tinjauan tentang buffer overflow dan denial of service attack

7/31/2019 TINJAUAN TENTANG BUFFER OVERFLOW DAN DENIAL OF SERVICE ATTACK

1/71

PJGKLULG PEGPLGC DUAAET IQETAHIS @LG

@EGJLH IA ^ETQJNE LPPLNM

Pucl~ Lmfjt

Retmuhjlflg Melolglg Kltjgclg Jgaitol~j &EJ/32


2/71


3/71

Meolglg Kltjgclg

`'0 TLO &Tlg`io Lnne~~ Oeoitz*

`'5 Jgep`

e' Nltl Reglgccuhlgclg

JJJ' REGUPUR

@LAPLT RU^PLML

HLORTLG/HLORJTLG

Hlorjtlg < NETP L`qj~itz NL/


4/71

Meolglg Kltjgclg

J' Ld~ptlm

Mepjml ~edulf miorupet petfudugc me `lhlo ~edulf kltjgclg miorupet dljm ~enltl himlh

olurug jgpetgep( olml ~lhlf ~lpu zlgc fltu~ `jretflpjmlg l`lhlf melolglg `ltj miorupet

~etqet' êhljg jpu miorupet zlgc petfudugc ègclg ~etqet kucl fltu~ oegkl`j retflpjlg mjpl'

Retplgzllggzl lrl zlgc oegkl`j clgcculg pet~edup9 Dlgzlm zlgc oegklsldgzl Flnmet hlf

zlgc oegcclgccu ~j~peo kltjgclg mjpl' Rl`lflh ougcmjg mltegl flgzl mepj`lm ~egclkllg

reclslj lplu duc rl`l ~j~peo iretl~j `lg lrhjml~j( `lrlp oegkl`j degnlgl dlcj kltjgclg

miorupet mjpl'

êolmjg oegjgcmlpgzl regccugllg kltjgclg miorupet èsl~l jgj( ~eolmjg oegjgcmlp

ruhl ~etlgclg petfl`lr miorupet' Dedetlrl `jlgpltlgzl `jmeglh ~edlclj Duaaet Iqetahis `lg

@egjlh ia êtqj~ Lpplnm'

Duaaet iqetahis oeojhjmj ltpj ~ulpu mel`llg `j olgl `lpl zlgc `jj~jmlg me ~ulpu duaaet

oeorugzlj umutlg zlgc hedjf de~lt `jdlg`jgcmlg umutlg duaaet jpu ~eg`jtj' Dlflzl zlgc

`jpjoduhmlggzl lgpltl hljg oeoitj oegkl`j reguf zlgc lmfjtgzl detfegpj ~emepjml( rtictlo

zlgc `jklhlgmlg oegkl`j pj`lm gitolh( ml`lgc/ml`lgc ku~ptu `lpl/`lpl oegkl`j fjhlgc mltegl

oeoitj oegkl`j reguf

@egjlh/ia/~etqjne oeturlmlg ~etlgclg ègclg `jplg`lj ihef ~ulpu u~lfl zlgc em~rhj~jp

`ltj regzetlgc ugpum oegneclf rltl reolmlj zlgc ~lf oegccuglmlg kl~l rehlzlglg kltjgclg'

êtlgclg @egjlh/Ia/êtqjne uplolgzl detpukulg oehuorufmlg miorupet lplu kltjgclg'

0


5/71

Meolglg Kltjgclg

J' Reg`lfuhulg

Jgìge~jl petgzlpl pj`lm flgzl `jmlpecitjmlg ~edlclj ~lhlf ~lpu gecltl petmitur `j ùgjl'

@lhlo ~ilh meklflplg ùgjl olzl &nzdet ntjoe*( Jgìge~jl kucl oegeorlpj retjgcmlp petlpl~'

Jtigj~gzl( `ltj ~ecj regeptl~j jgpetgep( Jgìge~jl petol~um mlpecitj peteg`lf'

Det`l~ltmlg hlritlg Aeètlh Dutelu ia Jgqe~pjclpjig &ADJ*/ itclgj~l~j jgpehjkeg te~oj

Loetjml êtjmlp( Jgìge~jl flgzl mlhlf `ltj Umtljgl `lhlo ~ilh meklflplg ùgjl olzl'

L`l ùl oiù~ meklflplg ùgjl olzl zlgc rlhjgc ~etjgc `jhlmumlg l`lhlf nlt`jgclplu

oeolh~umlg gioit mltpu mte`jp itlgc hljg ugpum oeg`lplgcmlg detdlclj rtiùm mioet~jlh

zlgc `jretkulh dehjmlg heslp jgpetgep' Oiù~ me ùl l`lhlf ntlnmjgc lplu

oetu~lm)oegclnlumlg kltjgclg miorupet rjflm hljg'

Oegutup Ru~lp Miit`jgl~j NETP zlgc ouhlj detiretl~j plfug


6/71

Meolglg Kltjgclg

Clodlt < Ctlajm retpuoduflg ^etlgclg Melolglg

^ehlol lmfjt plfug


7/71

Meolglg Kltjgclg

regzu~ur zlgc oeojhjmj meolorulg zlgc teg`lf lmlg hehul~l `lg olmjg eaempja oehlmumlg

regzu~urlg( `j~edldmlg regzu~ur zlgc detregclhlolg oeodlcjmlg regceplfulggzl merl`l

regzu~ur ègclg regceplfulg zlgc teg`lf'

@lpl) jgaitol~j `j etl jgaitol~j ~eretpj ~emltlgc jgj( ~u`lf oegkl`j ~ulpu l~ep zlgc

~lgclp detfltcl' Dlfmlg dj~l `jmlplmlg ~lgclp ajplh ~efjgccl medinitlg( mefjhlgclg lplurug

metu~lmlg petfl`lr `lpl)jgaitol~j `ltj ~ulpu itclgj~l~j `lrlp oegclgnlo mehlgc~ugclg

fjùr itcldj~l~j zlgc det~lgcmuplg' Oegcjgclp decjpu detfltclgzl ~ulpu `lpl)jgaitol~j olml

pj`lmhlf fetlg kjml detougnuhlg dedetlrl rjflm zlgc pj`lm detplgccugc klsld zlgc detu~lfl

oegnutj olurug oegcudlf `lg oetu~lm `lpl)jgaitol~j `ltj ~j~peo miorupet ojhjm ~ulpu

itclgj~l~j petpegpu'

Mepjml ~edulf miorupet petfudugc me `lhlo ~edulf kltjgclg miorupet dljm ~enltlhimlh lplurug me ùgjl oeheslpj jgpetgep( olml zlgc fltu~ `jretflpjmlg l`lhlf melolglg `ltj

miorupet ~etqet pet~edup' êhljg miorupet ~etqet pet~edup pj`lm dihef hurup `ltj retflpjlg

melolglg `ltj miorupet/miorupet hljg zlgc kucl petfudugc ègclg miorupet ~etqet pl`j'

Gloug zlgc lmlg `jdlfl~ `j~jgj l`lhlf clgcculg lrl ~lkl zlgc `lrlp petkl`j rl`l

~edulf miorupet ~etqet lrldjhl petfudugc `lhlo ~edulf kltjgclg lplu jgpetgep( Medlgzlmlg

itlgc detajmjt dlfsl clgcculg melolglg zlgc ougcmjg petkl j l`lhlf `j~edldmlg ihef

flnmet `ltj hult' @lhlo dlfl~lg pegplgc melolglg ~j~peo rethu `jretflpjmlg ~eoul ~edld

zlgc ougcmjg oegkl`j almpit clgcculg melolglg jpu petkl`j' êdlclj nigpif l`lhlf ~eitlgc

regzu~ur zlgc oeorugzlj èg`lo( mepj`lm ~egclkllg ~eitlgc reclslj( duc rl`l ~j~peo

iretl~j `lg lrhjml~j `j `lhlogzl lplu me~lhlflg `lhlo migajcutl~j'

Detjmup jgj lmlg `jrlrltmlg clgcculg melolglg zlgc detregcltuf dlcj melolglg

rl`l miorupet~etqet'

3


8/71

Meolglg Kltjgclg

JJ' Pjgklulg Duaaet Iqetahis @lg @egjlh Ia etqjne


9/71

Meolglg Kltjgclg

l'< Olglkeoeg oeoitj rl`l rti~e~

êdulf rti~e~ kjml `jhjflp `ltj ~uùp olglkeoeg oeoitj( `lrlp `jde`lmlg oegkl`j pjcl

dlcjlg '

Pevp( oeoulp jg~ptum~j miè rtictlo' Dlcjlg jgj djl~lgzl flgzl dj~l `jdlnl `lg

~epjlr u~lfl ugpum oeguhj~mlg `lpl me dlcjlg jgj lmlg oegzedldmlg me~lhlflg

~ecoegplpjig qjihlpjig'

@lpl( oeoulp `lpl( dljm zlgc pehlf `jjgj~jlhj~l~jmlg olurug zlgc dehuo' êhljg

`lrlp `jdlnl( djl~lgzl dlcjlg jgj kucl `jolgjruhl~j ~ulpu jg~ptum~j ugpum

oehlmumlg reguhj~lg rl`lgzl'

^plnm( zlgc `lrlp `jlhiml~jmlg~enltl `jgloj~( djl~lgzl `jolgallpmlg ugpum

oegzjorlg qltjldeh himlh olurug ugpum oeheslpmlg rltloepet augc~j'

Regclm~e~lg `lpl medlcjlg jgj oegccuglmlg oepiè zlgc `j~edup HJAI &Hl~p Jg

Ajt~p Iup* ~eretpj zlgc glgpj lmlg `jpetlgcmlg ~enltl hedjf tjgnj' Kegj~ `lpl zlgc

kucl rlpup `jmeplfuj l`lhlf ~edlclj duaaet zlgc rl`l dlfl~l N

`jjorheoegpl~jmlg ~edlclj lttlz' Lttlz `lrlp `jde`lmlg me `lhlo ùl kegj~

det`l~ltmlg oepiè regclhiml~jlggzl( zljpu lttlz ~plpj~ `lg lttlz `jgloj~'

Lttlz ~plpj~ `jlhiml~jmlg `jdlcjlg `lpl ~llp rtictlo `joulp me oeoitz(

~e`lgcmlg lttlz `jgloj~ `jlhiml~jmlg `j `lhlo~plnk ~llp tug pjoe'

l'4 ^plnm

^plnm `lrlp `jdlzlgcmlg ~edlclj ~edulf dhim `lg oeoitj zlgc `lrlp oeoulp `lpl

~enltl `jgloj~' Dedetlrl flh zlgc rlpup `jmeplfuj rl`l rtine~~it Jgpeh ~efudugclg ègclg

~plnml`lhlf ~edlclj detjmup'

Regccugllg oepiè Djc Eg`jlg `lhlo oegcitclgj~l~jmlg ~j~peo oeoitj' @j~jgj

O^D &Oi~p ^jcgjajnlgp Djp* petheplm rl`l lhlolp oeoitj zlgc hedjf menjh

`jdlg`jgcmlg H^D &His ^jcgjajnlgp Djp*'

Reglodlflg de~lt~plnm `jhlmumlg me ltlf lhlolp oeoitj zlgc hedjf menjh' @j~jgj

ri~j~j dlslf `ltj ~plnmoeorugzlj lhlolp zlgc peplr' Ri~j~j lpl~ ~plnmzlgc lhlolp

oeoitjgzl hedjf menjh `ltj ri~j~j dlslf ~ehlhu detudlf'

Tecj~pet~plnm rijgpet &^R* ~ehlhu oegugkum meri~j~j lpl~ `ltj~plnm'

:


10/71

Meolglg Kltjgclg

Ugpum oeojg`lfmlg `lpl me ~plnm `jcuglmlg jg~ptum~j RU^F zlgc ~enltl ipiolpj~

lmlg oegutugmlg gjhlj ^R ~ede~lt 0 dzpe' ê`lgcmlg ugpum oegclodjh `lpl `ltj~plnm

`jcuglmlg jg~ptum~j RIR zlgc ~enltl ipiolpj~ kucl lmlg oegljmmlg gjhlj ^R ~ede~lt 0

dzpe'

