g=hLK��ji$k�-$��îl3m Êon[kpjO�q è�r3s� ë�õÔî�t�u7ë�ì�È(Ì�v�-Ôè�wx�zy7ë(îj{ m iÔè�|[õ�õ�T�í�î�>��}�~� �� ù��ùIí"ù8I8J<�`�a ��O�q��0[ù9�"ñ[�� è��0�>-ÿ"ü�KZ��A��(ì�î�i�k$-��$R è� �7ë�ô�ñ ä�å è��0�>5ÿ��K3Z��A��8�T��ú�B�CDñ@� �jk�ÌÔè��>Dÿ"ù9�V�� è��A0�ì��-î��R�è��k Í m Ê — ��ï�j�DÉ$k,�èo�$�ÒëYõ�I�0�È[Ì$v$-��[ì$� lm ÊLn k�p�ñ$�� Ç�Ê — A��*�ÆDË�p Ê¡�A0�>-ÿ[��e�K�Z$�L�3�Æ5Ç�È(ÉÔÇ ÊL &��0�&�'��4�5-ù�¢��z£$¤�¥�¦��0�>-ÿ��ý�þWÿ"ù@��A� æ8§ ��Ì�ñ�ú ä î l3mÊon[kpjO�q î�s8¨(Æ © î(É«ª"Ë$pIÊ��î%ô�ñ�¬83��I$�I�%ù3>5ÿ%è��®�©�,�Æ -�K ö�÷-ø8 ��¯��0�ý�þ-ü879��°�±��0(ì��ú�B�C�� k Ì�ñ�Ì$² m�æ È�³ m Ê�è5ÿ[0(ñ��["�´-ù�µ�k3¶[Ì�·æ�§ ��Ì�è��$��A0[ñ��¸8�¹�º��o�3� CERT

Ç�»$k ÿz¼�½%ñ ¾�¿ Ì�{�k7ÊÀ�5È[Ì�v$-�½%ñ�Á$Â�ùA�è��0�0�Ã�þ-ù�R�Ä�K��È(Ì�v�-�Å�Æ�Ç�� top �(ì$� ps ñ�ú ä �-î�È É��Q�Z æ�§ ��ÌIÿjÈ É��Q�Z�K��ù8I æ8§ ��Ì�è`ð�%�Ê8��A� lm Êon kp�Å$Æ�Ç�� snort �[ì�� tcpdump ñ%ú ä �5î�Ë�Âù l3m Êon[kpjÌ�W-ñ�Í��-ü9��<�780�Q�ZjTÔè�Î$ÏÒë ��i$k�- Çj»�k$�9ÐL¼�ñÔÈ(Ì$v�-Ôè�Æ�Ñë(îoÒ$Ó$Ô$Õ�j"�Ö��Dù�×$T�ü[Ø�Ù9�[J8�ÛÚ��Á�Â�è��ð�K�Z�ù�Êj��M ù@��Ü�Ý�

10.4. ÎÎ ÎÐÏÏ ÏÒÑÑ ÑÔÓÓ ÓÕÏÏ Ï×ÖÖÖ�ÝÝ Ý�ÞÞÞ�ßß ßÒáááãâââà Ç�á�â�k3,��-ñ�ã ¯ ��ä$É�b-ñ�å ¯ æ-õ�I8��A��ç��Dü�è�é�è�¦��î�"�´�ù�ê-ü$T��(è�ë�Zì �Iîjí�îÒÿoí��5ñ@ïoðIè�ÿ��[�j�� à Ç�á�â�k�,�t�u5ñ�Ñ�ñ��$ò�ó-ü$�� Të`ì�(8ô�K@�L��õ ( ò�óõ ) K��oK�Z$��A�"�Ë®�p ��Ì3��-ìÔÈ(Ì�v�-8�780�È(Ì�v$- §�� s8¨(Æ�©��W$ö7ë�ù�I ÷-ü�H�ø�K[�-üÔî�Ñ�ñ�¸�¹��¬-ñ3s8ù�Ë�Ç�ú m pjû�k�v«ª[�Lv«ªjü87��3��>��í�ü�k�©-ñ9ï`ø�·�ý$5��3��þ��jK��-ü�î�òÿ ø8 É«ªV®�ñ3¶ m Ê�Æ k3ú à á�kÔè"é�ê îÆ�� Ç�Êÿ æ�§ ��Ì�è�P��$ÙÊ�õ�î�� Ë��©-ñs8¨Æ�©ÔÈ[Ì$v$-�£�¤�è��îL4$5�ù�¢=��ìs�¨[Æ�©�è� ��Wëj�o�3��[ì�î�}�Dñ��ñJ�<�-î script à�� Ç��"è��$öÒëYõ�t�uÒëEì�È�Ì$v$-�j&ÒëYõ�ú ä ëYì�ã ¯�å é�è�$Q�õ��$ðÒëYõ��`ñ��I�d3e�K[�A�script -q � file-name �� file-name � ��î script §8� ö�ñAs�¨Æ[©! Ièj��5õ=��"3��I�� §8� s¨Æ[©��ý$#�¬-ñ É«ªV®��%'&7ëî�t�uÒëYì�È[Ì�v�-�ñ��k(�� ç Æ')$[�*%&ÒëYù�I�J<��ë��3� — >�� è ä ù@<b$cÔî�+��s §3m ájk�É ª Ì�p�,�� CD-ROM ü�I$I[K�ë.-�<��å é-ñ��Q-õÔè��ð��0�>5ÿ�8J�Y(õÔî �$¯ ñ�/��-ü é�ê��î�ò�ó$Ç-ü�0A��Y(ì[b�c�¸ ¹�º8��A�

10.4.1. 1 1 132225444�666877 7!999.:::.;;;8<<<3== =*>>>3???3@@@(777 É«ªV®�ñ3¶ m Ê�Æ k3ú à á�k�ñ é�ê��A�w-ù*B'C-ñ�Ì�v mYæ K��A�(É�k,�s8ùË�Ç�ú m p[éD èëYõ�I�0�b$c� ��ý�þEFIÿ`ù@�j��3� à ájk$� 2 ��é�ê��A0$>-ÿ%è��$�$�Òëj��A�(G ��Ñ$ñ�ÿVã¯ ö8-î 2 �9ïo��HDø�ù[ê$qAZ I��Ê�0oè�éJ�K�ÿ�ëYõ�%�&Òë õ��Z��o�A�Red Hat Enterprise Linux ñ coreutils { mIL k�úñ�ò$MIî dd à�� ÇN�[è��=Yõ�îjã ¯ ñ�è�éWÿ5ëõÔî�780�I��W'O�K3Z�0�Æ k3ú5ÿ"ñ�°�±Dñ�ì��85î�"$Ë®�p��Ì3��-ìÔÈ[Ì�v�- ñ'PRQ��È m p Æ k3ú�è�é�ê7ë ��Æ k3ú�ë�ì8I5È(Ì$v�-�T�í"ñ�S�ò��k(�'� ç Æ')�ü�7805ÿUT��7ë��%ô�ñ� ç Æ')5è(ÌÔË�k.)Ôÿ-ëYõÔÈ�Ì�v$-��VW7ë(î�ôj��TIí dd è��öÒë�õ�}��-ñJ<Yù-Æ k3ú�s8¨[Æ�©è"é êÒë�� :

88 X X X 10 X X X . Y Y Y'Z ZZ�[[[�\\\]ZZ Z3^^^�_ __�```�aaa]ZZ Z�`` `

dd if=/dev/hdd bs=1k conv=noerror,sync of=/home/evidence/image1

b'ced'f Zhg�i]jRk 1k lRmhn'op8Y.qer�sht'u image1 v'whx�yRz c]{R|h}�~ Y$�(r��R��$��(�conv=noerror,sync �3�8[e��Z�i$�R��w�g��$Y]l.��]�3�No]��$�]�e��Rue� dd �]\]��'r��!��!�R��.ZI�8�U 3¡.¢'£3x��¤'¥e�� R� b �$¦��'�e��§.Y*¨'�R© }.~ Y��r�ª«!¦R¬¢'£x��8®��§]��¯$°3��§ }$~ Y�� c'±�² r�³e�Uu�.¢ b v��¦]¬�¢�£]x��*´®��!�µ§ �

10.4.2. ¶ ¶ ¶3···3¸¸¸�¹¹¹.ºº º]»»»(¼¼¼�½½½3¾¾¾3¿¿ ¿eÀÀÀ\R©'�� }.Á _'Z'©3nIo]vIÂ c�Ã'Ä ��Å � ¢IÆ'� f i�Ç]��È8É*��Â c!Ê ��´��ËNv�ÌNÍ��!Î��'ÏÆ3oÐ]Ñ*Ò�Ó ¦R� |'Ô!Õ ��i�Ö'×!¦R¬'��Ø!Ì � ��Ù8��Y.Z[I\RZ�^�_IàRZI`3� Ã'Ä � ²]Ú NÍ�i�Û'Ü'Æ'� f v�e®I� �� Ö'Ý!�Þ'ß8v�à'á�r�×3w��'âR��ãä'å c _I`'a3ZI`�æ ²]Ú r�Ç'ç � ¢I§�è c�éê c�ë �'Æ�ì*í�Æ�ì��î�tI§ Red Hat Enterprise Linux i bIc ê c�Ã'Ä r�ï!8x�§�è c�ð'ñ '�R�3nÛò*�ó�v�8®�� ô

10-1 ¦'i }.~ Y�� c�õ «´vµö÷�× c�é ê c3dIf Z�g�r�ø!ù´�Uu!w!� �� §R� }!~ YI�8v }!~ YI�c�ú�û( Î'oI�`�ü´v�Î$oI�`´�U§�ýµþ$�Í ) r�ÿe�*Éµ��.¡!¢�§�è]�Is�×$¦3¬�¢��Rr]íUè^µÎ�n �´�u.w.� � c ¦R� Ã'Ä!c §�è��I��'æ3ÎY�Æ'ó]r �� ¢ b v��'¦3¬'� �� b �� Ê ��!iR��ã'î� Þ�[I`'Æ'óR� }.~ Y'Î�� Á ��¤��'p$��I`]��Â c�� 'Ï��3í�Æhì��´v��!��!��Ø�¢.v��! �"��#�$!�&% b ®�xI¢!'ä�r�(�) � ¢ c � *�+-,'� �R�

.. .�///021436527�8&96:�;=<�>!?&@BA4CDEC�F�GE;

man H 32I=JLK�M�NO:�PRQ&SB9!T

d d d�fff Z Z ZRgg g U U U�V VV � � �� dd

}!~ Y��´v�W'�Æ(ì�[��Z c �.n!^Y*¨�]© d�X � ( ��§i disk dump) r�� md5sums �!£¢�Y]Y*¨�3© c� «´vB�$��$��Ø'u3��ö÷�Z$i]��pó��[ � ¢�Ù�Í'xµÙ3��ã�äz cW'�Æ(ì�[��Z��§i }!~ YI� c Y¨�3©$v*�[�`Æ�ó�ãäå c Â��r\�]� ¢ b v��¦]¬� ��

dd if=/bin/ls of=ls.dd|md5sum ls.dd >ls-sum.txt

grep *]�&+�^�_�`�a ( ÆÏè^ ) b�c�r }!~YI�æ'\hì�_�o�^�í!d*¦ ��e�� ¢!vf �!��Î$oI�`�üR��`]o3í �(^ c�gh � }$~ YI� c�ú�û �*Â c� r�ùi�Ù!�� ls � ps � ifconfig Í c3d�f Z�g�Ùi�=W.Y*�3��¢ d�fZ�gIv'�µu3£!Éµs'�� 3�

ps auxw |grep /bin

strings}!~ YI�-d c ô�j�k V$Ï Ñ ��o�c aRr ô�j�� $ù�!Î´g�_�`�lcmail

d�f Z�g��§�i�m�n�o c mqp}!~ Y��l c�r�s �Í c�t�u ��Å´�u�Çï k V }!~ Y��r õ « � ¢ c �m u �2v�w'¦ ��

strings /bin/ps |grep’mail’

x x x10x x x

. y y yqzzz�{{{ || |�z zz�}}}�~~~ �� z zz!� �� 89

� � � �� z z z�� file ��z �2� �� ( �2�q� ) �&z�� y�� &��q�2y&��&y�� ( ��y� �&� �� }!�¡�¢�£¥¤�¦&§�¨-©ª �«� y&�q¢�¬��®!¯�°¥± ²

��³ /bin/ls íµ�¢�¶�·�¸��q�2y�q¹�º�»�´ � y�� &®!¼�½¥± ª�¾¿�À � ª © �2Á µ�Â Á ®!¯�°�� ¢¦&Ã�Ä�Å��³�Æ!��Ç��!¶�·�¸��«�y&�q¹�È�É-� �!Ê ��Ëq� ¦�Ì�Í ª yz2� } � � À �qÎ�Ï�¢iÐ=Ñ�Ò!Ó�Ô«Õ� ª © � Ð2©�Â=Ö�Õ Á ´q×ÅØ±«ÙÂ&³

file /bin/ls

find ¬�°��q�2y&��®2| Ú�~��i}&�=Å�ÛÜ ³2� ��Ý� �!�Þq�&ß��¢iàBáØÐâ�ã �Þq�&ß��ä��¡�¢�£�Å�| Ú�~�i}��4å�æ�®!Û Ü � � ¢«¦ Ã�Ä�´ç � ��³!è�é�êq¹�¬�°q¢�|¥Ú�~��i}�&²2Î�Ç��«�2y&��¢�ë�ì�{!��í�îï ®!·�´ØÂ=¢«¦�ÏBð�ñ�ò�³

find -atime +12 -name *log*-perm u+rw

stat ó�ô-¦�Þq�&ß�� À �qÎ â�õ ��Þ��&ß��ä�� UID Ð GID ö-÷«}4¢�ø�°��¡¢�£q´�µ��«�2y2�-¦�ù�� À ²�ú²2´�û�ü�®!ý�þ¥±2²!��³!ÿ�� À �qÎ{2��í�¢�¶�·�¸��«�2y �q¹�ó�ô¦&¼�½ À �qÎ Á ¾ ¿ ¹��Ô�Õ=��Î âã ®��-÷2� � � ¢«¦&Ã�Ä�Å��³

stat /bin/netstat

md5sum md5 � ÷&{�Þ2��-�� í-®!¼�½ ±ª128 ö-÷«}4¢��-÷2��qí-®��«³�2� z��!®!¼�Í ª �2ß��«�=� Ú�� Å�Ì�� ¾ ¿� ±��Ç�Ñ�Ó À � �� ´�¶�·�¸��«� y&��®!�� ª �=�}=Þ�÷B�� }!�«�!y&��®� ! � � ³�¡�¢��qí-®��«�2y �" ��#y«~��}�± ª ��÷2��qí�¢�$�%q´| � �'& � ��®� ! ± ª Á Õ��¡�¢�«�2y2��® CD-ROM íµ�¢�(*)�+-,. ½�/�| ÚBÞ�¦ ��02� ±&²��³

md5sum /usr/bin/gdm>>md5sum.txt

ý ý ý 10-1. � � �q�� yyy2�� î îî ï ï ï ç ç ç � � � � � �

10.5. 11 1�22 2433 3655 5677 79888;:: :=<< <>11 1?? ?A@@@B111y�z�{&|�zi} ~&��z&��¹�C�·�D«� CERT � � í�Ç�| � ��Ð�{&��í�¢�EGF�¦IHKJ�±�´�¹�ÕML ï ®!·´ Â'N � ¹��O,²&��³�PKQ-´q¹ØÕ��2ÿK�SRUT��¦�V�W�¢�E�FK �X-Ç�òØÒ-Ï ¢qÅ��Ø³&� ÷��ÞØ÷��®Ð�Í ÎO,2��Y�� y«z�¦�±6ÎO,Ð��Æ2¢ â ¦�ÇGZ[�{2��í�¹�\ ¾ ð�¦2ñ�]�²!��³{&��í�®�EGF�� ¦�Ç��^*_*� � � � �2| � � � & � �� ¡�¢�£�¶*`*a �Gb � ��´�µ��~��-z2�� í�ÇK#c«z-±6Î�{ ��í�d«Þ�Ø�'e � {�f�z�®�Y-z � yqz¦Ig À ´�h&��í,!²�j*k-³l �*� � �� y��«� hot-spare � � � � ��²&Î�Ç�mGnq¢�Ï�¢�íµ��¶à�½��Ø÷2��Þ�÷=�� cK�Þ�®�©ò«Å�Ï�¼�½«Å�Ò ��o*p ¦i± ª*q ��Æ«Ð�®�rA� q ��*s ±&² �i³�t*ui{2��í�´�Õ�¶`*a�½�b��}Mc��Þ�¹��*� ª�v � � À ��Ow&¦¼ ÂÆ«Ð!¹�Å-Ò � Ì-Â ¦�´�Í ª © � Ç�xqÅ��i³y�z&� � }E� � N

