æ°å¹Žåãç 究æ©é¢ãæ
å ±ã»ãã¥ãªã㣠ãµãŒãã¹ ãããã€ããŒã次ã®ãããªå ±åãå§ããŸããã
ç§ãã¡ã¯ãåçŽã§ç°¡åã«æ€åºã§ãã DDoS æ»æ (ããã³ãããé²æ¢ã§ããåçŽãªããŒã«) ã®æ代ã¯çµãã£ããšèããŠããŸãã ãµã€ããŒç¯çœªè
ã¯ããããã®æ»æãé èœããå®è¡ããããšããŸããŸãå·§åŠã«ãªã£ãŠããŠããŸãã éã®æ¥çã¯ãç·åœããæ»æããã¢ããªã±ãŒã·ã§ã³ ã¬ãã«ã®æ»æã«ç§»è¡ããŠããŸãã 圌女ã¯ãå®å
šã«ãªãã©ã€ã³ã®ããã»ã¹ãå«ãããžãã¹ ããã»ã¹ãç Žå£ãããšããé倧ãªåœä»€ãåããŠããŸãã
çŸå®ãžã®äŸµå ¥
2017 幎ãã¹ãŠã§ãŒãã³ã®äº€éãµãŒãã¹ãæšçãšããäžé£ã® DDoS æ»æã«ãããæ»æãé·æåããŸããã
DDoS æ»æã®åœ±é¿ã¯ããªã³ã©ã€ã³ ãŠãŒã¶ãŒã ãã§ãªããIRL (å®ç掻) ãšåŒã°ãã人ã ãçµéšããããã«ãªããŸããã æ»æè ã¯ãããŸã§ãªã³ã©ã€ã³ ãµãŒãã¹ã®ã¿ãã¿ãŒã²ããã«ããŠããŸããããçŸåšã§ã¯ããããããžãã¹éå¶ã劚害ããããšãæ»æã®ç®çãšãªã£ãŠããããšããããããŸãã çŸåšãæ»æã® 60% 以äžããæåãäžæ£ç«¶äºãªã©ã®ç®çãæã£ãŠãããšæšå®ãããŠããŸãã ååŒãšç©æµã¯ç¹ã«è匱ã§ãã
ããã¹ããŒãã«ãããé«äŸ¡ã«
DDoS ã¯ãæãäžè¬çãã€æ¥éã«æé·ããŠããçš®é¡ã®ãµã€ããŒç¯çœªã® 2020 ã€ãšèãããç¶ããŠããŸãã å°é家ã«ãããšãXNUMX幎ãããã®æ°ã¯å¢ããäžæ¹ã ãšããã ããã«ã¯ããŸããŸãªçç±ãé¢ä¿ããŠããŸãããã³ãããã¯ã«ããããžãã¹ã®ãªã³ã©ã€ã³ãžã®ç§»è¡ãããã«é²ãã§ããããšããµã€ããŒç¯çœªãšãã圱ã®ç£æ¥ã®çºå±ãããã«ã¯
DDoS æ»æã¯ãå°å ¥ãç°¡åã§ã³ã¹ããäœããããäžæçã«ã人æ°ãã«ãªããŸãããã»ãã®æ°å¹Žåã«ã¯ã50 æ¥ããã 5 ãã«ã§æ»æãéå§ã§ããŸããã çŸåšãæ»æã®ã¿ãŒã²ãããšææ³ã¯äž¡æ¹ãšãå€åããŠãããæ»æã¯è€éã«ãªãããã®çµæãã³ã¹ããå¢å ããŠããŸãã ããããæéè¡šã«ã¯ 400 æéããã XNUMX ãã«ããã®æéããŸã èšèŒãããŠããŸã (ã¯ãããµã€ããŒç¯çœªè ã¯æéè¡šãšæéè¡šãæã£ãŠããŸã)ããã ããä¿è·æ©èœã®ãã Web ãµã€ãã®å Žåã圌ãã¯ãã§ã« XNUMX æ¥ããã XNUMX ãã«ããã®æéãèŠæ±ããŠããã倧äŒæ¥ã®ãå人ã泚æã®ã³ã¹ãã¯æ°åãã«ã«éããŸãã