Clodlt 4 `j dlslf oeorethjflpmlg `jlctlo `ltj ~edulf ~plnm rl`l rti~e~~it Jgpeh'

Clodlt 4 ^plnm Rl`l Oeoitj

Dhim oeoitj `ltj ~plnm jgj djl~lgzl `jdlcj hlcj oegkl j lrl zlgc `j~edup ègclg

tecj~pet~plnm atloe' êpjlr tecj~pet~plnm atloe detj~j `lpl zlgc detfudugclg ègclg

reolgccjhlg ~ulpu augc~j' Djl~lgzl ri~j~j lslh `ltjatloe jgj `jpugkummlg ihefatloe rijgpet

&AP*'

@egclg dlgpulg AR jgj( olml regclm~e~lg me qltjldeh himlh olurug rltloepet augc~j

`lrlp `jhlmumlg oegccuglmlg ~j~peo regclhlolplgo tehlpja' Rl`l NRU Jgpeh( tecj~pet EDR

detaugc~j ~edlcljatloe rijgpet'

êpehlf dlfl~lg `j lpl~( ~emltlgc lmlg `jkehl~mlg regcetpjlg duaaet iqetahis'Duaaet

iqetahis oeojhjmj ltpj ~ulpu mel`llg `j olgl `lpl zlgc `jj~jmlg me ~ulpu duaaetoeorugzlj

umutlg zlgc hedjf de~lt `ltj `jdlg`jgcmlg umutlg duaaet jpu ~eg`jtj' Ugpum hedjf oeolfloj

duaaet iqetahis( ougcmjg `lrlp mjpl peoumlg rl`lglggzl `lhlo mefjùrlg ~efltj/fltj( zljpu

~llp eodet `jj~j ègclg ljt( ~efjgccl ljt zlgc `jpulgcmlg ~lorlj oehulr & iqetahis*'


11/71

Meolglg Kltjgclg

^e`lgcmlg rl`l em~rhijpl~j duaaet iqetahis( ~enltl rtjg~jr l`l `ul flh regpjgc zlgc

fltu~ `jhlmumlg `lhlo rti~e~ em~rhijpl~j duaaet iqetahis( zljpu ~edlclj detjmup'


12/71

Meolglg Kltjgclg

Rtictlo `j lpl~ lrldjhl `jmiorjhl~j `lg `jklhlgmlg rl`l ~j~peo iretl~j Hjguv lmlg

`j`lrlpmlg re~lg ~ecoegplpjig qjihlpjig' Flh jgj `j~edldmlg rl`l augc~j augc~j&* dltjldeh

lttlz duaaet`j`eajgj~jmlg flgzl detumutlg 0 dzpe( ~e`lgcmlg `lpl zlgc `j~lhjgmlg merl`lgzl

detumutlg


13/71

Meolglg Kltjgclg

Miè `j lpl~ detdlflzl mltegl lttlz glol pj`lm `jdlpl~j de~ltgzl' îhu~j zlgc hedjf

dljm l`lhlf ~edlclj detjmup'

Zlgc oeodlpl~j~ptjgcglol zlgc `jolm~ummlg ~ede~lt 455 mltlmpet'

êhljg oeoetjm~l umutlg jgrup zlgc `jol~ummlg( rtictlo kucl fltu~ oeoetjm~l dlfsl

`lpl zlgc `jol~ummlg l`lhlf `lpl zlgc qlhj`' Oj~lhgzl( kjml rtictlo oeojgpl jgrup

deturl pjre `lpl jgpetcet( olml rtictlo fltu~ oeol~pjmlg dlfsl jgrup zlgc `jdetjmlg

ihef u~et deglt/deglt detpjre jgpecet( dumlg pjre hljggzl'

`'4 Duaaet Gig/EvenupldheMig~ergzl l`lhlf oeodulp ~ecoegp`lpl ~edulf rtictlo pj`lm `lrlp `jem~emu~j'

@egclg oegkl`jmlggzl pj`lm `lrlp `jem~emu~j( olml pj`lmhlf ougcmjg dlcj regzetlgc

ugpum oegcem~emu~j miè zlgc oeteml ol~ummlg me duaaet jgruprtictlo mitdlg'

Nltl jgj `jcuglmlg rl`l ~j~peo iretl~j miorupet hlol( peplrj rl`l ~j~peo iretl~j

UGJV `lg O^ Sjgìs~pemgjm jgj pj`lm `jcuglmlg( mltegl meùlgzl petclgpugc rl`l

meolorulg oeol~ummlg miè `jgloj~ me `lhlo ~ecoegp `lpl rtictlo ugpum

oegùmugc detdlclj irpjoj~l~j mjgetkl'

`'> Lttlz Diug`~ Nfenmjgc

Oe~mjrug oeol~ummlg miè l`lhlf ~edulf pjg`lmlg rjhjflg dlcj ~etlgclg duaaet

iqetahis( regcmitur~jlg lhjtlg meg`lhj oeturlmlg flh zlgc regpjgc' @egclg

oegccuglmlg oepiè lttlz diug` nfenmjgc lmlg oegcfegpjmlg qugetldjhjpz `lg

~etlgclg duaaet iqetahis'Kjml ~edulf lttlz pj`lm `lrlp `j/iqetahis( olml lttlz pj`lm

`lrlp `jcuglmlg ugpum oegcmitur~j rtictlo zlgc petheplm `j lhlolp oeoitj detjmupgzl'

Ugpum oegcjorheoegpl~jmlg oepiè jgj( ~eoul reodlnllg `lg reguhj~lg me lttlz zlgc

fltu~ `jretjm~l ugpum oeol~pjmlg dlfsl oeteml pj`lm oehlorluj dlpl~lg lttlz'

`'0 Niè Rijgpet Jgpectjpz Nfenmjgc


14/71

Meolglg Kltjgclg

Pukulg `lt oepiè jgj lclm detde`l ègclg diug`~ nfemjgc' Lhjf/lhjf detu~lfl

oegneclf mitur~j miè rijgpet( jl detu~lfl oegèpem~j dlfsl ~edulf miè rijgpet

pehlf petmitur~j ~edehuo jl `jèaeteg~jmlg' Kl j oe~mjrug regzetlgc ~um~e~ `lhlo

oegcmitur~j miè rijgpet( miè rijgpet zlgc petmitur~j pj`lm lmlg `jcuglmlg mltegl

mitur~j petèpem~j ~epjlr ~llp ~edehuo `jcuglmlg'

`'5 Oeoetjm~l Jgèv

Jgèm~ zlgc `jcuglmlg ugpum oeolgjruhl~j ~edulf lttlz fltu~ `jretjm~l ègclg

pehjpj' Retflpjmlg nigpif miè `j dlslf jgj'

4' @egjlh Ia êtqjne Lpplnm

' ûodet `lzl kltjgclg zlgc ~lgclp detfltcl lgpltl hljg miorupet( `lpldl~e `lg hlzlglg/

hlzlglg hljg zlgc `j~e`jlmlg ihef kl~l kltjgclg' Kltjgclg jgj ~lgclp `jdupufmlg ihef u~et

`jmlteglmlg hlzlglg/hlzlglg pet~edup oeou`lfmlg remetkllg ~efjgccl remetkllg pet~edup

hedjf eaj~jeg' Djhl hlzlglg jgj tu~lm lplu pj`lm `lrlp demetkl( olml lmlg oegzedldmlg

fjhlgcgzl rtiùmpjajpl~' Flh/flh zlgc oegzedldmlg kltjgclg pj`lm demetkl `lrlp deturl lrl~lkl petol~um sito zlgc ~etjgcmlhj oehuorufmlg ~ekuohlf de~lt miorupet `j ùgjl'

Regzedld ègjlh ia ~etqjne `jlgpltlgzl l`lhlf ~edlclj detjmup'

Meougcmjglg kltjgclg oegkl`j pj`lm deaugc~j `j~edldmlg medlgkjtlg klhut hlhu hjgpl~'

Meougcmjglg kltjgclg `jrltpj~j ègclg nltl oeodulp miorigeg kltjgclg ~eretpj

tiupet lgc oegkl`j regcfudugc kltjgclg pj`lm detaugc~j'

Meougcmjglg l`l qjtu~ zlgc oegzedlt `lg oegzedldmlg ~j~peo miorupet oegkl`j

hlodlp lplu dlfmlg huoruf'

Meougcmjglg èqjne zlgc oehjgùgcj kltjgclg `jtu~lmmlg'

Regccugllg ~uodet `lzl zlgc jhheclh `lrlp ruhl oegclmjdlpmlg ègjlh ia ~etqjne ' êdlclj

nigpif( ~ulpu regzetlgc `lrlp oegccuglmlg sjhlzlf apr ltel plm detpulg ~edlclj peorlp


15/71

Meolglg Kltjgclg

ugpum oegzjorlg ~lhjglg zlgc pj`lm ~lf ~ulpu retlgcmlp huglm mioet~jh( oeolgallpmlg

tulgc `j~m `lg oeol`lpmlg hlhu hjgpl~ kltjgclg'

l' @e~mtjr~j

@egjlh ia êtqjne Lpplnmhedjf `jmeglh ègclg j~pjhlf @i^ lpplnm' êtlgclg jgj `jhlmumlg

ugpum pukulg oeolpjmlg ~lhlf ~lpu lplu ~eoul hlzlglg zlgc l`l rl`l ~ulpu ~j~peo plgrl

retoj~j `ltj regcul~l ~j~peo'

@egjlh/ia/~etqjne lpplnm oeturlmlg ~edulf urlzl ~etlgclg ègclg klhlg oegutugmlg

mjgetkl ~edulf sed ~jpe ègclg petu~ oegetu~ oegcuhlgc te|ue~p me ~etqet `ltj dlgzlm

~uodet ~enltl ~jouhplg' Pukulg ~etlgclg ~eretpj jgj detlmjdlp ~etqet mitdlg kl`j meslhlflg

oehlzlgj te|ue~p zlgc petmjtjo `lg detlmfjt ègclg oegcfegpjmlg lmpjqjpl~ lplu detfegpj

ègclg ~eg`jtjgzl mltegl plm oloru oehlzlgj te|ue~p' Ml`lgc ~etlgclg zlgc `jhlmumlg

ègclg nltl jgj `lrlp oetu~lm lplu oeolpjmlg ~j~peo ~enltl me~ehutuflg'

@egjlh/ia/~etqjne oeturlmlg ~etlgclg ègclg `jplg`lj ihef ~ulpu u~lfl zlgc em~rhj~jp `ltj

regzetlgc ugpum oegneclf rltl reolmlj zlgc ~lf oegccuglmlg kl~l rehlzlglg kltjgclg'

Nigpifgzl oehjrupj ;

oegnidl ugpum oeodlgkjtj ~ulpu kltjgclg( ègclg èojmjlg oegcflodlp hlhu hjgpl~

kltjgclg zlgc l`l(

oegnidl ugpum oegcclgccu migem~j lgplt miorupet( ~efjgccl kl~l rehlzlglg oegkl`j

petflodlp( oegnidl ugpum oegneclf jg`jqjù petpegpu ugpum oegclm~e~ ~ulpu hlzlglg(

oegnidl ugpum oegcclgccu rehlzlglg ~e~eitlgc lplu ~ulpu ~j~peo zlgc ~re~jajm'

Kegj~ ~etlgclg hljggzl `lrlp oehjrupj ègjlh ia ~etqjne ~edlclj miorigeg( peplrj ègjlh

ia ~etqjne `lrlp deturl dlcjlg `ltj ~etlgclg zlgc hedjf de~lt'

Regccugllg ~uodet `lzl zlgc jhheclh `lrlp ruhl oegclmjdlpmlg ègjlh ia ~etqjne '