90 y y y 10 y y y . z z z*{ {{�|||�}}}�{{ {�~~~M� ��{{ {�� K��I�*��*�K� }*�4��*�K��K}*�4� �*�*�A��I�*�I��*� |��*�*� �4��6�� ~' G��¡¢A£ �*¤�¥-�M¦*§A¨M©9ªI��«9��¬*K��®*¯6��°6� ¡�± ��² |I��*� ��4� ~M ��¡ ��³*´�µ�¶4·�¦�¸¹�º�» ��°O� ¡�± ��² |�� ¼�½�¾*µG¶�·�¦i��¿�¸*¿�«4�|�� iÀ�Á�°OÀ��ÂÃ*¶²KÄ�Å � ¢9Æ �ÈÇ�¿'É�Ê��Ë9¨M� º» � 2 Ì ��ÍÎ�Ï��K�9��¿'«��Ð�6�¸�Ñ�Ò �I�*�ÔÓ�{Õ�|I�*�*�4Ö ¬*-� ¹�× |I�*�� µGØ z�{I�-~È��Ù �G��Ú�¸�¦�«�©K¦*� ± ²OÀ�Û �|9Ü�{�Ý�}*�4�*Ö�Þ*ß �G¿�«9�*¿ ¹ �4��àá Ö�â�ã ¦�¸K��ä�å�æ�µ�çO�Mè Öé ¦*¦ ¢A£ ��¬*-��¦�¸¹ |��Ö�ê�ëì µIí6��¿�«4�

10.5.1. î î îïïï�ððð�ñññOòò ò�óóóOôôô�õõõïïï÷öö ö�øøø�ùùù�úúú-ûûûOS��üýØ zK{��-~þ��Ù � êÿ�Ö'ÿ ¶i� Ý �'¬�6� ¹ |�� ¢9£ ~ Ä z�� °i� ¡�� ± ��½��I²�Ä�Å � ¶��«*©K¦ Ö ³��*«9�*� Ý µ�¶6��¿�«9�¿ ¹ ��Ø z�{�� ~È��Ù ��«�©K¦*��*½��K��GÊ�� }K�� ( �� 4ª*�I°6� ¡�± �M²�� *� ¢O£ Þ*ß � ¹�º*» )

¢A£ ³��Ç9¿�«9� |I�*�*� ��ü*ýÀMÁ°6ÀM��¶��4� |I�*�*�4Ö �� ¢A£ Ø��*«4�I��µ�� Ö �«9�*� Ý ��«�� ¢ �� 9� ~°6� ¡�± �M² |I�*�*� ��!�"�#K��GÇ�$��*�*� }*��*Ö�%K{ ²�«��'& ã ��«K�� |I��*� � %�({�Gz�� )�*�µ'+�,��Ç�¿�«4�

10.5.2. î î îïïï�ððð�ñññ�---�...0/// 111Aòòò3222�444Oûûû¬*-� ¹ |I�*�*� µ�ç6�Mè Ö*é ¦4�I�*�4� ¢ ¶6�65�7*�K�� ¹�8 �9�:�µ ;½-�M¶�� £ ÿ ¶4·I¦9¨�&��¸��Ø z�{I� ~È��Ù É�< |I�*�*� µ�ç6��è Ö*é ¦4�*� Ý µ =6�?>�@��4� ~ Ä z�� IÅ�A�B�À �ÔÓ� ��Ù ��IÊ��Ç ¹ }*�4� ¶��4�C�D |I��*� ¢�£ ³��ÇK¦K¸�� ¢ �K� ¢�E D*«9�� Ý ��«9�F Ý Ê��'� rootkits( ¡�G ��Á � � |�� µ Ù��-~�±�¡ Å ��H�Ö?I � ¹�8 µKJ�!�«4��²*Ä Õ�G�� ¿ ¹ �ç6��Û ��L )� ~ Ä zK|��MKN�{�� |�O�Ù�P�Q ¶��'��)�R�S*¶�T�U ¢A£ ��½��K�K�V�W ÖKX «Y��µ Z�[��ÇK¦�¸�¿�«9��ç6�Mè Ö*é ¦4��\�] Ö�Ý · ¹�º*» � �� ª*��° z�^ À �*� Ö J�!-��¦A¨&3�G¸

( _ � N�(K{�~ ��Ç ¹�` ��a-�cb�! CD-ROM)�

10.6. dd dfee ehgg g�ii i0ee ekjjjmll l�nn nhoo ohpp prqqqz4{�|�}A{6~G��A{�� [ms��t 8mu �'� z�{�|�}i{i~ ��vmw��K«i��Å�AxB�À � Ó è �� i��y� ��K�9{�� ziª ¹ �m� ¢i£{�| Ö�Ý ·G¦�§�ªK�K}�\�~ � � ��~ � ��¿ ¹ � NÙ è�� {�% �� ~�(mO± äKå*æ �K��Ù � http://cve.mitre.org/

µ��Common Vulnerabilities and Exposures site

(CVE)¶��~��µG«*©K¦*��>�@ Ö v�w-�G¿�«9��K��!*«9��]�� M*{�Ù9�*{9~ � ��z ²�µY4�I��K��*� Ý ��Ç9� ¢AÆ � Ç9¿�ÉKÊ4�'¬*��µ �6�M¦�yIÇK�� Ý ��Ç9��K��*¶A¨�¦ Æ ��K� ¡�G �MÁ � ��m� �9� |I�*�� \�] Ö� ��*��¬* Ö'�� µV ¢ « Ý�� Kµ')��«4�

V. ¢¡¡¡

£�£'¤�¥�¦§�¨�©�ª�«�¬��®'¯�°�±'²�³�´3µ§�¶¸·?¹hºK¦»�¼m½�¾�¿kÀ6°�µ�Á�Â�Ã�ÄÅ¸Æ�Ç�È�É�Ê�ËÌ ¾�Í�Î?Ï�Ð�µÑ�Ò¸·?Ó�Í�ÔÃ�Õ�Ô'¹�¦ÅxÆ�Ö�ÎØ×�Ù�Ú�Û�ÄÜÝÀ6Þ'²�ß3à Ûmá�â�ã¸·?¹�äkÀå6æ�ç¸Æè�é ·�Ó�Í�Ô�Ã�Õ�ê�ëmìKê�Ú�Û�Ä�í�î�ï3µ�ð�ñ�Ã�Ä¹�ò�á'ó�ô�©�ª�õ�öØÃ�ÄK÷�ø�·�Ó ùmáKú�û�Ô�Ã�Õ

ü ü ü�ý ýýA. þ þ þ ¯ ¯ ¯¸ÿÿÿ��møøø��ììì�ååå�� ¯¯¯�êêê'¾¾ ¾�� ............................................................................................. 93B. Ö Ö Ö�Î ÎÎ� �ÄÄÄ�� êêê��²²²�øø ø�� ......................................................................................................... 99C. Ç Ç Ç�ÈÈ È�É ÉÉ�Ê ÊÊ�äää�¯¯¯håå å ............................................................................................................................ 103

� �A.

� � �� "!! !$###&%% %(''' )))�** *"��,++ +.---"// /1000

2�354�6�798;:=<�>�?�@�ACB�DFE�G�HI>�J�KML=NIO�85L=NPORQSK=T�?VU�W�XZY�[=8]\5^`_acb�dPef GRgih�j�k�KilM?Vm�nI89B�G5o�jMpI_R8]qirMs5tvuCw�?VxMb;YVyÈ{zi|�}�8i~Sj]�i�i�;�I8��Yid5e��ixMbiYV�M?R�i�iX9Yid5e�x�X9�Red Hat Enterprise Linux

qirMsItvuCw{�5H��j��i��^Z��}fRed Hat Enterprise Linux

ji��Z?�n��XZY��Z?V�5m�Bv�P�M��d5e�^�jix9G��K��v�P�S�]�i�i }iÎLMN5O�Q]KIT�jiqirMsItvuCw8S¡�X9Y�¢i� f dVj��{rMsV£I>9O�jS¤�¥M?�¦9§V�ZB�¨S��¨RX9��Di©B�GidVj�ª�x f G��K��v�5�S�Mev�i �}i^PLMN5OQ]KITS8�«F¬DiqirIsItvu�w®i¯ij�ni°P8�±I�]��²³�^�í�9?Rµi¶FB�¨RX9�R·i¸iXia9bR¹i�Pºi8 f G�»i>i¼;sVKiu�w�>;½Vj�k�K;lZevU�Wi¾I8V�i��e]¿RÀYRÁiÂ�^ZoS?RÃi��}iîqirMsItvuCw®i¯I8Io�jMp5_R8��M��;^Zo��ÄZEV¨�X9�idP_iBvD�ºP?Å;ÆixSÇ;ÈP8V�imcB��bS¨�XM�•»i>i¼isVKiuCw�>;½Pe f GR³I8]ÉiÊPTZO�NvËIÌiÍ9O�5�]�5?�2i\�Bv��5YSQ]KPT�Ê;uiKP<9Î�>V©�Ïx f ÄZEV¨R��ÐM�RÑiÒ�j�gihi�;ÓiÔ f�Õ�Ö Î»i>i¼;sVK;uCw�>;½R×IQ�K��;ØI��Ù;Ú;ÛiÜ58�Ý=§RÞ=Yß KMàVÊM?Ráiâ��iãÈVGidRÀI8 f £�H5>�Íiä�KiåMG;»i>;¼is�KMJST�æ�ÊMJ��I�]Ë�tRç]KP<9Î�>;TiæÊMJiGRè�éi^PQ]KIT�ÊiuiKM<9Î�>iG�ê�ë]ìií�^Zo��Sî9¨�À9¨�X9�5Bv�cBv^;�Zï]GidP_iBðD�g;hi�;ÓÔ�j��iáI8�ñI�5G��K��v�5�S�]ò�ó�j�ô�õiÜ=GRöi÷=GRì;í�jSøiù��iú;ûiü;ý�^9o��Sþ�ÿcBv��5b;¨X=�

•UiWi¾�e f G;LMN5O�Q]KIT�85¿;¨��;¨V^Zt�Ì�KiÊM?��;X9Y;d5e�?5��}Ze�BvD��x�XM��; �ceB��PH;K ß L=NPO

(CAT-5/RJ-45@��Z?V�� P¨]D f Ê5H9N��;X9Y

)GZO�KIT�>=t�>;½�G

10-base-2 ��Iç�K� ��=G�e]b�8 f Q�H��Mä�Ê(802.11x)

u5T��KP?��;Ú;XIY;d�e��iÄ9E�¨vX=�� X9YR�i�I85pMEVG!�"�j�#�$i�MLMN�O�QVKIT9O&%'�� f G��' 5G��KIJiG�Ê5H=N��IG(iKiÊ;Êiu;K<ZÎ�>�G��5T]q�Ê�%PHP>ZOð^�oRj )�*5}�^�uMT��K=?��Fe5B]¨�XZ�Vì�+5}�^ML9NPO�QSKMT�SKiriuIT,�.-�?Rn�"iX9Yid5e�85pIEVGRqirIsItvu�w{j /�0��ô�õFBD�1�8,�; �Ë��Sq�Êi��2 3P8^�E�¨�X=�dI_iBvD��4�}i^�5�6iÁiÂ��ZïSG�i � f 2�7I8�ÄSD98��ij�:5ºP?ip��v i¢;X9Yid�e��ixIbi¨RX=�S~j5ÄMeSGRgihi�iÓiÔ�j�k�KilZe�qirMsItvu�w8Sã�Ï5Y5 6iÁiÂ�j�;�<�j��==?>�?58,@�";X9Yid�eV8pIERG;d�À=?�A�BP8=B�I»S>;¼�sRK�u�w>S½R6S7=?RÉ�C�H�>5Bð��P��d�e��,D +Ze�^ZE�¨�XI�

A.1. EE EGFF FIHH HIJJ JLKK KNMMM OOOGPPPRQQ QSMM M�TT TNUU UNVV VLANj�A�B f O&%'�'�iG;¨RD f LIN�O�Q�K5T��]K;r;uIT��-]xSX=�=O&%��5e f G�W�X=¿�À9YPtVÌ�KÊMG��VK��&Yij�Z�[=G\�] #i¶�^9o�j�:�ºS�Zï

LANj��; i}�^ _ `; �}Iä�Hi�;�cO{x�X=�SLMN�OvQ�KT�?aiÚiX9Yb�ci�iÓiÔ�j�k�Kil585pMEVG�LMN5OQ]KITVj�2iÑP8 f �I�v±��;j��d��5Ä9EV¨RX=�eO&%'�'�S8 f ~�À�f�À�g�h�j;Ù5º=e�iI8Sq;rMsItðuCw{j /�0��ÄZEVG�LMN5OvQ]KIT;äSHi�;��OR?�É�CH�>�X=Yj1�8 f LIN�OvQ�K�TS��K�r�uPT��-�8idP_�BD;º5?�·�¸�XMY��iÄ9ER¨�XI�

A.1.1. k k k�lllnmmmpoo orqqqtsssnuuuIEEE (Institute of Electrical and Electronics Engineers)

x�"�v9¿RÀ��5�5YLANj��i �};^�U;W�j�DSâj�w�4�};^FOx%��

3±PÄ9ER¨vX=�

A.1.1.1.t t tR> >>]½ ½½=OOOy%%%��

t�>;½ZO&%'�'� f G2UiW9?�iÚFBv��ez�VK��R?RUiWFB�¨RX9�ez�VK��{I�i8i��T�qiÊ�D�+�e�^MYtV>S½|�j�} ~M?�e�E�G�� }�8��c��8,��U�BD

2±ij��KF�{x��;U�}�8;�iTVq;ÊSX=YR�IG��; �}t�>;½�?R¶FBv��Y�U�}58i��T�q�ÊcB�¨�X9�=O�KPT;>ItV>;½iG

FDDIG

SONETjPLMN�O�Q�KIT f dVj�}

~(FDDIx f

2¹Ft�>;½j��9?RÙSÚ`B��Y

)x�U�W=¿�À=¨�XM�5B�cB�G;d�jS�; i}FOx%��?��;Ú`B�5�5YSHSK ß LMN5O UiW f w�4�}ix f ^Z�]GidVj�D�â Ö �� ^�(�KiÊ��VK��?SH5>RÊ�O�K��FBv��5Yì�¡

( � §�IG Ö � ^=o ) G�Ä�Y�� f äR�I<�K;^]6�7ix;î��y�E�GPt�>�½ f w�4i}�8 f @�A=¿vÀ=¨��Ð5�

94 � � �� A. � � �� ,�� '� ��j� ��.��r��,��

A.1.1.2. � � �r �� ¡¡¡ ¢¢¢G�� ¤£ ££�¥ ¥¥�¦¦¦� ��¡'¢N��£.¥'¦�§9¨©�ª�«�¬� ®°¯&��±9²�³�´�µ'¶�·�� ¸��'¹,º ( ¡G��»��9· ) ¼,½�¾�¿zÀÁ �°�&Â�Ã�ÄzÅ³zÆ¿zÇ�� ¡�¢°�&£'¥�¦�¼,È�É��Å�³zÀÊ Ë�Ìn��'��,��Í9·�ÎjÏ�Ð��Ñ�Ò�Â�¿Ó ¨Ñ�Ô�Õ�Ö�×�Ø°�&£'¥'¦�ÙÚ�Û�Â9Ü�Æ¿nÇ�´�ÝtÞ,¨�� ¡�¢�§ ¡��»��9·��ßzàá�â ã�ä å�Âæ À�ç'¼'è9¯�¨�é³zÙ�ê9ë�ì�¶'·�¼,¿zÀÈ É� æ À�¨�Æj´�§�í îïÞ�´�ð�ñ�¼�§9¨ò�ó�Ï�Ð��ô�õ�9ö¢ ÷�ø�ù ú�� ô�õ��Ø�¯jÆ�¿ (single point-of-failure) Ç.�� ,¡ ¢ï�x£�¥�¦§�¨,û,ü�¸��¹�º Ê Ët��¡¢ ��ý © ª�Â 50-93 ohm þ��ÿj��þ�Ù�î ãGÞr´��,��,�� LAN Â�è��rî�ãnÅ�³9Æ�¿nÇ