çŸåšãDDoS æ»æã«ã¯äž»ã« XNUMX ã€ã®ã¿ã€ãããããŸãã æåã®ç®æšã¯ããªã³ã©ã€ã³ ãªãœãŒã¹ãäžå®æéå©çšã§ããªãããã«ããããšã§ãã æ»æè ã¯æ»æèªäœäžã«æéãè«æ±ããŸãã ãã®å ŽåãDDoS ãªãã¬ãŒã¿ãŒã¯ç¹å®ã®çµæãæ°ã«ãããã¯ã©ã€ã¢ã³ãã¯å®éã«æ»æãéå§ããããã«åæããæ¯æããŸãã ãã®ãããªæ¹æ³ã¯éåžžã«å®äŸ¡ã§ãã
30 çªç®ã®ã¿ã€ãã¯ãç¹å®ã®çµæãéæãããå Žåã«ã®ã¿å ±é ¬ãæ¯æãããæ»æã§ãã ãã£ã¡ã®ã»ããé¢çœããã æ»æè ã¯ç®çãéæããããã«æãå¹æçãªæ¹æ³ãéžæããå¿ èŠããããããå®è£ ãã¯ããã«é£ããããã®ããã³ã¹ããå€§å¹ ã«é«ããªããŸãã Variti ã§ã¯ããµã€ããŒç¯çœªè ãšå®å šãªãã§ã¹ ã²ãŒã ãè¡ãããšããããŸãããµã€ããŒç¯çœªè ã¯å³åº§ã«æŠè¡ãããŒã«ãå€æŽããè€æ°ã®ã¬ãã«ã§è€æ°ã®è匱æ§ã«åæã«äŸµå ¥ããããšããŸãã ãããã¯æããã«ããŒã æ»æã§ãããããã«ãŒã¯é²åŸ¡åŽã®è¡åã«ã©ã®ããã«åå¿ãã察æããããå®å šã«çç¥ããŠããŸãã ãããã«å¯ŸåŠããããšã¯å°é£ã§ããã ãã§ãªããäŒæ¥ã«ãšã£ãŠéåžžã«ã³ã¹ããããããŸãã ããšãã°ãåœç€Ÿã®é¡§å®¢ã® XNUMX ã€ã§ãã倧æãªã³ã©ã€ã³å°å£²æ¥è ã¯ãDDoS æ»æãšæŠãããšãä»»åãšãã XNUMX 人ãããªãããŒã ãã»ãŒ XNUMX 幎éç¶æããŠããŸããã
Variti ã«ãããšãçŽç²ã«éå±ãèããããŸãã¯ç¹å®ã®äŒæ¥ãžã®äžæºããå®è¡ãããåçŽãª DDoS æ»æã¯ãçŸåšããã¹ãŠã® DDoS æ»æã® 10% æªæºãå ããŠããŸã (ãã¡ãããä¿è·ãããŠããªããªãœãŒã¹ã«ã¯ç°ãªãçµ±èšãããå¯èœæ§ããããŸããåœç€Ÿã®é¡§å®¢ããŒã¿ã確èªããŠããŸã)ã ã ãã以å€ã¯ãã¹ãŠããã®ããŒã ã®ä»äºã§ãã ãã ãããã¹ãŠã®ãæªãããããã® XNUMX åã® XNUMX ã¯ãææ°ã®åžå Žãœãªã¥ãŒã·ã§ã³ã䜿çšããŠæ€åºããã®ãé£ããè€éãªãããã§ãã ãããã¯å®éã®ãŠãŒã¶ãŒããã©ãŠã¶ã®åäœãæš¡å£ãããè¯ãããªã¯ãšã¹ããšãæªãããªã¯ãšã¹ãã®åºå¥ãå°é£ã«ãããã¿ãŒã³ãå°å ¥ããŸãã ããã«ãããæ»æãç®ç«ããªããªããããå¹æçã«ãªããŸãã
GlobalDots ããã®ããŒã¿
æ°ãã DDoS ã¿ãŒã²ãã
ã¬ããŒã