êdlclj nigpif( ~ulpu regzetlgc `lrlp oegccuglmlg sjhlzlf apr ltel plm detpulg ~edlclj

peorlp ugpum oegzjorlg oegnutj `lpl ~ulpu retlgcmlp huglm mioet~jh( oeolgallpmlg tulgc

`j~m `lg oeol`lpmlg hlhu hjgpl~ kltjgclg'


16/71

Meolglg Kltjgclg

d' Pltcep `lg Dlflzl @egjlh ia êtqjne Lpplnm

êtlgclg @egjlh/Ia/êtqjne uplolgzl detpukulg oehuorufmlg miorupet lplu kltjgclg'

Petclgpugc rl`l ~jalp lhloj retu~lfllg( flh jgj zlgc ~enltl eaempja oehuorufmlg itclgj~l~j''

Dedetlrl ~etlgclg ègjlh/ia/~etqjne `lrlp `jem~emu~j ègclg ~uodet `lzl petdlpl~

oehlslg petfl`lr ~ulpu ~jpu~de~lt zlgc nlgccjf ' êtlgclg kegj~ jgj ml`lgc/ml`lgc

`j~edup)`jrlgccjh ~ulpu $ ~etlgclg pj`lm ~joeptj~ &l~zooeptjn lpplnm*'$ êdlclj nigpif( ~ulpu

regzetlgc ègclg ~edulf RN pul `lg ~edulf oièo zlgc hlodlp ougcmjg oloru

oehuorufmlg dlgzlm kltjgclg lplu oe~jg zlgc hedjf nlgccjf `lg hedjf nerlp'

êtlgclg @egjlh/Ia/êtqjne pet`jtj `ltj detdlclj degpum `lg kegj~ hlzlglg' L`l pjcl kegj~

`l~lt ~etlgclg zljpu ;

regccugllg flh zlgc hlgcml( petdlpl~( lplu ~uodet `lzl pj`lm `lrlp `jretdltuj(

retu~lmlg lplu retudlflg migajcutl~j jgaitol~j(

retu~lmlg ~enltl aj~jm lplu retudlflg miorigeg/miorigeg kltjgclg'

d'< Regccugllg ûodet `lzl Hlgcml

Miorupet @lg Kltjgclg oeoethumlg detdlclj flh petpegpu ugpum detiretl~j; dlg`sjpf

kltjgclg( oeoitj `lg tulgc regzjorlg( NRU pjoe( ~ptumput `lpl( oegclm~e~ me miorupet `lg

kltjgclg hljggzl( `lg ~uodet `lzl hjgcmugclg petpegpu ~eretpj riset( reg`jgcjg u`ltl( lplu

dlfmlg ljt'

d'


17/71

Meolglg Kltjgclg

miorupet mitdlg oegzu`lfj migem~j' Fl~jhgzl l`lhlf dlfsl migem~j zlgc ~lf `jpihlm rl`l

~llp miorupet mitdlg ~e`lgc oeglgpj ugpum oehegcmlrj migem~j'

Rethu `jnlplp dlfsl ~etlgclg kegj~ jgj pj`lm petclgpugc rl`l regzetlgc pet~edup

oeolmlj de~ltgzl dlg`sj pf kltjgclg' @lhlo flh jgj( regcclgccu ~e`lgc oegccuglmlg

metgeh ~ptumput `lpl ègclg oehjdlpmlg ~ulpu migem~j kltjgclg' Lmjdlpgzl l`lhlf dlfsl

regcclgccu `lrlp oehlm~lglmlg regzetlgclg `ltj ~ulpu `jlh/ur migem~j oegzetlgc ~ulpu

oe~jg kltjgclg ~ègclg ~lgclp nerlp' & Jgj l`lhlf ~ulpu nigpif zlgc dljm `ltj ~ulpu ~etlgclg

l~zoeptjn'*

d' Oetu~lm Dlg`sj pf

êitlgc regzetlgc `lrlp oeolmlg ~eoul dlg`sj`pf zlgc pet~e`jl rl`l kltjgclg

ègclg oegcjtjomlg ~ekuohlf de~lt rlmep zlgc hlgc~ugc `jltlfmlg rl`l kltjgclg pet~edup'

ênltl mfu~u~( rlmep jgj l`lhlf rlmep JNOR ENFI( peplrj rl`l rtjg~jrgzl oeteml `lrlp

deturl lrlrug' Hedjf hlgkup( regcclgccu pj`lm rethu detiretl~j `ltj ~edulf miorupet= dj~l

kl`j jl demetkl `ltj dedetlrl miorupet zlgc detiretl~j `jkltjgclg zlgc detde`l ègclg eaem

zlgc ~lol

d'


18/71


19/71


20/71

Meolglg Kltjgclg

Jg~plh rtictlo cult` ugpum oegklcl `ltj oeodlgkjtgzl e/oljh zlgc pj lm

`jmefeg`lmj' Rl`l flmemlpgzl nltl jgj lrlp oegcutlgcj ~etlgclg ègjlh ia ~etqjne'

Dulgc dedetlrl ~etqj~ kltjgclg zlgc pj`lm `jrethumlg lplu plm petrlmlj' Flh jgj `lrlp

oeodlpl~j meolorulg regzetlgc ugpum oegclodjh meugpugclg `ltj ~eoul ~etqj~

jpu cugl oehlm~lglmlg ~ulpu ~etlgclg ègjlh/ia/~etqjne'

Dulphlf ~j~peo muipl rl`l ~j~peo iretl~j kjml hlzlglg pet~edup pet~e`jl' êdlclj

nigpif( kjml ~j~peo iretl~j oegùmugc muipl regzjorlglg( oeougcmjgmlg ugpum

oegcjkjgmlg reolmljlg kltjgclg( mfu~u~gzl lnniugp zlgc `jjkjjgmlg

oegciretl~jmlg kltjgclg' êdlclj plodlflg( kjml ~j~peo iretl~j oegùmugc rltpj~j

lplu qihuoe & zljpu'( ~j~peo ajhe ~enltl petrj~lf ègclg lptjdup olg`jtj* `lrlp

`jretpjodlgcmlg oeorltpj~j ~j~peo ajhe ~urlzl `jrj~lfmlg lgpltl augc~j zlgc reml

`ltj lmpjqjpl~ hljggzl'

Lolpj petu~ mecjlplg ~j~peo `lg peplrmlg dlpl~/dlpl~ ugpum lmpjqjpl~ djl~l' Cuglmlg

dlpl~lg ugpum oegcumut pjgcmlplg lmpjqjpl~ `j~m zlgc pj`lm hl{jo( reolmljlg NRU(

lplu hlhu hjgpl~ kltjgclg'

ênltl tupjg oegcukj melolglg aj~jm miorupet detmegllg ègclg medupuflg ~llp jgj'

Retpjodlgcmlg ~etqet( tiupet( petojglh plgrl meg`lhj( kltjgclg lnne~ rijgp( sjte

nhi~ep( ~j~peo hjgcmugclg ~eretpj u`ltl `lgriset( `lg miorigeg hljg `ltj ~j~peo'

Cuglmlg Ptjrsjte lplu ~ulpu lhlp ~eturl ugpum oegèpem~j retudlflg migajcutl~j

jgaitol~j lplu ajhe hljggzl' Ugpum jgaitol~j hedjf hlgkup ( hjflp r` sed detjmup lplu

Hlorjtlg 3

fppr;))sss'netp'itc)penfYpjr~)~enutjpzYpiih~'fpoh

Oegzjlrmlg oi`lh ugpum regcclgpjlg retlgcmlp `lg reoehjfltllg oe~jg zlgc `lrlp

`jiretl~jmlg ~eslmpu/slmpu djhl l`l miorupet zlgc oegclhloj ~etlgclg'

ênltl tecuhet `jpeplrmlg klùlh reoehjfltllg `lg dlnmur `lpl petuplol jgaitol~j/

jgaitol~j zlgc regpjgc' Pegpumlg medjklmlg reodlfltulg mlpl ~lg`j zlgc ~e~ulj `lg oeoretdljmj ~lg`j

~enltl tecuhet petuplol dlcj lnniugpzlgc mfu~u~ ~eretpj lòjgj~ptlpit'

`' Pltcep lg dlflzl @egjlh ia êtqjne rl`l Hjguv

42
http://www.cert.org/tech_tips/security_tools.htmlhttp://www.cert.org/tech_tips/security_tools.html


21/71

Meolglg Kltjgclg

Rl`l ~j~peo iretl~j Hjguv dlgzlm pltcep zlgc dj~l `jcuglmlg ugpum pukulg

oeolpjmlg ~etqjne rl`l ~j~peo lplu ~j~peo ~enltl me~ehutuflg' Detjmup l`lhlf pltcep

zlgc `lrlp `jcuglmlg ~l~ltlg ~etlgclg'

`'< Tulgc slr

Tulgc ~slr rl`l ~j~peo iretl~j Hjguv djl~lgzl `jcuglmlg ~edlclj Jqjtpulh oeoitz'

Tulgc jgj lmlg oegzjorlg ajhe/ajhe ~eoegpltl zlgc djl~l `jcuglmlg rl`l ~llp ~ulpu

rtictlo `jklhlgmlg'

@egclg nltl oegcfldj~mlg tulgc mi~igc rl`l ~slr lmlg l`l rtictlo/rtictlo zlgc

pj`lm `lrlp `jklhlgmlg mltegl pj`lm l`lgzl tulgc ugpum oeglorugc ajhe/ajhe ~eoegpltl

`ltj lrhjml~j pet~edup'

êhljg flh pet~edup clgcculg zlgc hljg l`lhlf olpjgzl ~etqjne/~etqjne zlgc l`l rl`l

~j~peo`lg pj`lm `lrlp `jregufjgzl te|ue~p`ltj u~etmltegl regufgzl tulgc~slr jgj'

`'4 Dlg`sj`pf

Pltcep hljg `ltj ~etlgclg @i^ l`lhlf ègclg nltl oeoegufj dlg`sj`pf zlgc pet~e`jl

fjgccl miougjml~j rl`l kltjgclg oegkl`j detlp lplu olpj'

`'> Pldeh Metgeh

Lhiml~j oeoitzrl`l metgeh oeturlmlg ~lhlf ~lpu pltcep zlgc `lrlp `jcuglmlg ~l~ltlg

~etlgcg' Metgeh oeorugzlj dlpl~ rl`l metgeh olr( kjml ~j~peo pehlf oegnlrlj dlpl~gzl

`lg pj`lm dj~l oeolmlj oeoitj metgeh hlcj olml zlgc fltu~ `jhlmumlg l`lhlf oe/

tediip~j~peo' Oeoitj metgeh pj`lm flgzl `jcuglmlg ihef TLO `lg NRU ~lkl ( plrj kucl

`jcuglmlg ihef rti~e~ djl~l' êfjgccl ègclg reolmljlg rti~e~ zlgc pethlhu dlgzlm

lmlg oegzedldmlg ~j~peo fltu~ `j tediip'

`'0 TLO &Tlgìo Lnne~~ Oeoitz*

Regccugllg ~ekuohlf de~lt TLO lmlg oegzedldmlg ol~lhlf rl`l ~j~peo' Regccugllg

TLO zlgc dethedjflg rl`l ~j~peo pegpgzl lmlg oegzedldmlg ~j~peo demetkl detlp `lg

ugpum oegcutlgcjgzl( ~j~peo ègclg ~eg`jtjgzl lmlg oeolpjmlg hlzlglg lplu lrhjml~j

zlgc pj`lm`jrtjitjpl~mlg'

4


22/71

Meolglg Kltjgclg

`'5 Jgep`

Jgep` l`lhlf `leoig rl`l ~j~peo iretl~j Hjguv zlgc cuglgzl ugpum oegcfj`urmlg

~etqjne/~etqjne hljg ~eretpj pehgep ( apr lplu ~etqjne ugpum oljh ~etqet' @egclg

oeolpjmlg jgep`pegpugzl lmlg dlgzlm ~etqjne zlgc lmlg olpj'

e' Nltl Reglgccuhlgclg

Ugpum oegcfjg`ltj ~j~peo `ltj mel`llg `j lpl~ zlgc dj~l `jhlmumlg l`lhlf ~edlclj

detjmup'