A.1.1.3. ¢ ¢ ¢'þ þþ�� G��y£££�¥¥ ¥�¦ ¦¦¢9þ��°�&£'¥'¦�§9¨ Á �°�&�½�¾ïÞ��¿nÀ�� .Ù�� ãïÞ��G¯�¨ é³�¼�è9¯��Ìï¯��'¯��Ø��³zÆ¿zÇ�.¹9��³nÀ é�� §�¨�¹ ¥��ï�yÍ��,¢ï�y¿nÀjç�¢�¶n�� ¿zÀ�é'��Â9Ü�Æ¿zÇé��°�&£'¥'¦�§9¨ Á �°��¼,½ ¾�¿9À�!��"n��'��Í9·�Î��°�r�'��Â single point-of-failure Ù# Ü�$zé¿zé'��¼�Ø�¯�Æ�¿nÇ�´ Ý�Þ�¨�é��!��".¼�è9¯¨&%�'�Ì LAN ù ú'¼�(�) ¿nÀ ��,� Í�·Î��*�+�§�¨ é��ò ó-,j��¢�Ù/.�0�¿nÀ�é��Â&1�2'¼�Øt¯jÆ�¿9Ç

A.1.2. 3 3 3�4446555�77 79888-:::�;;;�<<<�== =�>>>?A.1.1.3 Â §�¹�¥��ï�xÍ@��¢ï��¢�¶9�A .��r�,� Í�·�Îj��B ·DC�EG��Ù�FGÞ�Æ�Þr´�Ç��.��,��DGH�¼�IïÞ,¨�J�ù�Ø��9�'��°�r�'��,��KLnÙ�MN ¿zÀ�O�¼�§�P�Q�¿R9ÜÉS�@TU�AV�çæ ¯Æ�¿nÇ�W.¼�¨ é�³�²AX Ø�À 2 V��.��r�,�.��Í�·�Î�Y�Z��[�\9Ù/]� Ó Æ�¿9Ç¹�¥��°�&Í��¢°��9�'��,Â�§9¨ æ À Á �°�y�^�¸9�'�Ù�_zÀ'��¨�`��a�@b,��^�¸9�'�Ù�`�±®zÀ�Æ�Â@b��c�¿R�� Á �°�&Â�`�±,®�²r³zÆ¿9Ç�`��a��^.¸n�'��Ù�de ¿zÀ�ÆÂ9¨ ��'��,��¼ æ À�¿�R�� Á �N��zé��^9¸z�.�r��f��nþ�Ù�`9±�®�³tÀ�ä�å�g' æ ¯,Æj¿tÇ ¹�¥��N��ÍU��¢N��,�.��Â�§�¨�¿�R��^'¸��x'é��h�i�Â&_��Å�³9Æ�¿9Ç¢'¶z�� 9�'��,Â�§9¨D^�¸n�'�&§'¹ ¥��°�yÍ��¢ï�Å³nÆ�j�k 9¨�¢�¶z�� .¹�Â�dezÅ�³zÆ¿�Ç�Wn¼�¨�_�� Á �N��/`�� Á �N�Al.¼�m�¶�n��&½�¾tÙD�'ØUT.Æj¿tÇ�éj³9¼.èt¯,¨Do Á �I��¼�^¸9��Ù�¹ ¥��G�xÍ@�,¢ï� ¿nÀ�È�É��p9��Ø�¯�¨n��ì ëUq,��j��ê��¡ ��r��Ù�s�à Æ�¿�ÇÆ�´9¨�¢'¶z�� 9�'��,§9¨�tu�� æ À Á �G�yÌv��w��¼'è�À�^�¸n��&��x�`zÙ�y�zïÞ,Æ�¿zÇ¹�¥��°�&Í��¢°��9�'��,Â�§9¨D^�¸9�'�&-{�×�|.¼�}°¯�~6��ÆjÂ�� æ T�Ý�o Á �°�x§�¿R��^�¸n�'�Ù�`�±,®zÀ��Â9¨�tu�� æ À�v��w��§'¶��n�9�'��f ¡.¶�¢.Ù promiscuous ��°��¼��Þ��9¨�f��9þ��{�×�|�¼��Ø��¿R��^�¸9�'�Ù/`�±,®nÀ�é'�� Â9Ü�Æ�¿zÇ promiscuous ��°�¼,¿zÀ'��¨ sniffer ��E��j¸��9ö9�·�Ùî�ãïÞA��^ ¢'��ï�¨��f��9þ ¨�b��c��^�¸��'��Ù�ë9q ºþ�Þ��9¨�'�z¨��¿zÀ�é��Â�Ü�Æ�¿zÇ��g�å�� sniffer ��E��j¸��9ö9�·�Â�§9¨ é��.è��rØ��nÙ÷�Í�¢N��ë��,¶�º'Â��¿tÀ�é��ÂnÜ�¨D�G²� ¨�b��tÙ��u.�U,,��¢ ( �zà��n¨�t�u æ ÀDv��w��µ ��º.��nj¢ ) ¼D_9À é��Å�àjÂ'Ü ÀÂzÞ@��jÇ¢.¶t�/ n�n�.��¼�§9¨ �n�'��9�,¢'¶t�� t��ØnÀ�� '�°��.��È�É�Â�¿zÇ LAN �'�¿�R�� Á �I��½�¾tÅ�³��T.ÀD��.��¹��9¼& @�nÀ�Ô��Â ¿�Ç,¢.¶t�/ �§�¡&¢@f��zþD£'�¢�¡�¼�¿�R@�� Á �°�&� MAC �G�Dn,¢zÙj��ïÞ,¨�m�¶@n �t�yº��÷¤q�· Î�Ù��Ø6�r´�¥�¼,î�ãïÞ,Æ¿tÇ Cisco Systems ¨ D-Link ¨ SMC ¨ Netgear Ø§¦�¨ 10/100-Base-T ¨�©t¨�ª�«9¬9�.��¶��z�n�.��£��°�¨ IPv6 �9�'��Í9· Î�Ø9¦��Ï å�¼��® ¿9À�o�K�¢�¶z�� Ù�¯�°GÞ��T'Àjµ ��±��zÔ æ ¯Æ�¿9Ç

A.1.3. ² ² ²�³³³�´´´¶µµ µ�···§¸¸¸º¹¹¹�»»»D²² ²¼¼¼§½½½¾¶¿ ¨�À�Á�l�Â�*+G�Ø9Â&�nÜ��T.À��-¬9��÷Ãq&Â ¿tÇn�/��N��Ä&Å�¿tÀDÆ�Çn¨,ên·D�n¶G��ÈÉ aG¨&Ê�Î�Ëz��÷Ìq�¹ Ø6¦�¼z�Â&�z¨ Á �R��Í PC ¨ PDA(Personal Digital Assistant) ¨��'¶�Îºn�¢�.��C�¢�Øº¦j��Ï�Ð�Í�,n��Ñ,�nö��j·�9�n�.��9�n�&,,��¢.¼��'��C�¢ ¿tÀ,´¥9¼�È�ÉG�jØï¯,Æ¿zÇ IEEE § 802.11 � ¶�Î9n�¢�ÒÓzÙ�ÔÕÒÓ��Ö�ïÞ�Æ�Þr´9Ç é³�¼�è9¯j¨�Á�×�ù�ú.¼��±'À��¶Î-n¢�f ��þ��Ô�Õ��Ø�¯jÆ�¿nÇ�Û�Øn¨/Ù�änÅ�³��T�À IEEE Ô�Õ�§'��¶�Î-n¢.�� Í�·�Î

Ú Ú Ú�ÛÛ ÛA. Ü Ü Ü�Ý ÝÝ6ÞÞÞ�ßßß�ààà�áá á@â ââDã ãã�äää�åååAæææ�ÝÝ Ý�çç çDèèè�ééé�êêê 95

è 802.11g ë&ì-í 802.11a î�ï 802.11b ð�ñDò�óDÝ�ô&õ�ö�ë�ì-í 802.11g õ�ö�ð 802.11b â/ð&÷�ø�ù�úû�ü-ýDþ ì û�ÿ 802.11a â/ð�ù�ú�� û�ü9ý�þ�� í802.11b ��Ãâ 802.11g ��-ð ÿ�� ð��¶â��è�õ�ö��Ý��ë ü¶ý�ÿ æ��6ñ��¤â�� !�" è 2.4GHz #�$�%�&�'�( (802.11a ð 5GHz (*)+�� ) ë�èUáUç�,��.-�/*)+0�13234 þ ì6í�5�67�8 ��ð IEEE

�9�: 2�õ�ö¤â 7 2�;�<*=?>3@ ý�ÿ '�AUè�B*CED�Ý û 802.11x F3Gºâ�HUÝJI��J)K�L�MN7 2�4 þ ìºí þ�8�ÿ+O�P�Q�RTS SOHO ã9ä-å�æ�Ý�ç 5�è�õ@öU)?V�W 7 2�4 þ ì6í LAN XYMAN(Metropolitan Area Networks)

þ ë�Zî 7 �E� ü�ýDÿ�[� æ�\�-ñ��áç\,��].��C-å (WAP)û�^�_�7 2�4�`�aEb ZîEc û�dUe ô : 2.4 þ ìUí þ\8�ÿ æ��\�9ñ\�.��CEfDÝ�ãUä�ågH�Ý�I\�E�.h+i�ED�Ý (WISP)

S�ü�ý�ÿ�jlk Ýºå�ë�I�m�ã\��)�n�o�ì�` 8 1 �p h&ÝºÞgi3C-Þl��CEfDÝ�ã�ä�å�á�ç\,��)�q " âAì�`�r�s�t�u�è�vE4\r�s Q ô�w �x*7 2HÝ�I��)zy�{ 7 2�4 þ ì�í802.11x �� .9�ýDÿ æ��\�-ñ�� NIC )�|�}�ì�`�~�ÝºÞg��ë�èED��ñ�ç9å ô��á��Ý��&á�� û <�� ô ý�þ ì9í ad hoc ãUä@å/æ&Ý�ç�â��E��>�`��ÝE� M =�> 8 ~�Ý¶Þg��)z�� ÿ�� '�~�Ý¶Þ��ë�� ì�` dE� �E��è�oE�6â�ô ý�þ ì ûUÿ�� W�æ��?�Uñ\��E� ð��=Dô�4Uâ�4�6��.�&Ý3��I j�� è�� ) Sz8�Y�7Dþ ì-í� 0 7�8��E�� ë�è@æ��\�-ñ��á�ç\,�� 7l8� �j\¡ Ý�ó�¢zCDð ÿ WAP ) 1 �E£E¤��C\� å�Ý��ì`�5�â/ë�ì-í WAP ð¥�¦�è�ã�ä�å�æ�Ý�ç �� 7�ÿ�ü+8 X S ��ÝHUã�ä�å§B�Ý��è�ã@ä�å�æ�Ý�ç�¤ 4�` 9 6 æ��?�9ñ\�3~�Ý Þ û WAP

�E��ë3�E` 9 6 �7�þ ì9í WAP ð ÿ �E��=�> 8 ~�Ý Þ�â�ãUäå�æ�Ý�ç�è¨�è�~DÝ¶Þ©��è p�j ä�m�â 7 2+ª�«�¬ ��®�7�þ ìUí

A.1.3.1. 802.11x è è è,,,¯ ¯¯ ¡ ¡ ¡�jjj°�� *��æ��?�9ñ\��ãUä@å/æ&ÝE¯3C��ð ÿ ¥E¦�è � $-ãUä�å/æ&Ý�¯3C��±E² �³?´ ì�`\�3��Ý Þ û�ü�ý�ÿ�9Uýµ�¶� ô : 2�4 þ ì ûUÿ· è��E� ð�4 e �.Xè+-.¸ û�ü�ý�ÿ�¹EºE»�¼� ?½�¾ >.2�4 þ ì-íE5�è-.¸è¿ SlÀ " ô�Á&ð ÿ+· è�,¯ ¡�j°�T� è �Â øÃ�ë&ì-í802.11x ã-ä�å�æ�Ý-ç&è�ÄE} û 6 þ�e�Å�ÆJ7�8 è @ÿ ¿ S�ÇEÈ ¬ôE,E¯ ¡�j��É� ¤�è�Ê.Ë�Ìì Y�Í�:2�4�`?v e è�n�o Q�û 4 þ ì�í�ìEÎ�2�è 802.11x ã9ä@å�æ�ÝE¯�C��&ð d (�b RF óE�+Ï��J)\Ð�W 7 2s�ô ¾ >�` 8 1 ÿ�ÑEÒ =�> 8EÓ Ý3f�ð�ùúE��è ü ` NIC

ÿNetStumbler

þ\8 ð Wellenreiter ôJw�è�æ�?�9ñ\��ãUä@å/æ&Ý�ç?�E¯�Ô.C��Ý��6â dsniff Õ snort ôJw�è�ÖE×.¬ô sniffing ��Ý��)�ØE�EÙ�ÝÚ Ýô Y�Û� ë SzÜ�Ý� á�ç?,E�ë3� þ ì-í\�3�?�?B�Ý¶å/æ��\�9ñ\��ãUä@å�æ&Ý�çDè35�è 9 6�ôÞ.ßô�Ð�WJ)+Ë�à 8 1 @ÿ 802.11b á�â�ë�ð WEP (Wired Equivalency Privacy) ��h¶å�ã��J)�ÐEW 7 2�4þ ì9íE5�>�ð ÿ�ä ~�Ý¶Þ�� þ�8 ð WAP â~�Ý Þ��ë�� ì�` RC4 B�ÝE�è 64 I�ä@å þ\8 ð 128 I�äå©å�æ MEç è35@â�ë�ì9íE5�è ç ð��E��)�å�æ MT7Dÿ�è �Eé��-ä�å�) ¬EX��êEë.¬ �Eì 7�þ ì-í@â5+í û�ÿ n�o Qû 6 : X ý©î >�2.4 8§ýDÿ é3ï�ð/Ý�ñ�C�� ûò�ó ì�`�o.ô (

[. \õ�ö�÷) ë+ø º� 5�è��Eç å�æ M øEù�èVEW3)�s ¾ ô�4.5�â û�9�eDü9ý�þ ì-í 7 X 7Dÿ æ��\�-ñ��@ãUä�å�æ�Ý�ç�ë WEP )�Ð

W�<�� ì�`�â Ó Ý�f�ú è èûEü+�3)�ý�þ \ÿ�Y ì35�â û ë�� þ ìUíRed Hat Enterprise Linux ë�ð�4 e ��X�è�BJCD�Ýè ä�� 802.11x F.G�)�H.]Ý å 7 2�4 þ ì9í�ãããUäääå å åDæææ�ÝÝÝ9ççç+nnn�ooo��ÝÝÝ�� ð ÿ æ.��6ñ� NIC Õ WEP ,�¯ ¡Jj�� ) �� ì*`�� û��6þ >�234 þì9í�ããã�ää ä�å åå�æææ�Ý ÝÝ�ççç�nnn�ooo��&ÝÝÝ��èÐEW�ø�Ã ��42�ð ÿ Red Hat Enterprise Linux ó\� �� nEo�ò��6Þ)�� 7 2 e� =+4�í7 X 7&ÿ WEP

�� ` �� ë�ð ÿ��º è ü `�Ù@Ý Ú Ý�)��ì�`�â��T6�Áë��@ô�é�ê��¶â�ð��ô�4X S.7 > þ��.� í�æ��?�9ñ\��ãUä@å/æ�Ý�ç�)�é�êì�` RC4 WEP å�æ M á?�! j#"�� )�ç��ä�ç7�ÿ � �Eç )�$�%3= � ` 9 6 [� Ó+Ú �.CE=�> 8��& Ù�Ý �É�?j��û�ü�ý�þ ì9í AirSnort â WEPCrack

û 5�> ü8ºý�þ ìUíE5�> ?x�' ì3` ð ÿ ��(�)�*�+�è�á�ç?,�� ?x ì�`�æ��\�Uñ\��ø�Ã�èÐ�W �,�7 2�- 7 4 x Ì�)#.�/�ì3`zq " û�ü9ý�þ ìUí SSH