ãããã¯ãããŸããŸãªæ¹æ³ã§äŒæ¥ã®ç掻ãå°ç¡ãã«ããæ¹æ³ãç¥ã£ãŠããŸããWeb ãµã€ãããã¯ã©ãã·ã¥ãããããšããäºå®ã«å ããŠããããã¯çŸåšãåºåè²»ãå¢ãããããåºåãã¯ãªãã¯ããããäŸ¡æ Œã解æã㊠XNUMX ãããŒã§ãå®ãããããšã«ãåŸäºããŠããŸãã賌å
¥è
ããã³ãå¯ããããŸããŸãªæªãç®çã§ã³ã³ãã³ããçã¿ãŸãïŒããšãã°ãæè¿ã§ã¯
ãé éãããŸããã§ããã
ç©æµããžãã¹ ããã»ã¹ã¯ã»ãšãã©ã®äŒæ¥ã«ãšã£ãŠéèŠã§ãããããé »ç¹ã«æ»æãããŸãã èããããæ»æã·ããªãªã¯æ¬¡ã®ãšããã§ãã
å©çšäžå¯
ãªã³ã©ã€ã³åååŒã«åŸäºããŠããå Žåã¯ããããããã§ã«åœã®æ³šæã®åé¡ã«ç²ŸéããŠããã§ãããã ããããæ»æããããšãç©æµãªãœãŒã¹ã«éè² è·ãããããä»ã®è³Œå ¥è ãååãå ¥æã§ããªããªããŸãã ãããè¡ãããã«ã圌ãã¯åšåº«è£œåã®æ倧æ°ã«çããèšå€§ãªæ°ã®åœã®æ³šæãåºããŸãã ãããã®ååã¯ä»£éãæ¯æãããããã°ããããŠãããµã€ãã«è¿åŽãããŸãã ãããããã®è¡çºã¯ãã§ã«è¡ãããŠããããããã¯ãåšåº«åãããšããŠããŒã¯ãããŠãããäžéšã®è³Œå ¥è ã¯ãã§ã«ç«¶åä»ç€Ÿã«è¡ã£ãŠããŸãã ãã®æŠè¡ã¯èªç©ºåžçºè¡æ¥çã§ã¯ããç¥ãããŠããããããããã¹ãŠã®ãã±ãããå ¥æå¯èœã«ãªããšããã«å³åº§ã«ã売ãåããããšããããŸãã ããšãã°ãåœç€Ÿã®ã¯ã©ã€ã¢ã³ãã® 100 ã€ã§ãã倧æèªç©ºäŒç€Ÿã¯ãäžåœã®ç«¶åä»ç€Ÿã«ãã£ãŠçµç¹ããããã®ãããªæ»æã®è¢«å®³ã«éããŸããã ããã XNUMX æéã§ããããã¯ç¹å®ã®ç®çå°ãžã®ãã±ããã® XNUMX% ã泚æããŸããã
ã¹ããŒã«ãŒããã
次ã«äžè¬çãªã·ããªãªã¯ããããã補åã®å šã©ã€ã³ãç¬æã«è³Œå ¥ããææè ãåŸã§ããããã€ãäžããäŸ¡æ Œ (å¹³å 200% ã®å€äžã) ã§è²©å£²ãããšãããã®ã§ãã ãã®åé¡ã¯ãã¡ãã·ã§ã³ ã¹ããŒã«ãŒæ¥çãç¹ã«éå®ã³ã¬ã¯ã·ã§ã³ã§ã¯ããç¥ãããŠããããããã®ãããªãããã¯ã¹ããŒã«ãŒ ããããšåŒã°ããŸãã ãããã¯ãå®éã®ãŠãŒã¶ãŒããããééã§ããªãããã«ãªãœãŒã¹ããããã¯ããªãããã»ãŒæ°åã§çŸããã°ããã®æ°ããåç·ãè²·åããŸããã ããã¯ãæµè¡ã®å æ²¢ã®ããéèªã§ãããã«ã€ããŠæžãããçããã±ãŒã¹ã§ãã ãã ããäžè¬ã«ããµãã«ãŒã®è©Šåãªã©ã®ã¯ãŒã«ãªã€ãã³ãã®ãã±ããã®å販æ¥è ãåãã·ããªãªã䜿çšããŸãã