Oehlmumlg lputlg |uipl rl`l u~et/u~et zlgc l`l rl`l ~j~peo ~egjgccl l`l

reodlpl~lg kuohlf ajhe `lg de~lt tulgc zlgc `jojhjmj ihef u~et/u~etpet~edup'

Oehlmumlg reodlpl~lg dlgzlmgzl rti~e~ zlgc dj~l `jdulp ihef u~e~ ~efjgcclajhe/

ajhe peorittz &~eoegpltl* zlgc `jdulp ihef rti~e~ pet~edup lmlg petdlpl~ kucl'

44


23/71

Meolglg Kltjgclg

JQ' REGUPUR

@lpl)Jgaitol~j ~lgclp regpjgc ltpjgzl dlcj ~ulpu itclgj~l~j èsl~l jgj' Ml`lgc mlhl

Jgaitol~j oeturlmlg l~ep zlgc ~lgclp ajplh( ~efjgccl metu~lmlg( mefjhlgclg `lg medinitlg

~ulpu jgaitol~j oeturlmlg olhlreplml dlcj ~ulpu itclgj~l~j'

Oegcjgclp `lpl)jgaitol~j dethlhu hlhlgc `j kltjgclg miorupet( olml ~lgclp

`jougcmjgmlg jgaitol~j pet~edup `j~l`lr( `jègclt dlfmlg `jnutj itlgc/itlgc zlgc pj`lm

detplgccugc klsld' Ml`lgc/ml`lgc plgrl ~egclkl jgaitol~j oegkl`j fjhlgc lplu dlfmlg

`jdetjmlg merl`l itlgc zlgc pj`lm detflm'

@ltj plfug me plfug reolmljlg kltjgclg miorupet ~eolmjg oegjgcmlp( ~efjgccl

~eolmjg dlgzlm ~etlgclg petfl`lr kltjgclg miorupet' Flh èojmjlg oegclmjdlpmlg

melolglg kltjgclg oeturlmlg ~lhlf ~lpu retflpjlg zlgc pj`lm `lrlp `jfjg`ltj hlcj'

Pet`lrlp detdlclj olnlo ~etlgclg petfl`lr kltjgclg miorupet( `jlgpltlgzl l`lhlf

Duaaet Iqetahis `lg@egjlh ia êtqjne'

Duaaet iqetahis oeojhjmj ltpj ~ulpu mel`llg `j olgl `lpl zlgc `jj~jmlg me ~ulpu duaaet

oeorugzlj umutlg zlgc hedjf de~lt `ltj `jdlg`jgcmlg umutlg duaaet jpu ~eg`jtj' Duaaet

iqetahis oeturlmlg regzedld `ltj 52% ~eoul duc melolglg zlgc jhlritmlg `lg `jkl`jmlg

l`qj~itj ihef NETP)NN' Duaaet iqetahis oeturlmlg ~edulf meheolflg zlgc ou`lf ugpum

`jpeoumlg `lg `jolgallpmlg ihef regzetlgc `lhlo ~edulf ~j~peo'

@egjlh ia êtqjne Lpplnm hedjf `jmeglh ègclg j~pjhlf @i^ lpplnm( oeturlmlg ~etlgclgjgj `jhlmumlg ugpum pukulg oeolpjmlg ~lhlf ~lpu lplu ~eoul hlzlglg zlgc l`l rl`l ~ulpu

~j~peo plgrl retoj~j `ltj regcul~l ~j~peo' ^j~peo zlgc `j~etlgc `lrlp detlmjdlp alplh zljpu

oegutuggzl mjgetkl ~edulf sed( ~efjgccl ~etqet mitdlg lmlg muslhlflg oehlzlgj te|ue~p

zlgc `lplgc detuhlgc/uhlgc( zlgc detlmfjt ègclg petfegpjgzl ~etqet pet~edup'

Dedetlrl hlgcmlf oegclpl~j ~etlgclg duaaet iqetahis l`lhlf ~edlclj detjmup'

Oeoqlhj`l~j @lpl'

Duaaet Gig/Evenupldhe'

Lttlz Diug`~ Nfenmjgc'

Niè Rijgpet Jgpectjpz Nfenmjgc'

Oeoetjm~l Jgèv'

L`lrug nltl regneclflg `ltj ~etlgclg @egjlh Ia êtqjne l`lhlf ~edlclj detjmup'

4>


24/71

Meolglg Kltjgclg

Oehlmumlg lputlg |uipl rl`l u~et/u~et zlgc l`l rl`l ~j~peo ~egjgccl l`l

reodlpl~lg kuohlf ajhe `lg de~lt tulgc zlgc `jojhjmj ihef u~et/u~etpet~edup'

Oehlmumlg reodlpl~lg dlgzlmgzl rti~e~ zlgc dj~l `jdulp ihef u~e~ ~efjgccl

ajhe/ajhe peorittz &~eoegpltl* zlgc `jdulp ihef rti~e~ pet~edup lmlg petdlpl~ kucl

40


25/71

Meolglg Kltjgclg

@laplt Ru~plml

]


26/71

Meolglg Kltjgclg

HLORJTLG/HLORJTLG

Hlorjtlg >060 RPA UT01102'c{

Pfe rlpnf lhhis~ pnr)jr rtine~~jgc pi nigpjgue l~ gitolh( ugpjh pfe |ueue cep~ nhi~e pi auhh' Pfeg(

jg~pel` ia ku~p ~eg`jgc pfe ~zglnm dlnm( jp ~eg`~ l ~zg niimje dlnm( lg` sljp~ ait l te~rig~e pi JP

deaite ~eg`jgc pfe ~zglnm' Sfeg jp ~eg`~ pfe niimje( jp nhelt~ pfe ~zg atio pfe |ueue( ~i sfjhe ug`et

lpplnm( pfe |ueue sjhh geqet ajhh ur' Niimje~ evrjte ~fitphz lapet pfez lte ~egp' Dl~jnlhhz pfj~ rteqegp~

reirhe atio ajhhjgc ur pfe |ueue niorhepehz' Gi ige ahii`jgc atio l ~riia sjhh de ldhe pi terhz pi pfe

niimje( ~i gipfjgc nlg de iqethil`e`' Lg` ja pfez lteg#p ahii`jgc atio l ~riia( pfez siuh` de ceppjgc l

niimje pfez siuh` flqe pi te~rig` pi( lg` siuh` flqe l flt` pjoe te~rig`jgc pi lhh pfe niimje~ lg`

nigpjgujgc pfe ahii`'

>4
http://service.software.ibm.com/aixsupport/mailto:http://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.30.gzhttp://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.30.gzhttp://service.software.ibm.com/aixsupport/mailto:http://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.30.gz


33/71

Meolglg Kltjgclg

Hjqjgc~pig Egpetrtj~e~( Jgn'

Teaet pi pfe aihhisjgc Lrrhjnlpjig~ Gipe ait oite jgaitolpjig ig nigajcutjgc l Hjqjgc~pig JTV it

RitpOl~pet pi fehr dhinm iupcijgc ^ZG lpplnm~ atio lg J^R#~ u~et~;

apr;))apr'hjqjgc~pig'nio)rud)he)ìn)gipe~)ajhpet~'~zg/lpplnm

^jhjnig Ctlrfjn~( Jgn'

Ur`lpe` ^jhjnig Ctlrfjn~ jgaitolpjig nignetgjgc ^ZG lpplnm~ nlg de aiug` jg ^CJ ênutjpz L`qj~itz(

$JTJV JR ^riiajgc)PNR ê|uegne Lpplnm Ur`lpe($


34/71

Meolglg Kltjgclg

U~jgc egntzrpjig

Se ~ptigchz utce ziu pi egntzrp ~eg~jpjqe jgaitolpjig ~egp dz eoljh' Iut rudhjn RCR mez j~ lqljhldhe

atio

fppr;))sss'netp'itc)NETPYRCR'mez

Ja ziu rteaet pi u~e @E^( rhel~e nlhh pfe NETP fiphjge ait oite jgaitolpjig'

Ceppjgc ~enutjpz jgaitolpjig

NETP rudhjnlpjig~ lg` ipfet ~enutjpz jgaitolpjig lte lqljhldhe atio iut sed ~jpe

fppr;))sss'netp'itc)

Pi ~ud~ntjde pi pfe NETP oljhjgc hj~p ait l`qj~itje~ lg` duhhepjg~( ~eg` eoljh pi olkitìoiBnetp'itc'Rhel~e jgnhuè jg pfe di`z ia ziut oe~~lce~ud~ntjde netp/l`qj~itz+ $NETP$ lg` $NETP

Niit`jglpjig Negpet$ lte tecj~pete` jg pfe U'^' Rlpegp lg` Ptlèoltm Iaajne'

Hlorjtlg 4

NETPL`qj~itz NL/


35/71

Meolglg Kltjgclg

olnfjge&~* sfete pfe ~etqjne~ lte iaaete`' Lgzige sjpf gepsitm niggenpjqjpz nlg hlugnf lg lpplnm= gi

lnniugp lnne~~ j~ geeè`'

Ait evlorhe( dz niggenpjgc l fi~p#~ nfltceg ~etqjne pi pfe enfi ~etqjne ig pfe ~loe it lgipfet

olnfjge( lhh laaenpe` olnfjge~ olz de eaaenpjqehz plmeg iup ia ~etqjne denlu~e ia pfe evne~~jqehz fjcf

guodet ia rlnmep~ rtiùne`' Jg l``jpjig( ja psi it oite fi~p~ lte ~i niggenpe`( pfe jgpetqegjgc

gepsitm olz lh~i denioe nigce~pe` lg` ègz ~etqjne pi lhh fi~p~ sfi~e ptlaajn ptlqet~e~ pflpgepsitm'

JJ' Jorlnp

Lgzige sjpf gepsitm niggenpjqjpz nlg nlu~e l ègjlh ia ~etqjne' Pfj~ lpplnm ìe~ gip egldhe pfeo pi

cljg l``jpjiglh lnne~~'

JJJ' îhupjig

Se teniooeg` plmjgc lhh pfe ~per~ è~ntjde` dehis'

' Nlu~e pfe jgep` rtine~~ pi tetel` pfe nigajcutlpjig ajhe &e'c'( dz ~eg`jgc jp l FUR ~jcglh*'

4' @j~ldhe lg` ajhpet ipfet ugu~e` U@R ~etqjne~'

Pi rtipenp lcljg~p ~jojhlt lpplnm~ lcljg~p ipfet ~etqjne~( se teniooeg`;

/ `j~ldhjgc lhh ugu~e` U@R ~etqjne~ ig fi~p~ lg`

/ dhinmjgc lp ajteslhh~ lhh U@R ritp~ he~~ pflg :22 sjpf pfe evnerpjig ia ~renjajn ~etqjne~ ziu

te|ujte( ~unf l~ @G^ &ritp 5>*'

>' Ja ziu ou~p rtiqjè evpetglh lnne~~ pi ~ioe U@R ~etqjne~( nig~jèt u~jgc l rtivz

oenflgj~o pi rtipenp pflp ~etqjne atio oj~u~e'

Penfgj|ue~ pi ì pfj~ lte `j~nu~~e` jg Nflrpet 6( $Nigajcutjgc Jgpetgep êtqjne~($ jg YDujh`jgc JgpetgepAjteslhh~Y dz Nflrolg lg` [sjnmz &~ee ênpjig JQ dehis*'

0' Oigjpit ziut gepsitm'

Ja ziu ì rtiqjè evpetglh U@R ~etqjne~( se teniooeg` oigjpitjgc ziut gepsitm pi heltg sfjnf

~z~peo~ lte u~jgc pfe~e ~etqjne~ lg` pi oigjpit ait ~jcg~ ia oj~u~e' Piih~ ait ìjgc ~i jgnhuè Ltcu~(

pnrùor( lg` gephic'