þ�8 ð VPN ��è�0 -E¸�ì�`�5�â .9�ýæ��?�9ñ\��E��è�,�¯ ¡�jl�� )�1 M*7 2 S#2 4�ë 743 6�íE5z> .9�ýDÿ�5�6 å�æ M ñ��Ý�) WEPå�æ M è¤ 87�9*7�þ ì-í�5Dè x Ì�) ¶ W�ì�`�â ÿ WEP åæ M )�çE�@äDç�ì�`�ã�ä�å�æ�Ý�ç:�è ��ºè ü `�Ù�Ý Ú Ý�ð�= Y� VPN Õ SSH å�æ M�S ç��äDç 7 ô � >E��ô Y ô e ô ý�þ ìUí · è�åæ M ø�Ã �9Uý�ÿ

3 ;�1�<ô 168 I�ä@å DES á?�! j#"�� å�æ M (3DES) Õ ÿ�=� 1�<ô�¨EA�>�?EF.Gè@á?� j#"�� )�VEWì�`E5@â û ë3� þ ì9í�é��@æ&Ý Þ§Õ Ó Ý�f�ð�@�A�è�48BE>�è�C�D�)zÐEW 7 2 S $�%3=>.2 7�þ 6FEE> û@ü ` 8 1 ÿ 5�è x Ì�)z��W�ì�` L�G ð Telnet Õ FTP ôJw�èE�Uñ�Ý3C � ¯�� å©�.h§åã��3)�-�¸�ì�`zq " û�ü9ý�þ ìUíæ.��ºñ��ã�ä-å�æ�Ý�ç��H�è�I�Ý�J�Ý �99ý V.W*=\>32�4�`\¿�K�è�,.¯ ¡�j��N� î�ï�;�L�ø.Ãð Wi-fi Protected Access (WPA) ë�ì-ízn�o Q ð;�L�H�Ý�i3)zÐ : 2�ã�ä�å�æ�Ý�ç�¤ WPA )�M�0�ì

96 N N N�OOO A. P P P�Q QQSRRRFTTT�UUUWVV V4X XX�Y YY�ZZZ�[[[]\\\WQQ Q�^^ ^�__ _�```�aaa

b�c X�d�egf�h�^�i�j�V�k�[F_l\�jWm�n8olYlZ�[�\�Ql^�p4_�V�^�q�o�r�_�s�t�u�v�egf�w�x�y WPAzTemporal Key Integrity Protocol (TKIP) t�{!|8} WEP ~��!t��4�8��W�!��!w�x!y��s!t�{r��h�^4i�j�V4k![��8o��4��j4k8o�[�Q��!��}4� b \�jWm!n8o�YlZ4[�\�Q�^W��Q�R�_ MAC V�Rn8o�X�� b�� e�xgy��s�X MAC VSR�n8o�_��d��l^� (IV) �4¡�|8}�¢�v!��!h£¤ Ql �¥�¦gZ4[t~��x b sgt§�¨�x b _4�8{�rg��gwxgy IV

z ¥�¦gZ4[�d�©�ªl�� b�«�¬ sgt® ��h�¯!X�°!±#_�²�³�´�µ�\�j�mln�o�Y4Z�[#\�Q�^¶�·�t�¸�¹S��w�xly«�º �Wh TKIP t�{!| « WPA

z ²�»�´�µl¼�½W¾8Ql�!¿�k4XÀ�µl��}4�4w�x!y�¡lÁ�Â�Ã�µ�~�� (AESµ�± ) t�{!| « ¼�½W¾�Q��l¿k8d�Ä�Å�ÆWe4Ç!Á�hÈ�É4��Ê�� b \�jWmln�o�Y�Z4[#\8Q�^8q�Ël¾�½F��Ì�t�8�l�� bÍ�Î�Ï tÐ�Ñ�}��w�xly802.11 Ò�Ó��8Ô4��}�_�Õ�Ö z�× _ URL tØ�ÙS�F}!Ú º ��yhttp://standards.ieee.org/getieee802/802.11.html

A.1.4. Û Û Û�ÜÜÜ�ÝÝÝ�ÞÞ Þ�ßßß�ààà�ááá�âââ�ãã ã!äää�ååå�ßßßSæææèçççWäää�ééé DMZHTTP h�ê�ë�ì�Q��!h FTP h DNS µ�±_�í�î�V�^Wq�o Í�Î µ�ï�Qlð8olt�ñ�òó� « �Wu�v�ô�� z h c�õ� «�ö Ä�ï4QgðWo z�÷ v4´ / ø�v4´��ù�î�YgZ4[\�Ql^WúS�WûWü��x b�c X�tWÊ�x�x�Ñ��Ww8x�y�ý�þj�V�TlÿQ��SX��o�[�� ¬ V��S½�¦�Ql�!¿k8_�Â�� z h « w��!f b�� t��¹�x b � z �� µ��e�x!y��#úS�Wh��FÔ c ��^�i�Z#��Q z h�¶�·ó�#}�� b ï�Qlð8o�d��YlZ4[#\�Q�^�ûWü��ÇW��ùWîYlZ4[�\�Q�^�� Á��!t��Ô�� b�c Xd�e�f�w�xgy�í�î�V�^Wq�o Í�Î µ�ï�Q�ð8o z h8q�Ë�¾�½� Ì É��4e�� ! (DMZ) X�À�µó��}�� b X c�" �$#�%ó�#µ4�W��µ��'&!h�j4k� 8Q�Y�Z4[�ú�� |8}�Ú b�(�) _�ø�vgYlZ4[�\�Q�^�ûWü z�c _�ï�Qlð8o��#ú4V�^Wq�o�elf�&gh�ùWî�YlZ4[#\�Q�^�p�_V�^�q�o z�*�Í ��µ��¡ õ ��µ�|}�� b,+�- d�Ç!Áwxly,.0/�_�Ç b1 Q$2�Q�d DMZ ��_03��k��4�5 V�^Wq�oS�#}�6�h�7�Á]_4ùWîgYlZ4[�\WQ�^ z û$8S�]� « û8ü��Ç b ý4þ�j�V�T�ÿQ��e�9S�]� bX�� õ,: e� 0;�´�e�xgy¯�X°�±_�È�É z h��o�[�elf b í�î�ï�Qlð8o�ú!�_ ö Ä��Q��Ìk0< Í�Î µ IP V�R�n8o�_��Q��d= �#��}4� b _�elh�u�v�ô z ¥�¦gZ4[ ©�ªgt�> ) h�?�ªgh�@�Agh�@�B�x b� Á�C�° º ý4þ�j�V�T�ÿQ��Q��gtD�rS�8wxgy iptables t#r��W}�ñ�Eg�� b ý�þj�V�T4ÿ�Q��0F�G0H�I�r�P�QSRFT�U8V�ý�þj�V�TlÿQ��!t�{�r�x b�c X8�4¡lÁ8h�J�K�µ��Q��èÌk�<�X�ý�ÿW\�Q ¤ Ìk�<��Q��d Í�Î XµSÁ8wx�yWu�v�ô z!c _�L�½��Q!t�{�|W} |W}�Ú b�(�) t�MON�ï�Qgð�o��PON�� « VóR�nWo�X�L�Qè[Feû�ü�x b�c X�d�egf�h8² � elh�ùWî�ï�Qgð8o4��V�^Wq�o�x b _ z LAN _�À�x b�c X�d�e!f�w�x!y c��4¡lÁ IP o��Qlý�Ìk0< 4�5 V�^Wq�olt�¸�¹�x b�c Xd�elf�w�xgy iptables _�ñ�� 8Ô��}z h,Q 7 Qgt�Ø�ÙS�]}!Ú º ��y

A.2. RR RTSS SVUU U�WW WTXX XZYYY\[[[^]]]`__ _baa abcc c0dd dVee e2000 fl� ö Äg�� « FBI � ¬ CSI (Computer Security Insititute) ��¡ b�gOh ��¡��i�gh�È�É!h�C�j�kl �l¡�|�}Om�nS�� «0oOp ¤ Qg �� ¬ ½�¼WQ4o�p4_�¶�·�_ 70% drq�_�È�Égù�î4ú��Å�§��}��wl�« y�ùWî�q�Ël¾�½#�èÌsF�G�_�ñ�t z í�î�F0GSX��u��$v - XµSÁ8w�xgy c _�q�^��l¿�k8e z h�u�v�ôH 1 Q�2�Q4d�ù�î 4O5 òiw4ú��Wo��gt�`�a�x bW« Ñl��ò\x b ²�³�´�µ0�Oy�t��gÚ�Ô4ú0z|{��wxgy} r�ô�_�\�Q�^Wo��Ql�!¿�k8_�¯�X°�±_�î�ü z�~�� ¶�·�_�F0��µ b�� z Ç4w�Á]µ�Ú�h�M��8��iN��8� « ý�þ�j�V�T!ÿ�Q��l��9��4}�� b�� h ~i� ¶�·4_�FO�g� z µ��µ��e�� õ yl��ú�Wh��_�\�Q�^Wo��Ql�!¿�k8_S½W¼8Q�o��$F�x b ùWî�¶�·�H ÷ v�´�µ�¶�·gt��$��x b _��Wñ��elfb� ¸�F0G�d��Ú]Ô�ú�Ç!Áwxly�� _l\�Q!^�o��Qg��¿8k�HO�O��r�¥�¼O��k z hWP�QèR�T�U�V�n8��eg�Wo��ó½�¼WQ�ogt��O��xb

BIOS t��ró�#}4�4w�x!y�\WQ4^8o��Ql�g¿�k 1 Q�2�Q z h�q�_ BIOS ù��8u�v�r�¥�o4\WQ�Rt�0N��}0.O/gÇ b�1 Q02�Q��4¡ b �8o��p�_4V�^Wq�o�H��Q�[�tW¸�¹�x b�c Xd�elf�w�x!y BIOS ¥�o\�Q�R z h�.�/�Ç b�1 Q�2�Q4�4¡ b �8o��_i�WQ�[�t��¸�¹ó�8h�q�_�.�/�Ç b�1 Q�2�Q�d�P�QR�R�i�j0��8`�#��]}�� b'� m�p�x��H!Ú�V�^�q�o�� « Á�h � mlt,��6 õ X�x b _�t��¹S��wxly

� � �� A. � � �� ¡ O¢¢¢$££ £i¤ ¤¤�¥ ¥¥|¦¦¦O§§§©¨¨¨$�� ªª ª�«««$¬¬¬0 97

®©¯�®�°±0² «O³�´µO��¶��·�¸�¹ PC º�»½¼¾ ( ¿��À§sÁ PC Â|Ã�«�Ä0Å0ÆOÇ�È�É�Ê�ËÌ|Í�Î\Ï©Ð0Ñ0ÒÓ «�ÔiÕ$Ö�º�×�Ø�·�³ZÙ¡Ú�Û'Ü�Ý�Þ�ß�»�à0á�â )° Ã�« PC º�ã�ä�åræ�´�ç�è�é�ê�ë�¾�ì�ç�í °�î�ï�ðº0�O�^��ñ�É�ò�Ë�óÀ¹õô ®©ö Û BIOS ÷OÊ|¨��^��å�ø�ù�úOå|æû °�ü « BIOS ý�þ�º�ßiÕ PC ·�ÉiÿÊ^§��¾ °�� Ë��óZ´�ì��·��O�`��ñ$É�ò�·0£�ª� 0Ê��¾ ö�® ¼�Õi¼��ÙÕ��ì�ç�í·�ø ° ¨��ª$Ê��ÿ�·��Z¦�ªOË ®'ö�� 0�^�' �¢�£$éO«i£�ª� �ÊrËý�þ��r´��i¤�Ë��® ¼��Z¦�ª$º��Õ�ì�Ê�� õ��!�«�"��iò#��ß%$& �'�(*)+�,�.-�/Où�ú�0�1ZË PC ÂZ¿��^§�Á PC«�2�Ç �©·$ó^¹ �43�ö »�àZË�ù�ú ®$°�5�6 ·�7�8rË��Z¦�ª ®'ö�� £Oª� �Ê�Ë�ù�ú ® ¼�9��«�:�«��À�© �¢�£�ø ° Kensington Â Targus ß�$,«�;0��<0�0º�=\Ï?>�@ ®©ö ÕO¼A�4�B �0È��O�^�' i¢�£ °C ·�D�E�F B �0ÈOø ° B ��È��G�«�H|·�I�JLK'¾ ö Õi¼��M�N ° B ��ÈO«'�O�P�¥�¦�§©·$ø��½¦�ª�å|æ0´½�©£�ºO³Z¹ ° ¼�ì�Q B ��È�7�8|·iÛSR9� ö ( ¼ì0ø ²UT Þ�· ) Õ�V�K�¾OßÕ�¸iÙS �'4(*)?�,�XW�YO«�ì��«U�r¦�ª&Z�[Oß�\��Oÿ½§^]U_��ºO³½¹�¼&�9�

¼�ì °`�a «�ç�í °�b �U"��ÿ�c��ÈiÉ�d��|Ë#e�/ ®'ö B �0È½ËAf � �½´��i¤�Ûåræ0¼�� b �"��9�%��ÿ�c*��È�É�d��Oø�gOÈZÿZ�Sh ° 24 iUj�8Oýi«U�rª�k�<�� B�l �T§ ° ��ÊU��G�m�n B ��ÈU '�(�)A�o�·�� 3 ´#-�p�qUr\Ë#sUt ®,ö Õ|¼#�%� HTTP M�uiÂ*;iÇo�,£ B �9P$ÊO«�ÊT§�),�UG�·�v�Z´� �'�(4)+� �.m�n�w�x*k��yrË�£� �§Az��ÿ�{#�½´|�}OÞ�ß�~��¤ß�¹��Z¼&�� ®©¯�®$°�b �"��ÿ�ø °�� «�P��0¥$Êi·r¤�� ö ø C ·��/O«��å��º ¯ ßÀ¹��Zæ�Õ ¯ Û ® ¾Z¼JU��b �U"��ÿ��ø °�� ¾�ì� �'�(*)+� �sÊ��¦�\�·i¸�¹��|·��`��¾ ° N�i��¾ öÕ�´��¤,å��LK¡¾ ö Õ�¼A�4�

« ¬B.

¯®®®±°° °³²²²µ´´´·¶¶ ¶¹¸¸¸»ºº º½¼¼¼·¾¾¾À¿¿ ¿ÂÁÁÁ·ÃÃ Ã

ÄB-1 Å�Æ�ÇÈ�É�Ê�Ë�Ì�Í�Î�Ï4Ð�Ñ�Ò&Ó�Ô4Õ�Ö�×�Ô�Ø�Ù�Ú�Õ�Û�Ø�Ü�Ý�Þ�ß4Ù�à�á�Ü�Ýâ9ã�Ò�Ö+ä�å�ãÒ�æ�ç�è�é�Ýê�ë4Ú�Õ�Û�Ø�ì�í�è+î�ï�ð�ñLò�óÜ�ô�õöL÷Aø�ê�ë4Ú�Õ�Û�Ø�Ù�ù�Ü�Ý&ú�û�ä�å�ã�Ò�Æ�Çü ø�ç4ýÙ�ê�ë4Ú�Õ�Û�Ø�Ë�þ�Ï�ÿ�ö�Ý�ï�Ç��ò��*õ�ø�ç*ý+Ï��4Ù�ù ò�� ü ø�ç4ý&Ù��Ê�Ë4Ð4Ñ�ÒÓ�Ô�Õ�ì ��*Ù��Ü9Ý#ï�ì�çUè��Ü4Ý�õ�æSÅ�Ü�ô

ê ê ê�ëëë�ÚÚÚ�ÕÕ ÕÛ ÛÛ�Ø ØØ � � �� ó#Þ�Æ�� Ò�ø�!�Ø�Ó�Ô#" ��á�!�Ø�Ó�Ô#"Aì �$� ø4ó�ó�Ù�ò?Þ% Ç &('*)�ã�+�Ô*,�-�ø��(� Ò.!Ø�Ó�Ô#"Aì��ø4ó�óAà�á òSÞ % Ü�Ý�õæ�ô Ô�/Ô*0��1#å�Ú�2��+Ô Ï üø�3�Ô#"42(5�Ú�Å*687�ç�è49%÷?ö�ó&ÜË4Ç Linux :�Å*;�<�Ü9Ý>=UÔ�?#Ø�Ù�Æ

�� Ò ø*��Ê�á�!�Ø�Ó�Ô@" ËÉ�A��í�Ý(7&ø�Ë�é�ÝïB7Uò�ö�ó>CD(Red Hat Enterprise Linux Æ�!�ØÓ�Ô#"AìAîFE�Þ4ó�ó�G�H ò4�UíUó>CD) ô

