|
| [°øÁö] ¸®´ª½º µµ¸ÞÀγ×ÀÓ¼¹ö(DNS) º¸¾È À̽´ °øÁö2014-07-23 |
|
|
¾È³çÇϼ¼¿ä.
ÁÁÀºÀÎÅͳÝ(ÁÖ) ÅëÅ«¾ÆÀÌ IDC ÀÔ´Ï´Ù.
ÃÖ±Ù À̽´°¡µÇ°í ÀÖ´Â ¸®´ª½º µµ¸ÞÀγ×ÀÓ¼¹ö(DNS) º¸¾È Ãë¾àÁ¡¿¡ ´ëÇÏ¿© ¾È³» µå¸³´Ï´Ù.
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
À̸§ : DNS ÁõÆø DDOS °ø°Ý (DNS amplification DDOS attack)
- Ãë¾àÁ¡ Á¤º¸ : DNSÄõ¸®¸¦ ÀÌ¿ëÇÏ¿© º¹¼öÀÇ DNSÁ¤º¸ÀÀ´äÀ»
¿äûÇØ °ø°ÝÆ®·¡ÇÈÀ» Áõº¹½ÃŲ ÈÄ °ø°Ý¸ñÀûÁö¸¦
°ø°ÝÇÏ´Â ¼ºñ½º¹æÇØ °ø°Ý±â¹ý
- °ø°Ý DNSÄõ¸® ³»¿ë : UDP ÇÁ·ÎÅäÄÝÀ» ÀÌ¿ëÇÏ¿© ƯÁ¤ ³×Æ®¿öÅ©
´ë¿ªÀüüÀÇ DNS ¼¹ö¿¡ ºÒƯÁ¤ µµ¸ÞÀο¡
´ëÇÑ Á¤º¸¸¦ µµ¸ÞÀγ×ÀÓ¼¹ö(DNS)¿¡ ¿äû
- ´ëÀÀ¹æ¾È :
1. DNS¼¹ö¿¡ ¾ø´Â Á¤º¸´Â ÀÀ´äÇÏÁö ¾Êµµ·Ï ¼³Á¤
-> /etc/named.conf¸¦ option ¿µ¿ª recursion no; ¸¦ Ãß°¡ÇÏ°í
localhost ¿µ¿ª¿¡ recursion no;·Î ¿É¼ÇÀ» º¯°æ
2. DNS¼¹ö¿¡¼ bind µ¥¸óÀ» »èÁ¦ÇÏ°í ´Ù¸¥ ³×ÀÓ¼¹ö·Î
ÀÌÀüÀ» ÁøÇà
-> Âü°íÆäÀÌÁö
(https://www.tongkni.co.kr/idcplus/plugin/dnsservice.asp)
3. iptables º¸¾È °È¼³Á¤
-> ÇØ´ç °ø°Ý¿¡ ´ëÇÑ °¨½Ã»çÀÌÆ®
(http://dnsamplificationattacks.blogspot.kr)
ÂüÁ¶ÇÏ¿© /etc/sysconfig/iptables¿¡ Á¤º¸¸¦ IPÁ¤º¸¸¦ Ãß°¡
º¸¿ÏÇÕ´Ï´Ù.
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ÀÌ»óÀÔ´Ï´Ù. |
|
|
±Ûº¸±â 