ãã®ä»ã®ã·ããªãª
ããããããã ãã§ã¯ãããŸããã ç©æµã«å¯Ÿããæ»æã«ã¯ããã«è€éãªããŒãžã§ã³ããããæ·±å»ãªæ倱ãçºçããæãããããŸãã ããã¯ããµãŒãã¹ã«ãåååãåãæã®æ¯æãããªãã·ã§ã³ãããå Žåã«è¡ãããšãã§ããŸãã ãããã¯ãã®ãããªååã®åœã®æ³šæãæ®ããäœãçã£ãŠããªã人ã ã®åœã®äœæããŸãã¯å®éã®äœæã瀺ããŸãã ãããŠäŒæ¥ã¯ãé éãä¿ç®¡ã詳现ã®èª¿æ»ã«å€å€§ãªã³ã¹ããããããŸãã çŸæç¹ã§ã¯ãååã¯ä»ã®é¡§å®¢ãå ¥æã§ãããå庫å ã®ã¹ããŒã¹ãå æããŸãã
ã»ãã«äœãïŒ ãããã¯ã補åã«ã€ããŠå€§éã®åœã®æªãã¬ãã¥ãŒãæ®ãããæ¯æãã®è¿åãæ©èœã劚害ããååŒããããã¯ãã顧客ããŒã¿ãçã¿ãå®éã®é¡§å®¢ã«ã¹ãã ãéä¿¡ãããªã©ãéžæè¢ã¯ãããããããŸãã è¯ãäŸã¯ãDHLãHermesãAldiTalkãFreenetãSnipes.com ã«å¯Ÿããæè¿ã®æ»æã§ãã ããã«ãŒ
ææ¥é»è©±ããŠãã ãã
æšå¹Žãé£éŠååŒå§å¡äŒïŒFTCïŒã¯ãã¹ãã ãè©æ¬ºçãªé»è©±ãããé話ã«é¢ããäŒæ¥ããŠãŒã¶ãŒããã®èŠæ
ãåå¢ãããšå ±åããŸããã ããã€ãã®æšå®ã«ãããšããããã¯æ¬¡ã®ããã«ãªããŸãã
DDoS ãšåæ§ãTDoS (æºåž¯é»è©±ã«å¯Ÿãã倧èŠæš¡ãªãããæ»æ) ã®ç®çã¯ãããããããæªè³ªãªç«¶äºãŸã§å€å²ã«ããããŸãã ãããã¯ã³ã³ã¿ã¯ã ã»ã³ã¿ãŒã«éè² è·ããããå®éã®é¡§å®¢ãéãããšãé²ãå¯èœæ§ããããŸãã ãã®æ¹æ³ã¯ããªãã¬ãŒã¿ãŒããåžžé§ãããŠããã³ãŒã«ã»ã³ã¿ãŒã ãã§ãªããAVR ã·ã¹ãã ã䜿çšãããŠããå Žåã«ãæå¹ã§ãã ãŸãããããã¯ã顧客ãšã®ä»ã®ã³ãã¥ãã±ãŒã·ã§ã³ ãã£ãã« (ãã£ãããé»åã¡ãŒã«) ã倧èŠæš¡ã«æ»æããCRM ã·ã¹ãã ã®éçšãæ··ä¹±ããããªãã¬ãŒã¿ãŒãå±æ©ã«å¯ŸåŠããããã«éè² è·ã«ãªã£ãŠããããã人äºç®¡çã«ããçšåºŠæªåœ±é¿ãäžããå¯èœæ§ããããŸãã ãã®æ»æã¯ã被害è ã®ãªã³ã©ã€ã³ ãªãœãŒã¹ã«å¯ŸããåŸæ¥ã® DDoS æ»æãšåæãããããšãã§ããŸãã
æè¿ãåæ§ã®æ»æã«ããæå©æŽ»åãäžæãããŸããã
Wi-Fiããªããªã