I�J Î�Ù�Æ4Ç Ô�/�Ç��1å�Ú2��&Ô Ç VPN Ç�Ð4Ñ�Ò+Ó�Ô�Õ K�Lø�Ø Ò MÔ�N O�P (NAS) Ï ü Ç�Ð*ÑÒ+Ó�Ô*ÕQ3�Ô#"42�5�Ú�Ù�R�S�ò��4çè#é % ó&Ü9ôT ÙU=UÔV?#Ø4ì W�X�Ü9Ý OS(UNIX Ç Windows) Ï ü Ç�Y�è&øVMZ�[ Ô�\�]�M#Ô�^`_+ã�a [ Ø�^�b ( cd�e öLæ+Ï�A#Þ*f*í [ Ø�^�b ) Ù�ç�èé % óAÜ�ô��ÊUË*g(�� T�h�i Ô*j�Ô*ì><�k�òÞ�Þ�ß�!�Ø�Ó�Ô@"�Ë �� ø*ó�ó�Ù�ÏVA��íUÝ�õ�æ&Ë�é % Ç�õ#ø i Ô�j�Ô*ì>l9 ò?Þ*m�n*é�Ý i Ô*jUÔ�Ù*æAQ��Æ*Ço�p ø�â9ã9Ò�Ö?ä�å�ã9Ò�æ+ÏVAQ�%ò#óí�ó&Ü9ô

�� Ò ø*q�rst�u Ï*=UÔV?#Ø�Æ�v*l�0�w�-�^�Ø Ò øx Î�Å��(� Ò�ø�Û�y�z*Ö�^#_ s ì!�ÑQ{�Ô�N�Ù9ò4��í�Ý�õ�æ&Ë9æ| ü |é % óAÜ9ô�õAöL÷&ø s ì }�~�C��Ù�åã�/#Ô*Ð4ÑUÒ.:Uø*��Å�<�;�òÞ*��9Ç��4�� Ò�ø s ì>��îi Ô*jUÔ�Æ��UÅB7��ø�q�r s ø%Ö#×ÔØ*09Ç��õ�Ù�é�ÝAÜ��ø*P��ÙÚUÕ�Û�Ø h ì r�Ü9Ý�õUæ#Ù�Ï % ó&Ü�ô

Ó�åU��MØ�ÚUÕ�Û�Ø�ä�å�ã�Ò�0��,�-��(��Û�y�z�ÚU=�Ô��Ô�P�O�ÙU67>Y�è49%÷Sö9óAÜ9ô

CIPE ( � 6 ��ì �� ) Ù�Æ*=9ãQ� ø*�Î s Ë*�9óAö(�Uí�óAÜUË4Ç>��ÙU��Ü9Ý �*Ù�}�~�Ü9Ý ��û�ËUé % óÜ9ô

IP Ø��Ô��B_&ã*a Ö4��Ô Ò¡ [ ã#Ë�¢�Ô�£ Ð*ÑUÒSÓ�ÔÕQ:UÅ�¤#Ô@"�æUò4�*;�< ò�Ç>=�Ô*��ÔÙU¥�¦�§9ì>9�îVE��4Ç�Ð4Ñ�ÒSÓ�Ô�Õ*Ö×#Ô�Ø u�¨ ÙU©�A��*ª�«9ì ¬��Ü�ÝÞß*Ù��Ñ#Õ�"SÚ��¢(a�®�b�éUÝ�í�Æ Ò¢�å�ø*¯�°4ì�å�ã#Ø Ò Ô ò��%ò#ó�íóAÜ9ô

± Ï % Ü�ó*ò (spoofing) ²&Æ4Ç>��Ê³ Ë*´UÎ9æ&Ï4Ý [ Ø�^�b*µ�ø�K�L9ì¶�· Ü9ÝÞ�ß*Ù TCP/IP SYN Ô ACK¸�¹ ì º�»�Ü9Ý ��û�Ë�é�Ýø�Å�¼(½ÙU¾ òAí�Å�ÜUË4Ç�Õ�®*Ñ4£�Ô�Ë*õ#øç*ýSÏ*¥�¦�§9ì ��Ü9Ý#øUÙ�¿�À�îÁ Ô 7?É�Â�Ã�ÄUÅ�Ü9ô´UÎ9æ&Ï4Ý [ Ø�^�b�Ë*��þ�ò��UíUÝ×#Ô�Ø*)UÔ�Ø*Å�Æ�Ç�È9ìAà�á�ò?Þ�=�Ô?#Ø (rsh Ç telnet Ç FTP Ç��ø�ÉUÏü

) Ù�ç % ó&Ü9ô�õ#ø4ç�ýSÏ*=UÔF?#ØÆ4Ç ssh é�Ý�í�Æ SSL/TLS Å�à�á�ÊAöÝ PKI 0�É�Ë�ÌUø�Í ¹�Î Å�Æ*ÙUÏ*��Ð�Ñ Å�|�ó C D ô

100 Ò Ò Ò�ÓÓÓ B. Ô Ô Ô�Õ ÕÕ Ö ÖÖ(×××>ØØØ�ÙÙ Ù�Ú ÚÚ�Û ÛÛ�ÜÜÜ�ÝÝÝ�ÞÞÞ4ßß ß*àà à

Ø Ø Ø�ÙÙÙFÚÚÚ�ÛÛ ÛQÜ ÜÜ*Ý ÝÝ á á á�âââ ã ã ã�ää äå�æ

2 ç(è�éQê#ë¡ì*í�î$ï å�æ�ð ×*ñ�ÞQòÔ�óQô�õ�ö4÷êVÛQø(ù(ú�è�Ú�Û�û#üþýÿ é�ê#ë¡ì�� ð�� ê��ï�� ð ×ñ�Þ>ù ð �

ñ�è��è*ß�à�� telnet �� FTP � � � HTTP � �(ÿ�� Qê� û��Ý@ö�� "! ö$#$%�ù�&�')(* ð �ñ�è*ß�à$ï$+�,.-�×0/�1Vò��.�324 ê#ö.ß�à�5�� LAN øVò�Ö�×$6�7)(/�8�Ý�û�9�:(è�Ú(Û�Ü�Ý�;$ï<>=@?A ×$B�CD��ÖBó * ð>�$E�F �úèVÛG õIH�ê�� LAN øVò�Ö(×�8�Ý�û�9Vï6�7 J$K$×@/�1VòML�N ÿ ß�à (IP Ý��ê�OBü ��P � Man-in-the-middle

ÿ�

) ï$Q ÿ =@? A * ð �R Ý�÷ê#ë¡èTS ÿ ó ð *( (spoofing) Uï@V�W/�1�è�X�V�Y�ZÞ�([?��0\�]�^�_��` ��÷ � ��9R Ý�÷ê#ë$�0\�]�^ J$a�/�b�c$ïd A×$e�ê�f�Ý ÿ�� ÖBó * ð>� �� 3g��h�i�ÿ \�]�^�ï0j ð�ð 1)( *>ð>�

e(ê�f�Ý�è�kDl�m ß�à�5��"� � ��êVô�õ(ö.ø(ù�n�Q ð ×e(ê�f�Ý�è�l"o�p�q3o�ï$N�rs( *>ð>�ñ�è�kDl�m$ï0t�d)(I?.� ß�à�5D�(úè8�Ý�û�9�u�vVú (I?�w�x J$aD? A ×� ê��ï ð�y ?�6�7 JK ��ôVõ(ö4÷UêÛQø(è�z(è.8�Ý�û�9�ï�{I6�7>JK$×|'�m��ÖBó * ð �

CGIÿ��

HTTP }(ê�Ý�è�e(ê�fQÝ��~24 ê#ö¡è.#@� � ë�n�QVòMYs([?�ß�àï$�.-Mp ð Õ�� * /�� û G Û�û`üý ÿ 8��%VÚ(ÛUÜ�Ý(ò�{Ik�l�ùð �

HTTP e(ê�fQÝ�� "nobody"ÿ��

è��;��(ê��(êBÞD(I?�n�Qs([?{��$��>O"�@�M%�p�ô�õ�ö4÷UêFÛ�8õI� ÿ � è��ï��D�Vñ(Þ�ù�� * ð>��* /�� ß�à�5��e�ê.f�Ý�� ß�à$ï@��)(I?.��8�Ý�û�9~2� ê�Ý�ï�.�"�$z(è��(ê��ê��dù�� ÿ A Ô.� ò (I?~( * ��ñ(Þ��ù� * ð ��N.gM��(û�Ý#öIg�ò��D� ÿ AkDl�m��e(ê�f�Ý�ò�Ö�×�ñ(Þ��(ÖBó* ð � ña �>è�kDl�m ( ¡8õ@O"�4è¢ ê�¡�ê.O�!�ê ÿ�� Ú��~2$£Uê8 ¤ � è�¥ 4 2[¡ õ@O"��ï¦�a>J$K×$§�¨(è�©�ï$� =@?�e(ê�fQÝVï*ÛG õM8�ª�J$K � ß�à�5VòM§�¨�è.#@�� ë ï$n�Q(ù��×�Ô3�$� � û G Ûû`ü�ý"#0� � ë«�"! � �#ö>ï¬>× ) ��®�uVòM¯�° # � öI!ê�%�ï�ß�à5VòM¬ �×�ñ�Þ��ù.� * ð>�¯�°�5��$e(ê.f�Ý�� root �(ê��(ê�Þ(I?�n�Q)( ÿ A Ô.�þã�¨)(@� CERTp CVE

ÿ�� } ��± ê�p(Ü��ª.2�û#ü�²v ÿ � ��>è�Ú�� 20£ê�8>¤ � d R õ³ p�´ G ê��$µ�¶�� ÿ A ��·(ò�ã�¨s(?BÕ�¸�J A �

¹ ¹ ¹�ºº ºB. » » »D¼ ¼¼0½½½�¾¾¾¿¿ ¿�À ÀÀ"Á ÁÁDÂÂÂ@ÃÃÃ�ÄÄ Ä>ÅÅÅÇÆÆÆ�ÈÈÈ 101

¿ ¿ ¿�ÀÀÀ3ÁÁÁDÂÂ Â0Ã ÃÃ�Ä ÄÄ É É É�ÊÊÊ Ë Ë Ë�ÌÌ ÌÁ�Í Î0Ï�Ð.Ñ Ò$ÓÔ�ÕDÖ�× Æ�È�Ø�Ù�Ú�Ä.Â�Û�ÜIÍ�Ý�Þ�Ð3Â@Ä�ß�Ð

Ñ Ò$Ó Ô Á�Í Î0Ï�Ð�Ñ>Ò$Ó ( à�á�â�Ð�ãÂDä�å�Á"Ó>Û«æ�ç ) èMé3ê3ëì�í.îMïðMñ$ò�ó Ô.ô Ðöõ$ë$÷�ø ðIù�ú�û Ô ÑÄ�ß�ü�ý�þ ÿ �� Ô�� Û�å Ô� � ë�� ð�� ý�þ ð � ÞMÐ3Â@Äß�Ð�Ñ Ò$Ó��Ü"Û�ÞMÐ.Â Ô��Ô��DÔÑ@Ä�ß�ü"è�� ðIù� �!#" Ô�$#% ë'&)(ù+* ��,�- ñ�.+/ æ�¾¿�À.ÁDÂ@Ã�Ä#�0 � /21�ù~ð��354�1 �"½76 �'�)�

Þ�Ð.ÂMÄ�ß�Ð�Ñ Ò$Ó�ÅÚ�Ä3Â Û�ÜIÍÙ ñ�8�9 ë � ¾�:.è@ý�þ ë�;�< ñ�=>�� ¾�? @�A�B�Ý�C#D��æ * �� è¿�À.Á�Â@Ã�Ä�ë�E.î@Ý � �� ñ'F�GÔ æ *+H#I Û2J+K�Á�ë�å"Ó0Ä)Û Ð�ãð � 6 ñ ¿�L�M.è�â�Ð�ã Ô�N ¹)I+OåMã ë�P�î"¾"Å�Q@Ù ñ�RTS : ��U�Vë�W ðIù�* ¾"Å *�3�X Å�ë'A /Y æî 1�Z æT6 ��Y�[\�à�áDâ�Ð�ã>ÂDä�å�Á"Ó Û H#I ÛJ�K�Á� N ¹�I+O åMã>ë+] ��^ è_P * � 6 ñ÷�ø ð æ * » 3 è�`�a � ¾0æ ç Ô�b ;c�d ��Å 1��)�� ñ Red HatNetwork Ý ��Ô Ñ@Ä�ß�ü �!�e Ð\f@Äæ�çhg / Þ�Ð.Â@Ä�ß�Ð�Ñ ÒÓ H#I ÛJ+K�Á"ë+] ��i#j�� ¾"ÅÃ#k�l3Î[ßnmo�p Ô�q�r ë�s#t � ¾ X Åh�#u�Q ��

e Ð\f@Ä�v#<�ÆÈ (DoS=Denial ofService)

w x Æ�È�Ø � � Ù�y�z#:�z.è�»�¾�{ã�Ð�Í�Æ�ÈDÙ ñ+|2} Ô ~ ÄöÛ (

e Ð� Ð ñ ã�Ð��@Ð ñ Þ�Ð3ÂMÄ�ß�Ð.Ñ>ÒÓ*��1 g ) è F�G Ô æ *_� Ï�Ü�Û$ëh� ¾X Å@è"»�( ù��9 Ý��#� Ô �.Ü�ÛIÞMÐÂ0Ý e Ð � Ð Î H Ð�Ä�è�� ð[ù Æ�È>ë�� î ��)��X�1 è"»�6«À��0æ��DÐ� Ð"è�� ð[ù Î H Ð�Ä#�� ^ è�� "¿�� Åæ�6 ��

2000 �.è�� ð ��+� uÔ DoS(e Ð�f@Ä�v�< ) ��u��T�h��¼��.�1 � Ï�Ð�Ä�Å ðIù�ñ'�#�# �¡�¢ è�£ *�¤�9�e å~Û¦¥�§�ø#¨#©�ªÔ e å Û Ô * ¼Ií�g#�#� " ¿#�3è�æ6 �.ð � � £ � Ó õ¬«��®#�#¯ Ô ý

þ Ñ@Ä�ß�ü�z�°�ë�± *�² Ó#fÝ ñ Î³ å+´�Â Û .�1 �+µ �Ðöõ¬k+¶MÄöÛ· ÐöõMÅ ðIù��8�.'Y ¾ ping floodattack ��ø�¸ 1 �� u ��¹�º ñ�H Ð�Ä � Ï>Ü�Û»��¼#½ ( ¾�¿.èÀ µ �Ð)õ»kÁ¶�ÄöÛ )

.�1 ¾ Ô u ñ ÆÈ Ô�Â � Ô >�Ã ë�Ä#Å ¾ Ô Ù#Æ�Ç�u��iptables ë�± ")ð � å"Ó#{ ´0Ä I mã��3ÎMÓ#{ (IETF rfc2267) Ý snort æç Ô ��Ü"Û�Þ�Ð3Â IDS Ô £�ÈDæ�É�ÊÙ ñ' �! Ø.è�Å_( ù�o��.'1 � DoS(e Ð\f@Ä�v�< ) Æ�È ë�Ë�Ì ñ ;�< � ¾Ô è�Í�Î�Ï ��)�Ð Ð Ð

B-1. » » »D¼ ¼¼0½½½�¾¾¾¿¿ ¿�À ÀÀ"Á ÁÁDÂÂÂ@ÃÃÃ�ÄÄ Ä

102 Ñ Ñ Ñ#ÒÒÒ B. Ó Ó Ó Ô ÔÔ�Õ ÕÕ�ÖÖÖ'×××#ØØ Ø+Ù ÙÙ�Ú ÚÚ�ÛÛÛ#ÜÜÜ�ÝÝÝ2ÞÞ Þ�ßß ß

à áC.