Ltcu~ j~ lqljhldhe atio

>5


36/71

Meolglg Kltjgclg

apr;))apr'gep'nou'eù)rud)ltcu~/a>n

Gipe pflp Ltcu~ te|ujte~ pfe PNR stlrret~ pi jg~plhh;

apr;))apr'netp'itc)rud)piih~)pnrYstlrret~)

O@5 &pnrYstlrret~Y3'4'plt'[* ? 66>`22nd`4è``:dan36>d3215302e30

pnrùor j~ lqljhldhe atio

apr;))apr'ee'hdh'ciq)pnrùor/>'2'4'plt'[

O@5 &pnrùor/>'2'4'plt'[* ? n353126`564>ll16e021e5:6
mailto:[email protected]:[email protected]:[email protected]


39/71

Meolglg Kltjgclg

Hlorjtlg >

Eoljh Diodjgc lg` ^rloojgc

Pfj~ ìnuoegp rtiqjè~ l cegetlh iqetqjes ia rtidheo~ l~~injlpe` sjpf ehenptigjn oljh

diodjgc lg` eoljh ~rloojgc' Jp jgnhuè~ jgaitolpjig pflp sjhh fehr ziu te~rig` pi lg`

teniqet atio pfj~ lnpjqjpz'

Jgptiùnpjig

J' @e~ntjrpjig

JJ' Penfgjnlh J~~ue~JJJ' Sflp Ziu Nlg @i

L' @epenpjig

D' Telnpjig

N' Rteqegpjig

JQ' L``jpjiglh ênutjpz Oel~ute~ Pflp Ziu Nlg Plme

J' @e~ntjrpjig

Eoljh diodjgc j~ nfltlnpetj{e` dz ldu~et~ terelpe`hz ~eg`jgc lg eoljh oe~~lce pi l

rltpjnuhlt l``te~~ lp l ~renjajn qjnpjo ~jpe' Jg olgz jg~plgne~( pfe oe~~lce~ sjhh de hltce lg`

nig~ptunpe` atio oelgjgche~~ `lpl jg lg eaaitp pi nig~uoe l``jpjiglh ~z~peo lg` gepsitmte~iutne~' Ouhpjrhe lnniugp~ lp pfe pltcep ~jpe olz de ldu~e`( jgntel~jgc pfe ègjlh ia ~etqjne

jorlnp'

Eoljh ~rloojgc j~ l qltjlgp ia diodjgc= jp teaet~ pi ~eg`jgc eoljh pi fug`te`~ it pfiu~lg`~ia u~et~ &it pi hj~p~ pflp evrlg` pi pflp olgz u~et~*' Eoljh ~rloojgc nlg de olè sit~e jatenjrjegp~ terhz pi pfe eoljh( nlu~jgc lhh pfe itjcjglh l``te~~ee~ pi tenejqe pfe terhz' Jp olz

lh~i innut jgginegphz( l~ l te~uhp ia ~eg`jgc l oe~~lce pi oljhjgc hj~p~ lg` gip telhj{jgc pflp

pfe hj~p evrhiè~ pi pfiu~lg`~ ia u~et~( it l~ l te~uhp ia l te~rigèt oe~~lce &~unf l~

qlnlpjig&:
http://www.cert.org/tech_tips/email_bombing_spamming.html#Ihttp://www.cert.org/tech_tips/email_bombing_spamming.html#IIhttp://www.cert.org/tech_tips/email_bombing_spamming.html#IIIhttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Ahttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Bhttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Chttp://www.cert.org/tech_tips/email_bombing_spamming.html#IVhttp://www.cert.org/tech_tips/email_spoofing.htmlhttp://www.cert.org/tech_tips/email_bombing_spamming.html#Ihttp://www.cert.org/tech_tips/email_bombing_spamming.html#IIhttp://www.cert.org/tech_tips/email_bombing_spamming.html#IIIhttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Ahttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Bhttp://www.cert.org/tech_tips/email_bombing_spamming.html#III.Chttp://www.cert.org/tech_tips/email_bombing_spamming.html#IVhttp://www.cert.org/tech_tips/email_spoofing.html


40/71

Meolglg Kltjgclg

Ja ziu rtiqjè eoljh ~etqjne~ pi ziut u~et nioougjpz( ziut u~et~ lte quhgetldhe pi

eoljh diodjgc lg` ~rloojgc'

Eoljh ~rloojgc j~ lhoi~p jori~~jdhe pi rteqegp denlu~e l u~et sjpf l qlhj` eoljh

l``te~~ nlg ~rlo lgz ipfet qlhj` eoljh l``te~~( ges~ctiur( it duhhepjg/dilt` ~etqjne'

Sfeg hltce loiugp~ ia eoljh lte `jtenpe` pi it pftiucf l ~jgche ~jpe( pfe ~jpe olz

~uaaet l ègjlh ia ~etqjne pftiucf hi~~ ia gepsitm niggenpjqjpz( ~z~peo ntl~fe~( italjhute ia l ~etqjne denlu~e ia

i iqethil`jgc gepsitm niggenpjig~

i u~jgc lhh lqljhldhe ~z~peo te~iutne~

i ajhhjgc pfe `j~m l~ l te~uhp ia ouhpjrhe ri~pjgc~ lg` te~uhpjgc ~z~hic egptje~

JJJ' Sflp Ziu Nlg @i

@epenpjig

Ja ziut ~z~peo ~u`èghz denioe~ ~huccj~f &eoljh j~ ~his it ìe~g#p lrrelt pi de ~egp

it tenejqe`*( pfe tel~ig olz de pflp ziut oljhet j~ ptzjgc pi rtine~~ l hltce guodet ia

oe~~lce~'Telnpjig


41/71

Meolglg Kltjgclg

fppr;))sss'netp'itc)penfYpjr~)ajg`jgcY~jpeYnigplnp~'fpoh

>' Eg~ute ziu lte ur pi `lpe sjpf pfe oi~p nuttegp qet~jig ia ziut eoljh èhjqetz

~iapslte &~egòljh( ait evlorhe* lg` jgntel~e hiccjgc nlrldjhjpje~ l~ gene~~ltzpi èpenp it lhetp ziu pi ~unf lnpjqjpz'

Rteqegpjig

Ugaitpuglpehz( lp pfj~ pjoe( pfete j~ gi slz pi rteqegp eoljh diodjgc it ~rloojgc&ipfet pflg `j~niggenpjgc atio pfe Jgpetgep*( lg` jp j~ jori~~jdhe pi rte`jnp pfe itjcjg

ia pfe gevp lpplnm' Jp j~ ptjqjlh pi idpljg lnne~~ pi hltce oljhjgc hj~p~ it jgaitolpjig

te~iutne~ pflp nigpljg hltce qihuoe~ ia eoljh l``te~~e~ pflp sjhh rtiqjè è~pjglpjig

eoljh l``te~~e~ ait pfe ~rlo'

0' @eqehir jg/fiu~e piih~ pi fehr ziu tenicgj{e lg` te~rig` pi pfe eoljh

diodjgc)~rloojgc lg` ~i ojgjoj{e pfe jorlnp ia ~unf lnpjqjpz' Pfe piih~

~fiuh` jgntel~e pfe hiccjgc nlrldjhjpje~ l~ sehh l~ nfenm ait lg` lhetp ziu pi

jgniojgc)iupcijgc oe~~lce~ pflp itjcjglpe atio pfe ~loe u~et it ~loe ~jpe jg lqetz ~fitp ~rlg ia pjoe' Igne ziu jègpjaz pfe lnpjqjpz( ziu nlg u~e ipfet jg/

fiu~e piih~ pi `j~nlt` pfe oe~~lce~ atio pfe iaaeg`jgc u~et~ it ~jpe~'

5' Ja ziut ~jpe u~e~ l ~olhh guodet ia eoljh ~etqet~( ziu olz slgp pi nigajcuteziut ajteslhh pi eg~ute pflp ÔPR niggenpjig~ atio iup~jè ziut ajteslhh nlg

de olè ighz pi ziut negptlh eoljh fud~ lg` pi gige ia ziut ipfet ~z~peo~'

Lhpfiucf pfj~ sjhh gip rteqegp lg lpplnm( jp ojgjoj{e~ pfe guodet ia olnfjge~lqljhldhe pi lg jgptuèt ait lg ÔPR/dl~e` lpplnm &sfepfet pflp lpplnm j~ l

eoljh ~rlo it lg lppeorp pi dtelm jgpi l fi~p*' Jp lh~i oelg~ pflp ~fiuh` ziu

sj~f pi nigptih jgniojgc ÔPR jg l rltpjnuhlt slz &pftiucf ajhpetjgc itlgipfet oelg~*( ziu flqe ighz l ~olhh guodet ia ~z~peo~//pfe oljg eoljh fud

lg` lgz dlnmur eoljh fud~//pi nigajcute' Oite jgaitolpjig ig ajhpetjgc j~lqljhldhe atio

fppr;))sss'netp'itc)penfYpjr~)rlnmepYajhpetjgc'fpoh

1' Nig~jèt nigajcutjgc ziut oljh flg`hjgc ~z~peo&~* pi èhjqet eoljh jgpiajhe~z~peo~ pflp flqe ret/u~et |uipl~ egldhe`' @ijgc pfj~ nlg ojgjoj{e pfe

jorlnp ia lg eoljh diodjgc lpplnm dz hjojpjgc pfe `lolce pi ighz pfe pltcepe`

lnniugp~ lg` gip pfe egpjte ~z~peo'3' Eùnlpe ziut u~et~ pi nlhh ziu ldiup eoljh diodjgc lg` ~rloojgc'

6' @i gip rtirlclpe pfe rtidheo dz aitslt`jgc &it terhzjgc pi* ~rlooe` eoljh'

JQ' L``jpjiglh ênutjpz Oel~ute~ Pflp Ziu Nlg Plme

0


42/71

Meolglg Kltjgclg

L' Ja ziu flqe |ue~pjig~ nignetgjgc heclh j~~ue~( se egniutlce ziu pi sitm sjpf ziut

heclh niug~eh'

U'^' ~jpe~ jgpete~pe` jg lg jgqe~pjclpjig ia pfj~ lnpjqjpz nlg nigplnp pfe Aeètlh Duteluia Jgqe~pjclpjig &ADJ*' Jgaitolpjig ldiup fis pfe ADJ jgqe~pjclpe~ niorupet ntjoe~

nlg de aiug` fete

fppr;))sss'netp'itc)penfYpjr~)ADJYjgqe~pjclpe~Yntjoe'fpoh

Ait jgaitolpjig ig ajg`jgc lg` nigplnpjgc ziut hinlh ADJ ajeh` iaajne( ~ee

fppr;))sss'adj'ciq)nigplnp)ai)ai'fpo

Gig/U'^' ~jpe~ olz slgp pi `j~nu~~ pfe lnpjqjpz sjpf pfejt hinlh hls egaitneoegp

lcegnz pi èpetojge pfe lrrtirtjlpe ~per~ ait rut~ujgc lg jgqe~pjclpjig'

D' Ait cegetlh ~enutjpz jgaitolpjig( rhel~e ~ee

fppr;))sss'netp'itc)

N' Pi teritp lg jgnj egp( rhel~e niorhepe lg` teputg

fppr;))sss'netp'itc)teritpjgc)jgnjègpYaito'pvp

It u~e pfe sed/dl~e` Jgnjègp Teritpjgc Aito lp

fppr~;))jta'nn'netp'itc)

Pfj~ ìnuoegp j~ lqljhldhe atio;

fppr;))sss'netp'itc)penfYpjr~)eoljhYdiodjgcY~rloojgc'fpoh

NETP)NN Nigplnp Jgaitolpjig

Eoljh;netpBnetp'itc

Rfige; -< 0


43/71

Meolglg Kltjgclg

NETP)NN ret~iggeh lg~set pfe fiphjge 26;22/
http://www.cert.org/CERT_PGP.keyhttp://www.cert.org/mailto:[email protected]://www.cert.org/CERT_PGP.keyhttp://www.cert.org/mailto:[email protected]