â â âäãããæåå åèçççèéééèêê êìëëëí�î ï�ð�ñ�ò\ó'ô�õ\ö�÷\ó�ø�õ�ù\ú�ó

Red Hat Enterprise Linux û�ü)ý�þ�ÿ�� ñ �� õ�� û��2ÿ��+ý �� ï_ð�ò\ó /etc/services !"�#%$Áû'&�(�)�ý �*� IANA(Internet Assigned Numbers Authority) +�,�-�þ. ó Well Known /10'2�#436517�8 � õ��¬ï 91: �1�ò\ó<;�ï

URLñ => �2ÿ�?<@A-B� �

http://www.iana.org/assignments/port-numbers

CC C<DDDDFE4GIH�J�K�LNM�O4P QIRTS<UFVWQNXZY�VB[ZS4\^]<O�_�`�Q^acb�d1eTfBgIh

TCP\Z]<O

UDPd eZfBgjick�lmdn hToBGNH<J�K�\cp qIDFE�hFr�sZH�t%PcY�V%[ZS

/_�`1QIacb�O

TCP u UDPdwvFx iIk�lZy u hFz%{F\^p4q

ðC-1ò ó

IANA û}|�~�ÿ�,��-\þ ÿ��}��|��\û ó*� ?��+þ ÿ}�}� � õ��+÷�� ÿ ó FTPó

SSHó��

Samba� ü��6� ô õ ö�÷��ïTø !��$ � �� õ��A� ��ÿ Red Hat

Enterprise Linux û�|�~�ÿ �� -�þ�ÿ��+ý �*�

Port # / � � � � � � � �� ú ú ú*��1 tcpmux TCP port service multiplexer

5 rje Remote Job Entry

7 echo Echoô�õ\ö�÷

9 discard �� ÷��c� Nullô�õ\ö�÷

11 systat ��ÿ�� õ�� û � ��.4 ï'¡�÷ ��B¢�£ ô�õö�÷13 daytime ¤�¥W¦ ÷�� ûA§j¨ �<©�ªA��« �17 qotd ��ÿ��B¦ ÷�� û quote of the day

��« �18 msp Message Send Protocol

19 chargen Character Generationô õ\ö�÷\ó�¬)ú��®�÷ û�¯1° ï�÷��2õ ��± � « �

20 ftp-data FTPø�õA² � õ��

21 ftp FTP (File Transfer Protocol) � õ��'ó FSP (File ServiceProtocol)

ñ & ©�³j�� -'þ�ý �22 ssh SSH (Secure Shell)

ô õ\ö�÷23 telnet Telnet

ô�õ\ö�÷25 smtp SMTP (Simple Mail Transfer Protocol)

37 time Time Protocol

39 rlp Resource Location Protocol

42 nameserver Internet Name Service

104 ´ ´ ´1µµµ C. ¶ ¶ ¶1···¸¸ ¸ ¹ ¹¹ º ºº1»»»�¼¼¼

Port # / ½ ½ ½ ¾ ¾ ¾ ¿ ¿¿ À À À�Á ÁÁ'ÂÂÂ*¼¼¼43 nicname WHOIS Ã�ÄFÅ1Æ�¼4ÇTÈ»AÉ�Ê49 tacacs Terminal Access Controller Access Control

System Ë TCP/IP Ì»�Ê�Í Î�Ï�Ð�Ñ�Æ%Ò�Ê4Ó50 re-mail-ck Remote Mail Checking Protocol

53 domain ÔZÁ�Õ�Â1Ö%»�× È»AÉ�Ê (BIND ¹�Ø )

63 whois++ WHOIS++ Ë�Ù�Ú WHOIS È�»AÉ�Ê67 bootps BOOTP (Bootstrap Protocol) È»AÉ�ÊAË DHCP (Dynamic

Host Configuration Protocol) È�»'É�Ê�Û�ÜjÝ1Ó�Þ�ß�à�áAâ

68 bootpc BOOTP (Bootstrap) Æ�ã4Õ�Ñ�Â�¼<Ë DHCP (Dynamic HostControl Protocol) Û�ÜwÝ�Ó�Þ�ß�à<á�â

69 tftp TFTP (Trivial File Transfer Protocol)

70 gopher Gopher Õ�Â1ä�»'ÖAå�¼Iæ�ç�Í èé�ÐFê ë71 netrjs-1 Remote Job Service

72 netrjs-2 Remote Job Service



79 finger ì�» í» î�ï�Ó�Í finger È�»AÉ�Ê80 http WWW (World Wide Web) È�»AÉ�Ê Ó�Í HTTP (HyperText

Transfer Protocol)

88 kerberos Kerberos Ö'å�¼FðB»'Æ�Î�Ï�ñ�Ê�ò1×95 supdup Telnet ó�ô6¼�À<õ�Ù�Ú101 hostname SRI-NIC öAñ�Â�Í�÷4Ê�¼<Ö%»�×4È�»AÉ�Ê102/tcp iso-tsap ISODE (ISO Development environment) ÖAå�¼FðB»'Æ ÑBó

Ç�øB»Añ�ù<Â105 csnet-ns Á�»4õ'ú�å�Æ%ÊWÖ%»�× È�» û�»AË CSO Ö%»1×4È»1û1»1Û�Ü

Ý�Ó�Þ�ß�à<á107 rtelnet Remote Telnet

109 pop2 Post Office Protocol version 2

110 pop3 Post Office Protocol version 3

111 sunrpc Çjü1»�¼�À�öAÂ*Ôcý�þ�Ó�Í RPC (Remote ProcedureCall) ó�ô6¼�À�õ*Ë NFS (Network Filesystem) Û Ý1Ó�Þ�ß�ÿ

113 auth Î�Ï�� Ident ó�ô6¼<À�õ115 sftp SFTP (Secure File Transfer Protocol) È»AÉ�Ê117 uucp-path UUCP (Unix-to-Unix Copy Protocol) �Ê È�»AÉ�Ê119 nntp USENET Ã�Ä^Ê��6å%ñ�ù�Â1ñ�Ê1ò�×BÓ�Í NNTP (Network

News Transfer Protocol)

� � �� C. � � � �� 105

Port # / � � � � � �� 123 ntp NTP (Network Time Protocol)

137 netbios-ns Samba � Red Hat Enterprise Linux ��! NETBIOS" ��#$%��&('138 netbios-dgm Samba � Red Hat Enterprise Linux ��! NETBIOS) �+*�,.-/#$%�+&('139 netbios-ssn Samba � Red Hat Enterprise Linux ��

NETBIOS 02143!56��$%�+&('143 imap IMAP (Internet Message Access Protocol)

161 snmp SNMP (Simple Network Management Protocol)

162 snmptrap SNMP �%78�6-�1:9163 cmip-man CMIP (Common Management Information Protocol)

164 cmip-agent CMIP (Common Management Information Protocol)

174 mailq MAILQ ;�<.��=�>�?.@+A(�177 xdmcp X Display Manager Control Protocol (XDMCP)

178 nextstep NeXTStep window server

179 bgp Border Gateway Protocol

191 prospero Prospero B�C%7�DFE(G4=�$.�+&('194 irc IRC (Internet Relay Chat)

199 smux SNMP UNIX Multiplexer

201 at-rtmp AppleTalk routing

202 at-nbp AppleTalk name binding

204 at-echo AppleTalk echo

206 at-zis AppleTalk zone information

209 qmtp Quick Mail Transfer Protocol (QMTP)

210 z39.50 NISO Z39.50) �+*6H%��'

213 ipx IPX (Internetwork Packet Exchange) I Novell Netware JK ��%�%L4��!M�N� ) ��*,�-(#9%O2�P��=220 imap3 Internet Message Access Protocol version 3

245 link LINK / 3-DNS iQuery $.�+&('347 fatserv FATMEN DFE(G4=2QPR��9�7S�T�$.��U��363 rsvp_tunnel RSVP Tunnel

369 rpc2portmap Coda DFE/G4=!3('�R�#� ��8�WVX1ZY��370 codaauth2 Coda DFE/G4=!3('�R�#[�\�$%��&/'372 ulistproc UNIX LISTSERV

389 ldap LDAP (Lightweight Directory Access Protocol)

427 svrloc SLP (Service Location Protocol)

106 ] ] ]�^^^ C. _ _ _�```.aa ab bbc cc�dddfeee

Port # / g g g h h hi ii j j j�k kk�lll�eee434 mobileip-agent Mobile IP (Internet Protocol) m.d+n�o�l!e435 mobilip-mn Mobile IP (Internet Protocol) p�q(d+nr443 https HTTP (Secure Hypertext Transfer Protocol)

444 snpp Simple Network Paging Protocol

445 microsoft-ds TCP/IP s�t�u�v!w SMB(Server Message Block)

464 kpasswd Kerberos x.y{z|df}4~:��%d+�/y468 photuris Photuris �2�4�!�6l��%�%�2e�j��487 saft SAFT (Simple Asynchronous File Transfer) �F�2e6j��488 gss-http HTTP u%� GSS (Generic Security Services)

496 pim-rp-disc PIM (Protocol Independent Multicast) �%d+�(yu� RP-DISC (Rendezvous Point Discovery)

500 isakmp ISAKMP (Internet Security Association and KeyManagement Protocol)

535 iiop IIOP (Internet Inter-Orb Protocol)

538 gdomap GDOMAP (GNUstep Distributed Objects Mapper)

546 dhcpv6-client DHCP (Dynamic Host Configuration Protocol) version 6�.�� l�e547 dhcpv6-server DHCP (Dynamic Host Configuration Protocol) version 6

�%d+�(y554 rtsp RTSP (Real Time Stream Control Protocol)

563 nntps NNTPS (Network News Transport Protocol over SecureSockets Layer)

565 whoami whoami �%d��%d ID _��587 submission MSA (Mail Message Submission Agent)

610 npmp-local NPMP (Network Peripheral Management Protocol) ��d�� / DQS (Distributed Queueing System)

611 npmp-gui NPMP (Network Peripheral Management Protocol) GUI /DQS (Distributed Queueing System)

612 hmmp-ind HyperMedia Management Protocol (HMMP) �� /DQS

631 ipp IPP (Internet Printing Protocol)

636 ldaps Secure Sockets Layer s�t�u��:� Lightweight DirectoryAccess Protocol (LDAPS)

674 acap ACAP (Application Configuration Access Protocol)

694 ha-cluster ��u�� .� y��u%��.dfe6�(d�e��.d{�(y749 kerberos-adm Kerberos version 5 (v5) ’kadmin’ �d��¡%d�y��750 kerberos-iv Kerberos version 4 (v4) �%d��(y765 webster Network Dictionary

¢ ¢ ¢�££ £C. ¤ ¤ ¤¥ ¥¥�¦ ¦¦�§§§�¨¨¨�©© ©�ªªª 107

Port # / « « « ¬ ¬ ¬ ® ® ®�¯ ¯¯�°°°�ªªª767 phonebook Network Phonebook

873 rsync rsync ±F²(³(´�µ�¶�·%©�¸(¹992 telnets Secure Sockets Layer º�»�¼�½:¾ Telnet (TelnetS)

993 imaps Secure Sockets Layer º�»�¼�½:¾ Internet Message AccessProtocol (IMAPS)

994 ircs Secure Sockets Layer º�»�¼f½¿¾ Internet Relay Chat(IRCS)

995 pop3s Secure Sockets Layer º�»�¼�½:¾ Post Office Protocolversion 3 (POP3S)

À À ÀC-1. Well Known PortsÀ

C-2 Á+Â UNIX ÃÄ%Å�¨�©8ª�º�Æ¿¹ÈÇ%½:É+Â�Ê�Ë.¯�©�´.ÌÈÍZÎ�Ï�Â�Ð|Å�Ñ%Å|Ò%Ó�Å�·.©�¸(¹{º(Ô�Õ�©½Ö|×2Ø�Ù�Ú.Û2Ü�ª¿ÝFÓÈÖ(Þ{¾�¬{ ( ßXÂ [service]) ÁÈÂ(·�©!¸�¹!Ö|¾%Á%¤%¥{¦%§�à!³2Æ(á�¹.¼{Åâ ©�ã+°�¬%Ý×�Ø

Port # / « « « ¬ ¬ ¬ ® ® ®�¯ ¯¯�°°°�ªªª512/tcp exec Æ:ã�©8ªWäFå�æ�¹ç�è�¼%Å�Î�Ï512/udp biff [comsat] Asynchrous ¯�©�´�é.Ú�³�á%°!ª (biff) Ç:·%©+¸/¹ (comsat)

513/tcp login Remote Login (rlogin)

513/udp who [whod] whod Åê%©ë.©Få�ì+°�í â ©�ã+°514/tcp shell [cmd] å.í4§2½:Å2Æ¿ã�©8ª�î�ï6´ (rshell) Ç%Æ:ã�©fª�®ð(© (rcp)

514/udp syslog UNIX î(¹�ñ�òFå�ì+°í/·%©+¸(¹515 printer [spooler] Ú|³F°(ä2Æ4°�ó(© (lpr) ¹�ä�©+Ú517/udp talk Talk Æ:ã�©8ª�®/©´�·%©+¸/¹ÈÇ|é�Ú|³�áF°+ª518/udp ntalk Network talk (ntalk) Æ:ã�©fª�®(©´�·.©+¸(¹ÈÇ(é�Ú�³áF°

ª519 utime [unixtime] UNIX time (utime) äFå2ª6®�´520/tcp efs EFS (Extended Filename Server)

520/udp router [route,routed]

RIP (Routing Information Protocol)

521 ripng Ipv6 (Internet Protocol version 6) ¼.Å RoutingInformation Protocol

525 timed[timeserver]

Timeâ ©�ã+° (timed)

526/tcp tempo [newdate] Tempo

530/tcp courier [rpc] Courier RPC (Remote Procedure Call) äFå2ª�®6´531/tcp conference [chat] Internet Relay Chat

532 netnews Netnews ô{õ(©�¹{í/´%©�ä·.©+¸(¹

108 ö ö ö�÷÷÷ C. ø ø ø�ùùù.úú úû ûûü üü�ýýýfþþþ

Port # / ÿ ÿ ÿ � � �� þþþ533/udp netwall ��ý�� /ý��ý��þ�� Netwall

540/tcp uucp [uucpd] UNIX-to-UNIX ��(ý �%ý�!"�543/tcp klogin Kerberos version 5 (v5) #%$�ý8þ&�'�(��544/tcp kshell Kerberos version 5 (v5) #%$�ý8þ��) �*548 afpovertcp TCP (Transmission Control Protocol) +�,��.-&/ AFP

(Appletalk Filing Protocol)

556 remotefs[rfs_server, rfs]

Brunhoff’s RFS (Remote Filesystem)

0 0 0C-2. UNIX 1 1 1�2 22�� üüü�ýýýfþþ þ

0C-3 354�ü+ý þ76�89#:� þ7;<�=�>�?{÷<�@/@A5BDCÈþ:E�ýDFDG�H�Ifþ"JK L<�NM�O�P@QSR�TKUVIANA T:W�X�Y�Z�/�ü�ý8þ�+@#%�fþ:-:[]\K^

Port # / ÿ ÿ ÿ � � �� þþþ1080 socks SOCKS B�CFþ%E|ý�F�L _D#a`|ý��b��a_��:��]�.ý�!"�1236 bvcontrol

[rmtcfg]Gracilis Packeten B�CFþ7E4ý�F:��(KC&c��D#&$�ý8þed�f�%ý)g.ý a

1300 h323hostcallsc H.323 Q�h��M:O:P`|ý��Kb]� Host Call Secure

1433 ms-sql-s Microsoft SQL Server

1434 ms-sql-m Microsoft SQL Monitor

1494 ica Citrix ICA Client

1512 wins Microsoft Windows Internet Name Server

1524 ingreslock Ingres DBMS (Database Management System) lock �%ý!"�

1525 prospero-np Prospero ��i)j%ûN-1645 datametrics

[old-radius]Datametrics / k@l radius �K�!þ #

1646 sa-msg-port[oldradacct]

sa-msg-port / k�l radacct �K��þ #

1649 kermit Kermit I�m"(:*�n)oNG%p�q��.ý�!"�1701 l2tp [l2f] Layer 2 Tunneling Protocol (LT2P) / Layer 2 Forwarding

(L2F)

1718 h323gatedisc H.323 Q�h��M:O:P`|ý��Kb]� Gatekeeper Discovery

1719 h323gatestat H.323 Q�h��M:O:P`|ý��Kb]� Gatekeeper Status

1720 h323hostcall H.323 Q�h��M:O:P`|ý��Kb]� Host Call setup

1758 tftp-mcast Trivial FTP Multicast

1759/udp mtftp MTFTP (Multicast Trivial FTP)

1789 hello Hello *%ý�r�s�t_��Xþ��*

u u u)vv vC. w w w�x xx�y yy)zzz){{{)|| |5}}} 109

Port # / ~ ~ ~ � � �� <}}}1812 radius Radius ��)�:��K�%� ��N�"� ��K}e�|��"�1813 radius-acct Radius ��K}��)�1911 mtp Starlight Networks MTP (Multimedia Transport Protocol)

1985 hsrp Cisco Hot Standby Router Protocol

1986 licensedaemon Cisco License Management Daemon

1997 gdp-port Cisco GDP (Gateway Discovery Protocol)

2049 nfs [nfsd] NFS (Network File System)

2102 zephyr-srv Zephyr ��)�N�%��|��]�|)��|2103 zephyr-clt Zephyr �� )��K}2104 zephyr-hm Zephyr ��}��:|��2401 cvspserver CVS (Concurrent Versions System) �� )��K} / �|

��|�� N �¡�|�¢K£��2430/tcp venus Coda ¤�¥"�:�<¢"��¦�§�¨�� Venus ©@�<�:¢�ªa�@�:|

�� (codacon port)

2430/udp venus Coda ¤�¥"�:�<¢"��¦�§�¨�� Venus ©@�<�:¢�ªa�@�:|�� (callback/wbc interface)

2431/tcp venus-se Venus TCP (Transmission Control Protocol) side effects

2431/udp venus-se Venus UDP (User Datagram Protocol) side effects

2432/udp codasrv Coda ¤�¥"�:�<¢"��¦�§��|)��|�{�|.}2433/tcp codasrv-se Coda ¤�¥"�:�<¢"��¦�§ TCP side effect

2433/udp codasrv-se Coda ¤�¥"�"�K¢"��¦�§ UDP SFTP side effect

2600 hpstgmgr[zebrasrv]

Zebra routingb

2601 discp-client[zebra]

discp �� K}]« Zebra ¬)K¢�®��

2602 discp-server[ripd]

discp ��|)��|�« Routing Information Protocol ¯�|�°� (ripd)

2603 servicemeter[ripngd]

Service Meter « IPv6 ¨� RIP ¯�|�°��

2604 nsc-ccs [ospfd] NSC CCS « Open Shortest Path First ¯�|�°�� (ospfd)

2605 nsc-posa NSC POSA « Border Gateway Protocol ¯�|�°�� (bgpd)

2606 netmon [ospf6d] Dell Netmon « IPv6 ¯�|�°��¨� OSPF (ospf6d)

2809 corbaloc Common Object Request Broker Architecture (CORBA)�:|N±:�)²��|��"��³�¡�|�´

3130 icpv2 Internet Cache Protocol version 2 (v2); Squid proxy©@�<�:¢��²a�|)��|)µ�¶�¨

3306 mysql MySQL ¯)|�´�·|�� |��"�

110 ¸ ¸ ¸)¹¹¹ C. º º º)»»»�¼¼ ¼�½ ½½�¾ ¾¾)¿¿¿.ÀÀÀ

Port # / Á Á Á Â Â Â�Ã ÃÃ Ä Ä Ä�Å ÅÅ�ÆÆÆ<ÀÀÀ3346 trnsprntproxy Ç)È�ÉÊ�Ë�Ì�Í�Î4011 pxe PXE (Pre-execution Environment) Ï¿�Ð"Ñ4321 rwhois Remote Whois (rwhois) Ï¿�ÐaÑ4444 krb524 Kerberos version 5 (v5) ÒÔÓ version 4 (v4) Õ�Ê�Ö@×<Ø�À)ÀÙ Æ"Ñ�Ú"¿�Û5002 rfe RFE (Radio Free Ethernet) Ü�¿�Ý�Þ�Ü�ß�Ì ¿.àáÍ@â�Ñ�ã.Þ

Æ)ä�Î"Ñ�ã)å5308 cfengine æ�ç)èKÆ�é�Æ (Cfengine)

5999 cvsup [CVSup] CVSup ê�ë"ì"í�î�ïNð%ñ)ò�ó ¿�í6000/tcp x11 [X] X Window System Ï¿�Ð"Ñ7000 afs3-fileserver AFS (Andrew File System) ê�ëaì:í�Ï¿)ô�¿7001 afs3-callback Í�â<Ø:Î�õ"ö@÷:¿�é�â"Õ�Ê�Äa¿�í)ô5Øaø]ù AFS ¾)¿�À7002 afs3-prserver AFS ú¿�û�¿Ôð�äaí¿)Ë�Ý�¿�Û�ü�¿)Ñ7003 afs3-vlserver AFS ýKþ:õa¿�å�Ì�×�¿�ÎKÿ�Æ"Ý�¿@Û]ü¿�Ñ7004 afs3-kaserver AFS Kerberos ��Ï¿�Ð"Ñ7005 afs3-volser AFS ýKþ:õ"¿�å��Ï¿)ô�¿7006 afs3-errors AFS è Ù ¿��)Ï¿�Ð"Ñ7007 afs3-bos AFS basic overseer process

7008 afs3-update AFS server-to-server updater

7009 afs3-rmtsys AFS þ��¿�ÀáÍ�â<Ø:Î�õ"ö@÷:¿�é�â�Ï¿�Ð�Ñ9876 sd IP ö�íÖ��)¿�Ñ�À�Ä�Æ)ê�ë Ù ÆaÑ ùÊ� NØ"ÎKÿ7ÆaÝ Þ%Ú)ø

Û10080 amanda Amanda (Advanced Maryland Automatic Network Disk

Archiver) ô5Ø"ø��KØ&Ë�Ï¿�Ð"Ñ11371 pgpkeyserver PGP (Pretty Good Privacy) / GPG (GNU Privacy Guard)�� Ï¿�ô�¿11720 h323callsigalt H.323 Call Signal Alternate

13720 bprd Veritas NetBackup Request Daemon (bprd)

13721 bpdbm Veritas NetBackup Database Manager (bpdbm)

13722 bpjava-msvc Veritas NetBackup Java / Microsoft Visual C++ (MSVC)Ë�ÌNÀ�Ä�í

13724 vnetd Veritas ÷�ØÀ��¿�øaú�¿�ã Þ�þ%ã�Þ13782 bpcd Veritas NetBackup

13783 vopied Veritas VOPIE ��Ý�¿��Æ22273 wnn6 [wnn4] Ò�½ / ��KÎ"Ñ)ã�å c

26000 quake Quake ( �� Quake �� ) ö íÖ�Ë�Ú ì��¿ ��¿�å Ï�¿)ô)¿26208 wnn6-ds Wnn6 Ò�½�!��Ï¿)ô�¿

" " "�## #C. $ $ $�% %%�& &&�'''�(((�)) )+*** 111

Port # / , , , - - -�. .. / / /10 0032224***33434 traceroute Traceroute 5367*�89)3:;*1<36�=>2�?�@9)�AB�C

:a. /etc/services DFE�G>/�0>2;* : " (�)H* 1236 I ‘bvcontrol’ J�K�L�M #;N1O L7P�Q1RS>T

Gracilis Packeten UWV�)X*ZY�[�\�)�]^)7_�`�abL;cWd�e N1O Q1R>f1g�h�-�I�ijJ�'>k�-�. _ Tl M # G�-�.;m1n3o;Uqp�rFJ^KsL C�t4NqO L^P7QqR;f "b. /etc/services DFE�G>/�0>2;* : " (�)H*Zu�v 2600 DFE 2606 G�(�)X*wI T M # 'xK�y zebraz 6b{9)>|by�d�e N1O Q1R;fqiFJq'3kq-�.�I9M # -xJ�'x} T zebra y�d�e N1O k l M # G�-�.�I�n7oU1p�rFJ�KWL C�t;N1O L7P7QqR>f "c. /etc/services DFE�G>/�0>2;* : " ~�G�(�)X*wI wnn6 J^K�L�M #;NqO L7P7Q1RS>T

FreeWnnz 61{9)>|�I l M # G�-�. ’wnn4’ mqd�eHK�L7P�Q1R;f "� � �

C-3. M M M # # # ( ( (�)))H***�

C-4 y�I T AppleTalk 5;63*18�)4:�� y�d7e N�O L3P>k DDP (Detagram Delivery Protocol) �^� G(�)H*1m3U�rX*9K�L7P7Q1R>f

Port # / , , , - - -�. .. / / /10 0032224***1/ddp rtmp Routing Table Management Protocol

2/ddp nbp Name Binding Protocol

4/ddp echo AppleTalk Echo Protocol

6/ddp zip Zone Information Protocol� � �C-4. Datagram Deliver Protocol ( ( (�) ))H***�

C-5 I T Kerberos 546 *q8�)>:��7�x*q/1A��G�(�)X*1m1$��3_;K�L7P7QqR;f v5 J1'4a�L P kJ�~��I T Kerberos ]�)4|F�b2 5 � �+*b/bAFmb�XK9QbRFf�~ O E1G�(�)�*wI IANA y�M #FNbO L P�'P�G�y B�� K�L;�q� N P7f

Port # / , , , - - -�. .. / / /10 0032224***751 kerberos_master Kerberos ��752 passwd_server Kerberos Password (kpasswd) \�)�]�)754 krb5_prop Kerberos v5 r3��)7��7� z3� )>�;�q2760 krbupdate [kreg] Kerberos M #1109 kpop KPOP (Kerberos Post Office Protocol)

2053 knetd Kerberos de-multiplexor

2105 eklogin Kerberos v5 ��v��HU�V�)H*��?�o72 (rlogin)� � �C-5. Kerberos (Project Athena/MIT) ( ( (�) ))+***�

C-6 I l M # (�)X*wG�$��^y�R;f�~ O EqI Red Hat Enterprise Linux ��r��3_�o72brX*w)�AHKWL� k��7� S3� k�\3);��rxJ1�3�+*b/�A T Q��^I Red Hat Enterprise Linux �9r7��xJq� G7�� j�9)��¡�2�?^��r��¢�G�£�¤7_�¥�¦jJ�'>k�\^)>�1rFJ��7�F*1/qA^y�d�e NqO k1(�)H*wy9R;f

Port # / , , , - - -�. .. / / /10 0032224***15/tcp netstat Network Status (netstat)

112 § § §�¨¨¨ C. © © ©�ªªª^«« «�¬ ¬¬� �®®®H¯¯¯

Port # / ° ° ° ± ± ±�² ²² ³ ³ ³1´ ´´3µµµ4¯¯¯98/tcp linuxconf Linuxconf Linux ¶�·3¸�®�¹106 poppassd POPPASSD(Post Office Protocol Password change º�®�»

µ )

465/tcp smtps Secure Sockets Layer ¼1½�¾+¿�À Simple Mail TransferProtocol (SMTPS)

616/tcp gii Gated (routing daemon) Interactive Interface

808 omirr [omirrd] Online Mirror (Omirr) Á7Â�Ã�¹+Ä�Å�®xÆ�µ�ÇbÈ�®3É1Ê871/tcp supfileserv SUP (Software Upgrade Protocol) È�®�Ë�®901/tcp swat SWAT (Samba Web Administration Tool)

953 rndc BIND 9 (Berkeley Internet Name Domain Ë�®>Ì;Í1µ 9) Æ»�®X¯ZÎ�Ï ¸�®�¹

1127/tcp supfiledbg SUP (Software Upgrade Protocol) º�ËxÐ�Ç1178/tcp skkserv SKK (Simple Kana to Kanji) Ñ�Ò�Ó�Ô�Õ�È�®�Ë^®1313/tcp xtel Ö�Ó Minitel ×�Ø�ÊH¯ZÙ�Ú;Û�Ê�×�Ü1529/tcp support [prmsd,

gnatsd]GNATS Ë>ÇbÝ�Þ;Û�Ê�×�Ü

2003/tcp cfinger GNU finger

2150 ninstall Network Installation Service

2988 afbackup afbackup ß^Å�Ã�à�µ;¯;áâÈ�®�Ë^®�Ë+Ð1ß�à4Ð�ã Û�Ê�×�Ü3128/tcp squid Squid Web ã7ä�Ø>ÛbØ å4Ð�Û�æ3455 prsvp RSVP �®X¯5432 postgres PostgreSQL º�®3ç1è�®�Ê4557/tcp fax FAX ¯1Å�µ�ÊxÄ�Ð�Û;Í1µ1È^®>É�Ê ( é9È�®>ÉbÊ )

4559/tcp hylafax HylaFAX ß^Å�Ã�à�µ;¯;áâÈêáâËëáìã�äj¯q³1¹ ( í�ÈîáZÉbÊ )

5232 sgi-dgl SGI Distributed Graphics Library

5354 noclog NOCOL network operation center logging daemon(noclogd)

5355 hostmon NOCOL network operation center host monitoring

5680/tcp canna Canna Ñ�Ò�Ó�ï�ð�Ô�Õ�Ã7µ�ç�®>Á�ñ�®�Ê6010/tcp x11-ssh-offset SSH (Secure Shell) X11 forwarding offset

6667 ircd ircd (Internet Relay Chat º�®�»3µ )

7100/tcp xfs XFS (X Font Server)

7666/tcp tircproxy Tircproxy IRC ã7ä9Ø>Û1È�®�Ë�®8008 http-alt HTTP (Hypertext Tranfer Protocol) ò�ó�ô8080 webcache WWW (World Wide Web) Ø å4Ð�Û�µ�ÇbÈêáõÉ�Ê8081 tproxy Transparent Proxy

ö ö ö�÷÷ ÷C. ø ø ø�ù ùù�ú úú�ûûû�üüü�ýý ý+þþþ 113

Port # / ÿ ÿ ÿ � � �� 4þþþ9100/tcp jetdirect [laserjet,

hplj]Hewlett-Packard (HP) JetDirect �7þ��

9359 mandelspawn[mandelbrot]

X Window � ��! Parallel Mandelbrot spawning "#!$&% �10081 kamanda Kerberos '�( �*)�+ Amanda ,*-��./0"�� 10082/tcp amandaidx Amanda 12�-34-� � ��ý�,^ý10083/tcp amidxtape Amanda � ý�"��ý�,�ý20011 isdnlog ISDN (Integrated Systems Digital Network) #�5 � $ � ��20012 vboxd ISDN voice box daemon (vboxd)

22305/tcp wnn4_Kr kWnn 6!7�8�9!:� ��22289/tcp wnn4_Cn cWnn ;�7�8�9!:�� 22321/tcp wnn4_Tw tWnn ;�7�8�9!:�� ( <�= )

24554 binkp Binkley TCP/IP Fidonet �> % 3? A@��27374 asp Address Search Protocol

60177 tfido Ifmail FidoNet B�C!�? % �� 60179 fido FidoNet D�E!�? GF4H�IKJL � ��þM�L N�O O OC-6. P P P�Q QQ ÷ ÷ ÷ ü ü ü�ýýýHþþ þ

114 R R R�SSS C. T T T�UUU&VV V�W WW�X XX�YYY[ZZZ

\ \ \^]]]

__ _[`` `802.11x, 94a�b�c�d�egf2h

, 94i&jlk�m, inof�p�erqosut�v-w&x�yuzK{

, i|�}�~��, i� t

Red Hat Enterprise Linuxv-w�x

, i��0�� rbo��a��, 99�

, 99w��u��|�y��o�o� �, 90w��u��|��r�o��r�

��N��o��t��, 86w��u��|�y��o��

, 90� ��}odr�� ¡�¢��r�o��r��£��¤ (CERT), 86¥�¦ �oy�§ �, 85eu¨r�o��t�©-ª�a-eNnM«Ke

, 89¬o, 87®o¯, 87°o± y�²�³o� �

ddy�zoó� �

, 87µo¶� tM·o��y�²o³�� , 88¸�¹

, 85ºo», 87¼o½, 85w��u��|��r�o��r�M¾�¿

, 85ÀowrÁ��|NÂ�w0tMÃ�Ä

, 4� ¦ ~gno�Å ¦ ~��rÆ!~�|ÇÆ!~Nno�

, 7¼o½, 7È �r�MÆ!~-|AÆ2~gno�

( É�Ê =>Æ2~gn��

)� Â�Ë0��Ì��Í��Îr� , 96� ��}odu�� ¡�¢��u��r��£��¤ , 86Í��o«��ob�c�d�egf2hApache HTTP