44/71

Meolglg Kltjgclg

Hlorjtltlg 0

Lgigzoiu~ APR Nigajcutlpjig Cujèhjge~

Jgptiùnpjig

J' Nigajcutjgc lgigzoiu~ APR

L' APR `leoigD' êppjgc ur pfe lgigzoiu~ APR `jtenpitje~

N' U~jgc rtiret rl~~sit` lg` ctiur ajhe~

JJ' Rtiqj`jgc stjpldhe `jtenpitje~ jg ziut lgigzoiu~ APR nigajcutlpjig

L' Oi`jaje` APR `leoig

D' U~jgc rtipenpe` `jtenpitje~N' U~jgc l ~jgche `j~m `tjqe

JJJ' Tehlpe` NETP L`qj~itje~

Lgigzoiu~ APR nlg de l qlhuldhe ~etqjne ja nittenphz nigajcute` lg` lòjgj~pete`' Pfe ajt~p

~enpjig ia pfj~ ìnuoegp rtiqjè~ cegetlh cuj`lgne jg jgjpjlh nigajcutlpjig ia lg lgigzoiu~APR ltel' Pfe ~enig` ~enpjig l``te~~e~ pfe j~~ue~ lg` nflhhegce~ jgqihqe` sfeg l ~jpe slgp~

pi rtiqjè stjpldhe `jtenpitje~ sjpfjg pfejt lgigzoiu~ APR ltel~' Pfe pfjt` ~enpjig rtiqjè~

jgaitolpjig ldiup rteqjiu~ NETP l`qj~itje~ tehlpe` pi APR ~etqjne~'

Pfe aihhisjgc cujèhjge~ lte l ~ep ia ~ucce~pe` teniooeg`lpjig~ pflp flqe deeg degeajnjlh piolgz ~jpe~' Se tenicgj{e pflp pfete sjhh de ~jpe~ pflp flqe ugj|ue te|ujteoegp~ lg` gee`~( lg`

pflp pfe~e ~jpe~ olz nfii~e pi jorheoegp `jaaetegp nigajcutlpjig~'

Nigajcutjgc lgigzoiu~ APR

APR `leoig

^jpe~ ~fiuh` eg~ute pflp pfez lte u~jgc pfe oi~p tenegp qet~jig ia pfejt APR

`leoig'

êppjgc ur pfe lgigzoiu~ APR `jtenpitje~

Pfe lgigzoiu~ APR tiip `jtenpitz &wapr* lg` jp~ ~ud`jtenpitje~ ~fiuh` gip de

isge` dz pfe apr lnniugp it de jg pfe ~loe ctiur l~ pfe apr lnniugp' Pfj~ j~ l

niooig nigajcutlpjig rtidheo' Ja lgz ia pfe~e `jtenpitje~ lte isge` dz apr itlte jg pfe ~loe ctiur l~ pfe apr lnniugp lg` lte gip stjpe rtipenpe`( lg jgptuèt

sjhh de ldhe pi l`` ajhe~ &~unf l~ l 'tfi~p~ ajhe* it oi`jaz ipfet ajhe~' Olgz ~jpe~

ajg` jp lnnerpldhe pi u~e pfe tiip lnniugp' Olmjgc pfe apr tiip `jtenpitz lg` jp~~ud`jtenpitje~ isge` dz tiip( rltp ia pfe ~z~peo ctiur( lg` rtipenpe` ~i pflp

ighz tiip fl~ stjpe retoj~~jig sjhh fehr pi meer ziut lgigzoiu~ APR ~etqjne

~enute'

00
http://www.cert.org/tech_tips/anonymous_ftp_config.html#introhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#Ihttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Ahttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Bhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Chttp://www.cert.org/tech_tips/anonymous_ftp_config.html#IIhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Ahttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Bhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Chttp://www.cert.org/tech_tips/anonymous_ftp_config.html#IIIhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#introhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#Ihttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Ahttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Bhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#I.Chttp://www.cert.org/tech_tips/anonymous_ftp_config.html#IIhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Ahttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Bhttp://www.cert.org/tech_tips/anonymous_ftp_config.html#II.Chttp://www.cert.org/tech_tips/anonymous_ftp_config.html#III


45/71

Meolglg Kltjgclg

Fete j~ lg evlorhe ia lg lgigzoiu~ APR `jtenpitz ~epur;

`tsvt/vt/v 3 tiip ~z~peo 543


46/71

Meolglg Kltjgclg

netp;+;42;apr;+;:2;

Rtiqj`jgc stjpldhe `jtenpitje~ jg ziut lgigzoiu~ APR nigajcutlpjig

Pfete j~ l tj~m pi iretlpjgc lg lgigzoiu~ APR ~etqjne pflp retojp~ u~et~ pi ~pite ajhe~'

Se ~ptigchz teniooeg` pflp ~jpe~ ì gip lupiolpjnlhhz ntelpe l $`tir iaa$ `jtenpitz

ughe~~ pfiucfp fl~ deeg cjqeg pi pfe ri~~jdhe tj~m~ ia flqjgc ~unf l ~etqjne' Pfe NETPjgnjègp te~rig~e ~plaa fl~ tenejqe` olgz teritp~ sfete pfe~e `jtenpitje~ flqe deeg

u~e` l~ $`tir iaa$ `jtenpitje~ pi `j~ptjdupe diiphecce` qet~jig~ ia nirztjcfpe` ~iapslte

it pi ptlè jgaitolpjig ig niortioj~e` lnniugp~ lg` rl~~sit` ajhe~' Pfe NETP ~plaafl~ lh~i tenejqe` teritp~ ia ajhe ~z~peo~ dejgc olhjnjiu~hz ajhhe` nlu~jgc ègjlh ia

~etqjne rtidheo~'

Pfj~ ~enpjig `j~nu~~e~ pftee slz~ pi l``te~~ pfe~e rtidheo~' Pfe ajt~p j~ pi u~e l

oi`jaje` APR `leoig' Pfe ~enig` oepfi` j~ pi rtiqjè te~ptjnpe` stjpe nlrldjhjpzpftiucf pfe u~e ia ~renjlh `jtenpitje~' Pfe pfjt` oepfi` jgqihqe~ pfe u~e ia l ~erltlpe

`jtenpitz'

Oi`jaje` APR `leoig

Ja ziut ~jpe j~ rhlggjgc pi iaaet l $`tir iaa$ ~etqjne( se ~ucce~p u~jgc loi`jaje` APR `leoig pflp sjhh nigptih lnne~~ pi pfe $`tir iaa$ `jtenpitz' Pfj~

j~ pfe de~p slz pi rteqegp ugslgpe` u~e ia stjpldhe ltel~' îoe ~ucce~pe`

oi`jajnlpjig~ lte;

' Hjojp pfe iqetlhh loiugp ia `lpl ptlg~aette` dl~e` ig lqljhldhe `j~m~rlne'

0' Jgntel~e hiccjgc pi egldhe elthjet èpenpjig ia ldu~e~'

Ait pfi~e jgpete~pe` jg oi`jazjgc pfe APR `leoig( ~iutne niè j~ u~ulhhz

lqljhldhe atio ziut qegìt' Rudhjn ìoljg ~iutne~ lte lqljhldhe atio;

sultnfjqe'su~ph'eù wapr)rlnmlce~)sultnfjqe/apr`

apr'uu'gep wapr)~z~peo~)ugjv)d~ /~iutne~)hjdeven)apr`clpemeeret'èn'nio wapr)rud)@EN)cspiih~)apr`'plt'[

Pfe NETP Niit`jglpjig Negpet fl~ gip aitolhhz teqjese`( eqlhulpe ( itegìt~e` pfe APR `leoig~ è~ntjde`' Pfe ènj~jig pi u~e pfe APR `leoig~

è~ntjde` j~ pfe te~rig~jdjhjpz ia elnf u~et it itclgj{lpjig( lg` se egniutlce

elnf itclgj{lpjig pi pfitiucfhz eqlhulpe pfe~e rtictlo~ deaite jg~plhhlpjig it

u~e'

01


47/71

Meolglg Kltjgclg

U~jgc rtipenpe` `jtenpitje~

Ja ziut ~jpe j~ rhlggjgc pi iaaet l $`tir iaa$ ~etqjne lg` j~ ugldhe pi oi`jaz pfeAPR `leoig( jp j~ ri~~jdhe pi nigptih lnne~~ dz u~jgc l ol{e ia rtipenpe`

`jtenpitje~' Pfj~ oepfi` te|ujte~ rtjit niit`jglpjig lg` nlggip cultlgpee

rtipenpjig atio ugslgpe` u~e ia pfe stjpldhe APR ltel( dup fl~ deeg u~e`eaaenpjqehz dz olgz ~jpe~'

Rtipenp pfe pir heqeh `jtenpitz &wapr)jgniojgc* cjqjgc ighz evenupe retoj~~jig

pi pfe lgigzoiu~ u~et &nfoi` 35< wapr)jgniojgc*' Pfj~ sjhh retojp pfe

lgigzoiu~ u~et pi nflgce `jtenpitz &n`*( dup sjhh gip lhhis pfe u~et pi qjes

pfe nigpegp~ ia pfe `jtenpitz'

`tsvt/v//v 0 tiip ~z~peo 5


48/71


49/71

Meolglg Kltjgclg

Hlorjtlg 5NETP L`qj~itz NL/1 inpep~ &< inpep ? 6 djp~ ia `lpl*( nigpljgjgc l ojgjouo ia 42 inpep~ ia JR

felèt jgaitolpjig lg` 2 it oite inpep~ ia irpjiglh jgaitolpjig( sjpf pfe te~p ia pfe rlnmep dejgc `lpl'

Jp j~ mgisg pflp ~ioe ~z~peo~ sjhh telnp jg lg ugrte`jnpldhe al~fjig sfeg tenejqjgc iqet~j{e` JR

rlnmep~' Teritp~ jg`jnlpe l tlgce ia telnpjig~ jgnhu`jgc ntl~fjgc( atee{jgc( lg` tediipjgc'

Jg rltpjnuhlt( pfe teritp~ tenejqe` dz pfe NETP Niit`jglpjig Negpet jg`jnlpe pflp Jgpetgep Nigptih

Oe~~lce Rtipinih &JNOR* rlnmep~ j~~ue` qjl pfe $rjgc$ nioolg` flqe deeg u~e` pi ptjccet pfj~

deflqjit' JNOR j~ l ~ud~ep ia pfe PNR)JR ~ujpe ia rtipinih~ pflp ptlg~ojp~ ettit lg` nigptih oe~~lce~

depseeg ~z~peo~' Psi ~renjajn jg~plgne~ ia pfe JNOR lte pfe JNOR ENFIYTE\UE^P lg` JNOR

ENFIYTE^RIGÊ `lplctlo~' Pfe~e psi jg~plgne~ nlg de u~e` dz l hinlh fi~p pi èpetojge

sfepfet l teoipe ~z~peo j~ telnfldhe qjl pfe gepsitm= pfj~ j~ niooighz lnfjeqe` u~jgc pfe $rjgc$

nioolg`'

@j~nu~~jig jg rudhjn aituo~ fl~ negpete` ltiug` pfe u~e ia pfe $rjgc$ nioolg` pi nig~ptunp iqet~j{e`

JNOR `lplctlo~ &sfjnf lte egnlr~uhlpe` sjpfjg lg JR rlnmep*' Olgz rjgc jorheoegplpjig~ dz èaluhp

~eg` JNOR `lplctlo~ nig~j~pjgc ighz ia pfe 6 inpep~ ia JNOR felèt jgaitolpjig dup lhhis pfe u~et pi

~renjaz l hltcet rlnmep ~j{e ja è~jte`'

Ziu nlg tel` oite jgaitolpjig ldiup pfj~ quhgetldjhjpz ig Ojme Dteoait`#~ Sed rlce' &Gipe pflp pfj~ j~

gip l NETP)NN oljgpljge` rlce' Se rtiqjè pfe UTH fete ait ziut nigqegjegne'*

fppr;))sss'~irfj~p'èoig'ni'um)rjgc)jgèv'fpoh

JJ' Jorlnp

^z~peo~ tenejqjgc iqet~j{e` JNOR `lplctlo~ olz ntl~f( atee{e( it tediip( te~uhpjgc jg ègjlh ia

~etqjne'

0:
http://www.sophist.demon.co.uk/ping/index.htmlhttp://www.sophist.demon.co.uk/ping/index.htmlhttp://www.sophist.demon.co.uk/ping/index.html


50/71

Meolglg Kltjgclg

JJJ' îhupjig

Ajt~p( ~jgne ntl~fjgc l tiupet it ajteslhh olz de rltp ia l hltcet( ouhpj~plce lpplnm ~negltji( se

egniutlce ziu pi jg~renp pfe tuggjgc nigajcutlpjig ia lgz ~unf ~z~peo~ pflp flqe ntl~fe` pi eg~ute

pflp pfe nigajcutlpjig jgaitolpjig j~ sflp ziu evrenp jp pi de'

Pfeg jg~plhh l rlpnf atio ziut qegìt'

Dehis j~ l hj~p ia qegìt~ sfi flqe rtiqjè` jgaitolpjig ldiup rlpnfe~ ait pfj~ rtidheo' @epljh~ lte jg

Lrreg`jv L ia pfj~ l`qj~itz= se sjhh ur`lpe pfe lrreg`jv l~ se tenejqe oite jgaitolpjig' Ja ziut

qegìt#~ gloe j~ gip ig pfj~ hj~p( rhel~e nigplnp pfe qegìt `jtenphz'

Detmehez îapslte @e~jcg( Jgn' &D^@J*

Niorupet L~~injlpe~( Jgph' &rtiùnp~ ait GNT*

Ntlz Te~eltnf

@jcjplh E|ujroegp Nitritlpjig

Atee D^@( Jgn'

Feshepp/Rlnmlt` NiorlgzJDO Nitritlpjig

Hjguv ^z~peo~

GNT Nitritlpjig

GEN Nitritlpjig

Ireg îapslte Aiug`lpjig &IÂ*

Pfe ^lgpl Ntu{ Iretlpjig( Jgn' &^NI*

ûg Ojnti~z~peo~( Jgn'

Lrreg`jv L / Qegìt Jgaitolpjig

Dehis j~ l hj~p ia pfe qegìt~ sfi flqe rtiqjè` jgaitolpjig ait pfj~ l`qj~itz' Se sjhh ur`lpe pfj~

lrreg`jv l~ se tenejqe l``jpjiglh jgaitolpjig' Ja ziu ì gip ~ee ziut qegìt#~ gloe( rhel~e nigplnppfe qegìt `jtenphz'

Detmehez îapslte @e~jcg( Jgn' &D^@J*

D^@)I^ 4'< j~ gip quhgetldhe pi pfj~ rtidheo' Jp nittenphz flg`he~ hltce rlnmep~ sjpfiup lgz rtidheo~'

Niorupet L~~injlpe~( Jgph'

&rtiùnp~ ait GNT*

Gip quhgetldhe'

Ntlz Te~eltnf

Lppeorp~ pi ~eg` iqet~j{e` JNOR `lplctlo~ lte tekenpe` sjpf lrrtirtjlpe ettit oe~~lce~' Se dehjeqe

pflp iqet~j{e` JNOR `lplctlo~ ~egp pi Ugjni~ ~z~peo~ sjhh lh~i de tekenpe` sjpfiup ntl~fjgc'

52


51/71

Meolglg Kltjgclg

@lpl Cegetlh Nitritlpjig

@ue pi pfe slz @C)UV rtine~~e~ pnr rlnmep~( @C)UV j~ gip quhgetldhe pi pfj~ lpplnm'

@jcjplh E|ujroegp Nitritlpjig

O^C J@; ^^TP204: Atio @^Ghjgm)@JL @lpldl~e

Pfe aihhisjgc j~ joritplgp jgaitolpjig nignetgjgc l ripegpjlh ègjlh ia ~etqjne j~~ue sfjnf laaenp~

@jcjplh UGJV Iretlpjgc ^z~peo( @jcjplh UGJV OH^-( Ajteslhh jorheoegplpjig~( lg` @jcjplh PNR)JR

êtqjne~ ait IregQO^ LVR ! QLV

NIORIGEGP; ^z~peo ênutjpz ) Ripegpjlh @egjlh ia êtqjne

@JCJPLH UGJV Qet~jig; >'2( >'2d( >'4( >'4n( >'4è'4è4(>'4a( >'4c( 0'2( 0'2l

@JCJPLH UGJV OH^- Qet~jig >'l( 0'0( 0'5@JCJPLH Ajteslhh ait UGJV@JCJPLH LhplQj~pl Ajteslhh ait UGJV@JCJPLH QLV)EHG

Ait oite jgaitolpjig nfenm pfe @^Ghjgm)@JL Ltpjnhe~ &mezsit` RJGC*( it pfe UTH

fppr;))sss'~etqjne'`jcjplh'nio)fpoh)sflp~/ges'fpoh ait pfe hlpe~p jgaitolpjig'

L@QJÎTZ JGAITOLPJIG;

@jcjplh tenegphz `j~niqete` l ripegpjlh ègjlh ia ~etqjne j~~ue pflp olz innut dz teoipe ~z~peo~

evrhijpjgc l tenegphz rudhj~fe` rtidheo sfjhe evenupjgc pfe #rjgc# nioolg`' îhupjig~ lg` jgjpjlh

nioougjnlpjig~ declg lrreltjgc jg @^Ghjgm)@JL AHL^F)ltpjnhe~ jg hlpe Inpidet(


52/71

Meolglg Kltjgclg

Se flqe ajve` pfe rtidheo jg 4')5)3* ; RFGEY3454 ou~p ajt~p de jg~plhhe`RFGEY:2>2 &~322 < &~622 4*

Pi `epetojge ja ziu flqe pfj~ RPA ig ziut ~z~peo( tug pfe aihhisjgc nioolg`;

h~hrr /hD U000443 U0004>4

LJV 0'

Pi `epetojge ja ziu flqe pfj~ LRLT ig ziut ~z~peo( tug pfe aihhisjgc nioolg`;

jg~pajv /jm JV5:05>

It tug pfe aihhisjgc nioolg`;h~hrr /f di~'gep'pnr'nhjegp

Ziut qet~jig ia di~'gep'pnr'nhjegp ~fiuh` de 0'


53/71

Meolglg Kltjgclg

LJV 0'4

Lrrhz pfe aihhisjgc ajv pi ziut ~z~peo;

LRLT / JV1>060 RPA UT0110
http://service.software.ibm.com/aixsupport/mailto:[email protected]:[email protected]:[email protected]://ftp.cs.helsinki.fi/pub/Software/Linuxhttp://www.uk.linux.org/big-ping-patchftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/i386/kernel-2.0.18-6.i386.rpmftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/i386/kernel-2.0.18-6.i386.rpmhttp://service.software.ibm.com/aixsupport/mailto:[email protected]://ftp.cs.helsinki.fi/pub/Software/Linuxhttp://www.uk.linux.org/big-ping-patchftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/i386/kernel-2.0.18-6.i386.rpm


54/71

Meolglg Kltjgclg

GNT Nitritlpjig

Ait OR/TL^ >'22 lg` ldiqe( u~jgc PNR)JR l~ rlnmlce gloe $jgep$( gip quhgetldhe'

GEN Nitritlpjig

/ //////////////////////////////////////////////////////////////////////////I^ Qet~jig ^plpu~

/ ////////////////// //////////// /////////////////////////////////////ES^/UV)Q&Teh0'2* T oljgpeglgne tehel~e jgnhuè~ l ~ihupjig ait pfj~ rtidheo'

Pfe ^lgpl Ntu{ Iretlpjig( Jgn' &^NI*

Pfe aihhisjgc ^NI rtiùnp~ lte mgisg pi de quhgetldhe;

^NI Iregêtqet 5'2'2( 5'2'4

^NI Jgpetgep Al~p^pltp


55/71

Meolglg Kltjgclg

O@5///

O@5 &i~~00:l'[* ? e6an6l4:``5:16>ne5d:d6`


56/71

Meolglg Kltjgclg

NETP Niit`jglpjig Negpet

^iapslte Egcjgeetjgc Jg~pjpupe

Nltgecje Oehhig Ugjqet~jpz

Rjpp~dutcf RL 6:2

U'^'L'



57/71

Meolglg Kltjgclg

Luc' 3(


58/71


59/71

Meolglg Kltjgclg

Se egniutlce ziu pi teqjes pfe ìnuoegp~ pflp retpljg pi ziut ~z~peo&~*( lg` pi nig~jèt plmjgc pfe

~ucce~pe` ~per~ pi rtipenp ziut ~z~peo&~* atio lpplnm' Se lh~i egniutlce ziu pi nfenm sjpf ziut

qegìt&~* tecuhlthz ait lgz ~iapslte ur`lpe~ it ges ~iapslte rlpnfe~ pflp tehlpe pi ziut ~z~peo~'

L' Niooighz Evrhijpe` Nigajcutlpjig Rtidheo~

è~ntjde~ jgptuèt lnpjqjpz pflp j~

dl~e` ig l ~piheg rl~~sit` ajhe'

fppr;))sss'netp'itc)jgnjègpYgipe~)JG/:6'2>'fpoh

Ja ziu dehjeqe pflp ziut rl~~sit` ajhe olz flqe deeg plmeg( nflgce lhh pfe rl~~sit`~

ig pfe ~z~peo' Lp pfe qetz hel~p( ziu ~fiuh` nflgce lhh ~z~peo rl~~sit`~ denlu~e lg

jgptuèt olz nignegptlpe ig pfi~e lg` olz de ldhe pi cue~~ eqeg l tel~igldhz

$cii`$ rl~~sit`' Jgptuèt~ iapeg u~e niortioj~e` lnniugp~ pi lppeorp pi cljg

rtjqehlce` lnne~~ ig quhgetldhe ~z~peo~( ~i se egniutlce ziu pi aihhis pfe ~per~ jg

fppr;))sss'netp'itc)penfYpjr~)jgptuètYèpenpjigYnfenmhj~p'fpoh

fppr;))sss'netp'itc)penfYpjr~)sjg/UGJV/~z~peoYniortioj~e'fpoh

Ait autpfet jgaitolpjig ldiup rtipenpjgc ziut ~z~peo atio rl~~sit`/dl~e` lpplnm~(

~ee

fppr;))sss'netp'itc)penfYpjr~)rl~~s`YajheYrtipenpjig'fpoh

5:
http://www.cert.org/incident_notes/IN-98.03.htmlhttp://www.cert.org/incident_notes/IN-98.03.htmlhttp://www.cert.org/tech_tips/intruder_detection_checklist.htmlhttp://www.cert.org/tech_tips/intruder_detection_checklist.htmlhttp://www.cert.org/tech_tips/win-UNIX-system_compromise.htmlhttp://www.cert.org/tech_tips/win-UNIX-system_compromise.htmlhttp://www.cert.org/tech_tips/passwd_file_protection.htmlhttp://www.cert.org/tech_tips/passwd_file_protection.htmlhttp://www.cert.org/incident_notes/IN-98.03.htmlhttp://www.cert.org/tech_tips/intruder_detection_checklist.htmlhttp://www.cert.org/tech_tips/win-UNIX-system_compromise.htmlhttp://www.cert.org/tech_tips/passwd_file_protection.html