Í��o«��, 44

cgiboc�d�eNf2hÇ�

, 45�Kh��o�rf2h Å, 44

FTP, 45TCP

¦ ~lÏ��a, 47

vsftpd, 45È eg��f2h�� È «�Ðo�, 45Ñ ��Ò-� � nÓÀ��| , 47ÔMÕ�� rbo�

, 46ÔMÕ�� ~ ¥ Â��2x, 46

NFS, 43Ö ~�|�×0�Ó�uØo¾, 43Ù�ÚoÛ ¦ �

, 43NIS, 41

IPTables, 42Kerberos, 43NIS

xÇÜ-w-� Õ, 41

securenets, 42

Ö ~�|�×0��¾o¿, 41Ý�Þ ��2|

, 42portmap, 40Sendmail, 47

DoSt�ß-à

, 47aNFS, 48

TCP¦ ~lÏ��

, 37«�Ðo�, 37Â0á�� È

, 38�o�oâ��, 38

xinetd, 39SENSOR trap, 39ãoä a�t�Í-��Îu�Måoæ��o�Óç�æ

, 39ãoä a�t&erü�o�Mèoé, 39��2|

êoë, 48ì�í

, 37Í-��Îu�, 48Í-��Îu�MØ ¼�î ��Á

, 33Í-��Îu�Måoæ��o�(DoS)ï�ºoð�ñoò

, 4Í Å �Ó��e ¥ ��Ì��rt�ó�ô, vÍ Å �Ó��e ¥ ��Ì��y � �0f�h Å mu� �

, vÍ Å �Ó��e ¥ ��Ì��y�ó�ô�� , vb�c�d�eNf2h�m0õ-ö ��÷�ø�¬�ù

Ö ~�|�×0�Ó�uúoû, 94Æ��2x�À�ü �

, 93×�wuý��u�, 94þ é Þ�ÿÓÖ ~-|N×��Ó�

, 93b�c�d�eNf2h Û ¦ �� , 13

Red Hat Network �� , 13Red Hat

t Û ¦ �� MÀ�ü Å Í�w&| �� , 14e Å �K| � � �w��u� È, 16�� yoó� �

, 16b�c�d�eNf2h ìoí, 1À�wuÁ-�

, 4� �o}�du�� rboc�d�egf�hÇt�� , 1� �o}�du�� rboc�d�egf�h�y ¼�½ � � , 1Í-��Îr��åoæ��o�(DoS), 4��¼

, 6ß��( É�Ê =>

ß��)Ö ~�|N×��Ó�

, 93DMZ (de-militarized zones), 96a�boc�d�egfKh

, 93�Ów�~N£, 94b È Ü��ufo��Ì��

, 96Æ Å, 94×�wuý��u�

, 94Ö ~�|N×��Ó�uÍ��Îr�, 32«2~��t��M«��ÂM�

ExecShield, 33��, 32Í��Îr��å�æ

, 32�Ó��e ¥ |lt�� , 32«!~��t��o�M«��oÂ0�

, 32

116

��! #"�$�%�&, 33')(�*,+.-�/�*10�2�3

, 934�5 - , 936!798;: 4 , 936�<�=, 93> -@?,A�B 8 , 93CED�F�G)6!H�I

, 96J - :, 96K -@*,L�(/

PC, 96+.-�/ 4 H -�M�N <, 96> (,O�-

=�P - > (�* , 7L�Q)(/ > (�*( R�S =>

/�Q�(,O�-)T +�UV* > (�* , 7$�W

, 7> (,O�-�X#Y�Z , 7[ 4 +.-�?\�])^.X

, 24[ 4 +.-�?1X D�F�G�6,H@I , 21_ -)3 <�= , 25`�a)b.-#c, 25

Crack, 25John the Ripper, 25Slurpie, 25\�]�d

, 24e�fPAM, 24g�h�i [ 4 +.-@? , 22j�k, 24l�m, 24[ 4 +.-�? _ -)3 <#= , 25n�o U 8 A�pE-#c , 59

iptables, 60q X#r�X 6�s - 4 , 664 H -�* n c , 655 U�t , 59[ - s�u c, 350 6 M�-

, 61e�fconnection tracking , 65e�f A I c 4 , 65n�o U 8 A�pE-#c�X 5 U�t , 59

NAT (Network Address Translation), 59[9v (�* n I c 5 , 59t�2 F M, 59n�o U�c�`�a

b.-#c, 88L.-@*,2.-9w

GRUB[ 4 +�-�?yx�z , 20D�F)G�6,H�I, 20L�Q)(/ > (�* > (!O�-

( R�S =>/�Q�(,O�-

)T +�UV* > (�* > (!O�-( R�S => > (!O�- )0�-@*{�|�} i , 103

`�~, 486;s - 4 X��9� C�6 O :�6

, 89M 4 H�� [ (!�)�� & , 90M 4 H�� E�)U < 4 *�-�c�%V& , 90+�-9/ 4 H -)M�N <;D�F)G)6�H�I , 19BIOS, 19L�-�*�2.-�w[ 4 +�-�? , 20��%�&BIOS, 19[ - s;u c n�o U 8 A)pE-�c , 19[ 4 +�-�? , 19L.-�*�2.-9w

, 19��Z��, 19��

, 19+�U�� P 4 X D�F�G)6!H@I , 94802.11x, 94{�|�} i�0�-@*�

, 103��, 1�� -�t < 0�-@*

, 8J - : -, 8��i#��Z��

, 9'�(�*�+.-9/, 88 - F�H /.��

, 8[ (!� C _ Q;- 5 , 9+�-9/ 4 H -)M�N <�C PC, 10, 108 t 6 v -)M�N <, 10�� $�i J -)� 4

, 9�� ¡�¢�£�M 4 H��( R�S => BIOS)¤�¥�� C ��#�

, 7¦�§( R�S =>

D�F)G�6!H@I _ Q�- 5 )¨�©, 87ª�«��E¬��%�&

( R�S =>U < M�® < * P 4 0 < 4 )n�o U;c�`�a)b.-#c , 88

dd, 88file, 88find, 88grep, 88md5sum, 88script, 87stat, 88strings, 88¯�¡�°�±�M 4 H�� , 79

RPM[ ( v -�3;²9';-)3��

(RPM), 80Tripwire, 80C 2 = n�o U;c , 805 U.t , 79'�(�*�+.-9/�³�- 4 , 82

Snort, 84T 4 *´³�- 4, 80µ�$�%�&

, 79

117

¶�·, 5¸�¹

, 6º�»�¼, 6½�¹ ¼, 5¾�¿�À

Nessus ÁEÂ�Ã;Ä�Å�Æ�Ç�È , 74Nikto ÁÂ�Ã�Ä#Å�Æ�Ç�È , 74Nmap ÁÂ�Ã�Ä#Å�Æ�Ç�È , 73VLAD the Scanner ÁEÂ�Ã�Ä#Å�Æ�Ç�È , 75Å�Æ , 71É�Ê�Ë Ç�È , 72Ì Æ�Ç�È , 72Í�Î ÁÏ�Ð�Ç�È , 73Ñ�Ò)Ó.Ô�ÕÖ�×)Ø�Ù�Ú

, 36GPG, 36OpenSSH, 36Ñ�Ò�Û�Ô Ë

, 103Ü�Ý�Þ�ßà�á

, iiâ�ã Æ Ú�ä Ô�å Ê , 34rsh, 35Telnet, 35vsftpd, 35ß�æ�ç�è�é#ê

, 86

AApache HTTP

ä Ô�ë�ÔcgiÖ�×�Ø)ì!É@í Ô

, 45î íï#ð.É�í,ñ, 44ò�ó

, 44

BBIOS

x86 ô�õ è�ö�÷ Ç�È�ø èù�Ê�ú Ô�û, 20Ö�×)Ø�ì,É�í

, 19ù�Ê�ú Ô�û, 19

Ccupsd, 33

Ddd ü�ý�þ

Áÿ��Ç�È , 87ÁEÂ�� Õ�� Å , 88

Demilitarized Zone ( �� ), 64DMZ

( �� => Demilitarized Zone ( �� ))( �� => networks)

EEFI �� ÕÖ�×�Ø)ì!É�í

ù�Ê�ú Ô�û, 20

FfileÁÂ�� Õ�� Å , 88

findÁÂ�� Õ�� Å , 88

FTPTCP �� ù Ô � , 47vsftpd, 45! ì Ô É�í#" !�ë�$�Ô

, 45% Ô'&�Ô Ù (*)�"�Ë , 47ò�ó, 45+-, Ù�ð;Ö�Ê

, 46+-, Ù ��.�/ Ô�û , 46

GgrepÁÂ�� Õ�� Å , 88

IIDS

( �� => 0�1�2�3 � Ê�É�4 )ip6tables, 66IPsec, 51� "�Ê@Ë Ô�Õ Ç�È , 525 � Ë�ú Ô ð 6 , 567 Ê�Ë86

, 529 Æ , 567 Ê�Ë86, 52:�;

(phases), 52iptables, 60

chains, 61FORWARD, 63INPUT, 62OUTPUT, 62POSTROUTING, 63PREROUTING, 64, 64

connection tracking, 65Ê�É Ô Ë, 65< è'=�è ì?> Ô Ê

, 66�DMZs, 64Ê�É Ô Ë � Õ � ";Ê'@)ð � A " , 65Ê�É Ô Ë

, 65Û ì � Ô , 61Õ�Ô�Õ, 61

118

NAT, 63, 64B*C D�E�F#G�H, 63I�J�K�L , 62M�N

, 61O�P, 61Q�R�STFVU�W

, 65X�Y, 60

KKerberos

NIS, 43

Llpd, 33lsof, 48

Mmd5sumZ X�[�\�]^�_ ` U�a�b

, 88

NNAT

( c�d => Network Address Translation)Nessus, 74Netfilter, 60e f-g�fih?j?D�W

, 66Netfilter 6, 66netstat, 48Network Address Translation, 63

iptablesZ X�[

, 63NFS, 43k

Sendmail, 48l�m�n C'D*oqp�r, 43s�t�u v D

, 43Nikto, 74NIS

IPTables, 42Kerberos, 43NIS w8x ` G#y , 41securenets, 42l�m�n C'D*oqr�z

, 41{�|, 41}�~�� D n

, 42nmap, 48, 73�?� G w v'` G?��D�� ?G , 73

OOpenSSH, 36

scp, 36sftp, 36ssh, 36

PPAM (pluggable authentication modules)�� W�C'D w f'�� , 24portmap, 33k

IPTables, 40kTCP

vm�� D, 40

Rroot, 27� o��W Z#��

, 27� o��W Zq��, 27� o��W Z#��'��, 30k

su, 30ksudo, 31� D'��D � l D�-� Z X � � , 30X�[ ��?��#��

, 27PAM � , 29root �� U

Z#¡�¢��, 29

SSH £ H ` GZ X�[ ��

, 29root � D'��D

( c�d => root)RPM

GPG ¤Z ` G � D n ��

, 14k¦¥�§�¨�©, 80ª y ��m#« D��?f-¨�¬

, 14, 15

Ssendmail, 33

DoSf ��

, 47kNFS, 48{�|

, 47Snort, 84sshd, 33statZ X�[�\�]^�_�` U�a�b

, 88stringsZ X�[�\�]^�_�` U�a�b

, 88su k

root, 30sudok

root, 31

119

TTCP ®8¯�°±

FTP, 47±portmap, 40²�³ ° , 37´ µ�¶-· , 38¸�¹�º�»

, 38Tripwire, 80

VVLAD ¼�½*¾ ³ ° , 75VPN, 51VPN (Virtual Private Network), 51

IPsec, 51¿ ¶ ¼�ÀÁ°'Â�Ã Ä , 52Å ¼�À8Æ , 52Ç�È, 56

WWi-Fi É�®�À¦Ê °Ë

( Ì�Í => 802.11x)

Xxinetd, 33

SENSOR trap, 39Î�Ï ±#Ð-Ñ °Ò�¼'Ó�Ô ¸�¹�Õ Ô , 39Î�Ï ±#ÐiÖ?× °�¼'Ø�Ù , 39

Ú Ú ÚÜÛÛÛÞÝÝ Ýàßßß

áiâiãåä?æDocBook SGML v4.1 ç�èié êië ìîí�ï�ð�ñóò HTML ôåõ PDF ô æTö�÷ùø�ú DSSSL

÷ûø�ãüóý�þ ÿ õ öT÷ûø�ú jade wrapper

÷ �� ÿ�� í� ��ìií�ï�ð�ñóò DocBook SGML �� ã üæ��PSGML � þ ä�� í � Emacs é êië ìîí�ï�ð�ñóò

Garrett LeSage �� "!�# ��$"% �'& � ÷ �)( � ð ��* ( +�, �-�. ÿ �0/1�� +�2 �03�4�56 ) ò7ì98 æ':<;�= Red Hat

� ä�>�?<@�. ÿ õBA�C = �� ñ�D�7îõ)�TéFETð�ñ òRed Hat

(�G ä�>�?<@�. ÿ�HTþ úTæJI�K"�@�.ML þ ëN8�O��ìTí�ïið�ñ òSandra A. Moore — Red Hat Enterprise Linux

ãP. ÷ ÿ þ ü â ã ä-

x86�

Itanium™�

AMD64�

Intel® Extended Memory 64 Technology (Intel® EM64T)��Q�RS%�ã

ø þ/ TVU�W � Red Hat Enterprise Linux

ã�.÷ ÿ'þTü âûã ä- IBM® POWER Architecture

��QVRX%ãùø þ

/ TVUFW � Red Hat Enterprise Linuxã�.�÷ ÿ-þîü âùã ä

- IBM® S/390® õ IBM® eServer™zSeries® Architecture

�YQ�RN%�ã�ø þ/ T�UW

John Ha — Red Hat� %T÷ ø�÷ & þ ÿ � %�÷ ø�FZF[ õ<TFU �VQ�R\%�ã ø þ / T�U�W � Red Hat

Enterprise Linux ] >�? �)^ & â�ã äF�_�`�% ã�ø þ /_�` T"U"W �*öî÷ ø*ú DocBook

÷ ø ã ü ý*þÿ õ ÷ �� ÿ � T�U�WEdward C. Bailey — Red Hat Enterprise Linux

ý ÷ ^ ú T�U�a'b â ã äc��Q�RS%�ã ø þ / T�UW � �N� þ ÷Sd þ ÿ ��QNRe%ûã ø þ / TNU'W � Red Hat Enterprise Linux

ã9.i÷ ÿ*þùü âåã ä-

x86�

Itanium™�

AMD64�

Intel® Extended Memory 64 Technology (Intel® EM64T)��fN%ã�ø þ

Karsten Wade — Red Hat SELinux g �\�ih þóýXj .Jk�l�âûã äV�"Q�RX%�ãûø þ / T�U�W � Red HatSELinux m � ý�þ %�ã ^ & .$*â�ã ä��Q�RN%ã�ø þ / T�U�WAndrius Benokraitis — Red Hat Enterprise Linux

� �F��n .*÷îâ�ã ä��Q"R'% ã�ø þ / T"U"W � RedHat Enterprise Linux ] >�? �)^ & â�ã ä�_�`�% ã�ø þ /

_�` T�U�W � Red Hat Enterprise Linuxý

÷ ^ ú T�U â�ã ä"�Y��fN%�ã�ø þPaul Kennedy — Red Hat GFS T"U"o â�ã ä��Q"R'% ã�ø þ / T"U"W � Red Hat

� %*÷ ø*÷ & þ ÿ �%�÷ûø<��Z�[ õBT�U ��fN%�ãiø þMark Johnson — Red Hat Enterprise Linux p ÷ � ÿJq � ��Z�[ õ�T�U âiã ä��QRN%�ã�ø þ / T�U�WMelissa Goldin — Red Hat Enterprise Linux

÷ ^ q � L�ã�÷ ^ q � â�ãåäY��Q�RN%�ãiø þ/ TU�W

Red Hat r þ ö�%�ãYs þûýNj . HTþ úTæYIK"��@F.ML þ ë�8BO��ìîíiïið�ñùòAmanpreet Singh Alam — t .�uYvwix�y�zJean-Paul Aubry — � %.�÷�x�y�zDavid Barzilay —

w�%�u ü�{ m ü ÿ â ü xy�zRuna Bhattacharjee — | .�â ü x�y�zChester Cheng ( }�~ ) — ~Y� x�yz ( �� )

Verena Fuehrer —ä ã��ix�y�z

Kiyoto James Hashida ( ��i��W ) — � áx�y�zN. Jayaradha —

ø�� ü x�yzMichelle Jiyeen Kim — �� x�y�zYelitza Louze —

÷Y�ûãV.�x�yzNoriko Mizumoto ( � á�� ) — � á�xy�zAnkitkumar Rameshchandra Patel —

$"u�v�% þ ÿ x�y�zRajesh Ranjan —

-�. pS& þ x�y�zNadine Richter —

ä'ã�ix�y�z

122

Audrey Simons — ��M��Francesco Valente — �V��0�i��Sarah Saiying Wang ( �� ) — �Y�� ( �� )

Ben Hung-Pin Wu ( �¡�¢ ) — �Y�� ( £�� )

red hat enterprise linux 4 - mitweb.mit.edu/rhel-doc/4/rh-docs/pdf/rhel-sg-ja.pdf · 2004-12-08 ·...

Documents