60/71

Meolglg Kltjgclg

jj' Lnniugp~ sjpf èaluhp rl~~sit`~

Jgptuèt~ evrhijp ~z~peo èaluhp rl~~sit`~ pflp flqe gip deeg nflgce` ~jgne

jg~plhhlpjig( jgnhu`jgc lnniugp~ sjpf qegìt/~urrhje` èaluhp rl~~sit`~' Jg ~ioe

nl~e~( lnniugp~ ì gip flqe l rl~~sit` l~~jcge` dz èaluhp' NETP Jgnjègp Gipe JG/

:6'2< è~ntjde~ jgptuèt lnpjqjpz pflp j~ dl~e` ig evrhijplpjig~ ia lnniugp~ sjpfiup

rl~~sit`~'

fppr;))sss'netp'itc)jgnjègpYgipe~)JG/:6'2


61/71

Meolglg Kltjgclg

fppr;))sss'~~f'nio)jg`ev'fpoh

fppr;))sss'ireg~~f'nio)

4' U~e ia PAPR &Ptjqjlh Ajhe Ptlg~aet Rtipinih* pi idpljg rl~~sit` ajhe~

Pi pe~p ziut ~z~peo ait pfj~ quhgetldjhjpz( niggenp pi ziut ~z~peo u~jgc papr lg` ptz

cep )epn)oip`

Ja ziu nlg `i pfj~( lgzige eh~e ig pfe gepsitm nlg rtidldhz cep ziut rl~~sit` ajhe' Pi lqij`

pfe rtidheo( `j~ldhe papr`' Ja ziu ou~p flqe papr`( eg~ute pflp jp j~ nigajcute` sjpf te~ptjnpe`

lnne~~' Ait autpfet jgaitolpjig( ~ee

fppr;))sss'netp'itc)l`qj~itje~)NL/:


62/71

Meolglg Kltjgclg

4' Oj~nigajcute` lgigzoiu~ APR

Jg l``jpjig pi olmjgc ~ute pflp ziu lte tuggjgc pfe oi~p tenegp qet~jig ia apr`( nfenm ziut

lgigzoiu~ APR nigajcutlpjig' Jp j~ joritplgp pi aihhis pfe jg~ptunpjig~ rtiqjè` sjpf pfe

iretlpjgc ~z~peo pi rtirethz nigajcute pfe ajhe~ lg` `jtenpitje~ lqljhldhe pftiucf lgigzoiu~

APR &ait evlorhe( ajhe lg` `jtenpitz retoj~~jig~( isget~fjr lg` ctiur*' Gipe pflp ziu ~fiuh`

gip u~e ziut ~z~peo#~ ~plg`lt` rl~~sit` ajhe it ctiur ajhe l~ pfe rl~~sit` ajhe it ctiur ajhe aitAPR' Pfe lgigzoiu~ APR tiip `jtenpitz lg` jp~ psi ~ud`jtenpitje~( epn lg` djg( ~fiuh` gip de

isge` dz apr' Ait oite jgaitolpjig ldiup nigajcutjgc lgigzoiu~ APR( ~ee

fppr;))sss'netp'itc)penfYpjr~)lgigzoiu~YaprYnigajc'fpoh

>' Jglrrtirtjlpe gepsitm nigajcutlpjig ajhe egptje~

êqetlh qegìt~ ~urrhz )epn)fi~p~'e|ujq ajhe~ sjpf l #-# &rhu~ ~jcg* egptz' Pfe #-# egptz ~fiuh` de

teoiqe` atio pfj~ ajhe denlu~e jp oelg~ pflp ziut ~z~peo sjhh ptu~p lhh ipfet ~z~peo~' Ipfet

ajhe~ pflp ~fiuh` gip nigpljg l #-# egptz jgnhuè lhh 'tfi~p~ ajhe~ ig pfe ~z~peo' Pfe~e ajhe~ ~fiuh`

gip de sith`/stjpldhe'

Ja ziut )u~t)hjd)V


63/71

Meolglg Kltjgclg

ur pi `lpe lg` lrrhz ~enutjpz rlpnfe~ lrrtirtjlpe pi ziut ~z~peo&~* l~ ~iig l~ pfez denioe

lqljhldhe'

6' U~e ia ~epuj` ~fehh ~ntjrp~

êpuj` ~fehh ~ntjrp~ &e~renjlhhz ~epuj` tiip* nlg ri~e ripegpjlh ~enutjpz rtidheo~( l alnp pflp fl~

deeg sehh ìnuoegpe` jg olgz UGJV ~z~peo lòjgj~ptlpjig pevp~' @i gip ntelpe it lhhis~epuj` ~fehh ~ntjrp~( e~renjlhhz ~epuj` tiip'

:' Jglrrtirtjlpe evritp ~eppjgc~

U~e pfe ~fisoiugp&6* upjhjpz pi nfenm pflp pfe nigajcutlpjig ia pfe )epn)evritp~ ajhe~ ig ziut

fi~p~ lte nittenp'

i Sfeteqet ri~~jdhe( ajhe ~z~peo~ ~fiuh` de evritpe` tel`/ighz'

i @i gip ~eha/teaetegne lg GA^ ~etqet jg jp~ isg evritp~ ajhe' Pflp j~( pfe evritp~ ajhe

~fiuh` gip evritp lg GA^ ~etqet pi jp~eha git pi lgz gepctiur~ pflp jgnhuè pfe GA^

~etqet'

i @i gip lhhis pfe evritp~ ajhe pi nigpljg l $hinlhfi~p$ egptz'i Evritp ajhe ~z~peo~ ighz pi fi~p~ pflp te|ujte pfeo'

i Evritp ighz pi auhhz |ulhjaje` fi~pgloe~'

i Eg~ute pflp evritp hj~p~ ì gip evnee` 451 nfltlnpet~ &lapet pfe lhjl~e~ flqe deeg

evrlgè`* it pflp lhh ~enutjpz rlpnfe~ tehlpjgc pi pfj~ rtidheo flqe deeg lrrhje`'

Pfe NETP Niit`jglpjig Negpet j~ lslte pflp jgptuèt~ lte u~jgc piih~ pflp evrhijp l guodet ia

GA^ quhgetldjhjpje~' Pfj~ nlg te~uhp jg l tiip niortioj~e( èreg`jgc ig pfe quhgetldjhjpz dejgc

evrhijpe`' Se egniutlce ziu pi hjojp ziut evri~ute pi pfe~e lpplnm~ dz jorheoegpjgc pfe

~enutjpz oel~ute~ iuphjge` jg NETP l`qj~itz NL/:0;


64/71


65/71

Meolglg Kltjgclg

Hlorjtlg 3Hj~p ia ^enutjpz Piih~

Jgpti`unpjig

Gipe~

Gepsitm Oigjpitjgc Piih~


66/71

Meolglg Kltjgclg

Pfj~ ìnuoegp è~ntjde~ piih~ pflp nlg de u~e` pi fehr ~enute l ~z~peo lg` èpet dtelm/jg~'

Jg l``jpjig pi pfe jgaitolpjig jg pfj~ ìnuoegp( se rtiqjè pftee niorlgjig ìnuoegp~ pflp olz fehr

ziu;

fppr;))sss'netp'itc)penfYpjr~)ugjvYnigajcutlpjigYcujèhjge~'fpoh

nigpljg~ ~ucce~pjig~ ait lqij`jgc niooig UGJV ~z~peo nigajcutlpjig rtidheo~ pflp flqedeeg evrhijpe`

fppr;))sss'netp'itc)penfYpjr~)jgptuètYèpenpjigYnfenmhj~p'fpoh

nigpljg~ ~ucce~pjig~ ait èpetojgjgc ja ziut ~z~peo fl~ deeg niortioj~e`

fppr;))sss'netp'itc)penfYpjr~)tiipYniortioj~e'fpoh

nigpljg~ ~ucce~pe` ~per~ ait teniqetjgc atio l tiip niortioj~e ig l UGJV ~z~peo

Lh~i( rhel~e ~ee iut NETP l`qj~itz rlce( iut NETP jgnjègp gipe~ rlce( lg` iut NETP quhgetldjhjpz

gipe~ rlce sfjnf nigpljg dtjea è~ntjrpjig~ ia lhh rl~p NETP l`qj~itje~( jgnjègp gipe~( lg`

quhgetldjhjpz gipe~' Pfe~e ajhe~ lte lqljhldhe atio

fppr;))sss'netp'itc)l`qj~itje~)

fppr;))sss'netp'itc)jgnjègpYgipe~)

fppr;))sss'netp'itc)quhYgipe~)

Se egniutlce ziu pi cep lhh l`qj~itje~ pflp retpljg pi ziut ~z~peo&~*( lg` pi jg~plhh pfe rlpnfe~ it

sitmltiug`~ è~ntjde` jg pfe l`qj~itje~' Se lh~i egniutlce ziu pi nfenm sjpf ziut qegìt&~*

tecuhlthz ait lgz ur`lpe~ it ges rlpnfe~ pflp tehlpe pi ziut ~z~peo~'

Gipe~

Sfeg jg~plhhjgc lg` u~jgc lgz ~enutjpz piih( tel` lg` aihhis lhh lqljhldhe `jtenpjig~' Eg~ute pflp u~e ia

pfe piih nigaito~ pi ziut itclgj{lpjig#~ rihjnje~ lg` rtineùte~' Meer ~eg~jpjqe ajhe~( ~unf l~ O@5

nfenm~uo~ lg` hic ajhe~( iaa/hjge it ig tel`/ighz oe`jl'

Pfe NETP Niit`jglpjig Negpet ìe~ gip aitolhhz teqjes( eqlhulpe( it egìt~e pfe piih~ lg`

penfgj|ue~ è~ntjde`' Pfe ènj~jig pi u~e pfe piih~ lg` penfgj|ue~ è~ntjde` j~ pfe

te~rig~jdjhjpz ia elnf u~et it itclgj{lpjig( lg` se egniutlce elnf itclgj{lpjig pi pfitiucfhz

eqlhulpe ges piih~ lg` penfgj|ue~ deaite jg~plhhjgc it u~jgc pfeo'

Gepsitm Oigjpitjgc Piih~


67/71

Meolglg Kltjgclg

^slpnf( pfe ^jorhe SLPNFet rtictlo( j~ lg el~jhz nigajcutldhe hic ajhe ajhpet)oigjpit'

^slpnf oigjpit~ hic ajhe~ lg` lnp~ pi ajhpet iup ugslgpe` `lpl lg` plme ige it oite

u~et/~renjaje` lnpjig~ dl~e` ig rlppetg~ jg pfe hic' ^slpnf j~ lqljhldhe atio

apr;))apr'~plgait`'e`u)cegetlh)~enutjpz/piih~)~slpnf)

Lupfegpjnlpjig)Rl~~sit` Piih~


68/71


69/71

Meolglg Kltjgclg

fppr;))sss'rcrj'itc)

Pfe niooetnjlh qet~jig ia RCR( atio RCR ^enutjpz( Jgn' nlg de aiug` lp

fppr;))sss'rcr'nio)

4' CguRC &Cgu Rtjqlnz Cult`*

Cgu Rtjqlnz Cult` &CguRC* j~ lg lhpetglpe atee ~ud~pjpupe ait RCR' Jp nlg de aiug` lp pfe Cgu

Rtjqlnz Cult` sed ~jpe

fppr;))sss'cgurc'itc)

Ipfet Piih~


70/71

Meolglg Kltjgclg

Se egniutlce ziu pi u~e ~ot~f teclt`he~~ ia sfepfet ziu u~e pfe qegìt#~ ~urrhje`

~egòljh it jg~plhh ~egòljh ziut~eha( lg` teclt`he~~ ia rlpnfe~ pflp flqe deeg jg~plhhe`'

Decjggjgc sjpf ~egòljh qet~jig 6'3' UGJV lte quhgetldhe denlu~e ia pjojgc sjgìs~

jg pfe slz )djg)oljh u~e~ rudhjnhz stjpldhe `jtenpitje~' Ja ziu nlggip jg~plhh l rlpnf atio ziut

qegìt( terhlne )djg)oljh sjpf oljh'hinlh' Decjggjgc sjpf ~egòljh qet~jig 6'3'


71/71

Meolglg Kltjgclg

Nltgecje Oehhig Ugjqet~jpz

Rjpp~dutcf RL 6:2

U'^'L'


tinjauan tentang buffer overflow dan denial of service attack

Documents