ãµã€ããŒç¯çœªè ã¯ãäŒæ¥ãããã¯ãŒã¯å šäœãç°¡åã«ãããã¯ããããšãã§ããŸãã IP ããããã³ã°ã¯ãDDoS æ»æã«å¯Ÿæããããã«ãã䜿çšãããŸãã ããããããã¯å¹æããªãã ãã§ãªããéåžžã«å±éºãªè¡çºã§ããããŸãã IP ã¢ãã¬ã¹ã¯ (ãªãœãŒã¹ç£èŠãªã©ã«ãã) ç°¡åã«èŠã€ããããç°¡åã«çœ®ãæã (ãŸãã¯ãªãããŸã) ã§ããŸãã Variti ã«æ¥ãåã«ãç¹å®ã® IP ããããã¯ãããšãªãã£ã¹å ã® Wi-Fi ããªãã«ãªãã ãã ãšããã¯ã©ã€ã¢ã³ããããŸããã ã¯ã©ã€ã¢ã³ããå¿ èŠãª IP ããããæããããªãŒãžã§ã³å šäœããã®ãŠãŒã¶ãŒã®ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ããããã¯ãããã以å€ã®å Žåã¯ãªãœãŒã¹å šäœãå®å šã«æ©èœããŠãããããé·ãéããã«æ°ä»ããªãã£ããšããã±ãŒã¹ããããŸããã
äœãæ°ããã®ïŒ
æ°ããªè åšã«ã¯ãæ°ããªã»ãã¥ãªã㣠ãœãªã¥ãŒã·ã§ã³ãå¿ èŠã§ãã ãã ãããã®æ°ãããããåžå Žã¯ãŸã åºçŸãå§ããã°ããã§ãã åçŽãªãããæ»æãå¹æçã«æéããããã®ãœãªã¥ãŒã·ã§ã³ã¯æ°å€ããããŸãããè€éãªãããæ»æã®å Žåã¯ããã»ã©åçŽã§ã¯ãããŸããã å€ãã®ãœãªã¥ãŒã·ã§ã³ã§ã¯äŸç¶ãšã㊠IP ãããã¯æè¡ãå®è·µãããŠããŸãã éå§ããããã«åæããŒã¿ãåéããæéãå¿ èŠãªå Žåãããããã® 10 ïœ 15 åãè匱æ§ã«ãªãå¯èœæ§ããããŸãã æ©æ¢°åŠç¿ã«åºã¥ãããœãªã¥ãŒã·ã§ã³ãããããããã®åäœã«ãã£ãŠããããèå¥ã§ããŸãã ãããŠåæã«ããå察åŽãã®ããŒã ã¯ã人éã®ãã¿ãŒã³ãšèŠåããã€ããªããå®éã®ãã¿ãŒã³ãæš¡å£ã§ãããããããã§ã«æã£ãŠãããšèªæ ¢ããŸãã 誰ãåã€ãã¯ãŸã æããã§ã¯ãªãã
ããã®ããã ããŒã ãè€æ°ã®ã¬ãã«ã®è€éãªå€æ®µéæ»æã«äžåºŠã«å¯ŸåŠããªããã°ãªããªãå Žåã¯ã©ãããã°ããã§ãããã?
ç§ãã¡ã®çµéšã«ããã°ãIP ã¢ãã¬ã¹ããããã¯ããã«ãäžæ£ãªãªã¯ãšã¹ãããã£ã«ã¿ãªã³ã°ããããšã«éç¹ã眮ãå¿ èŠããããŸãã è€é㪠DDoS æ»æã§ã¯ããã©ã³ã¹ããŒã ã¬ãã«ãã¢ããªã±ãŒã·ã§ã³ ã¬ãã«ãAPI ã€ã³ã¿ãŒãã§ã€ã¹ãªã©ãè€æ°ã®ã¬ãã«ã§äžåºŠã«ãã£ã«ã¿ãªã³ã°ããå¿ èŠããããŸãã ããã«ãããæ®æ®µã¯ç®ã«èŠããèŠéããã¡ãªäœåšæ³¢æ»æãæéããããšãå¯èœã§ãã æåŸã«ãæ»æãã¢ã¯ãã£ãã§ããéã§ãããã¹ãŠã®å®éã®ãŠãŒã¶ãŒã®ééãèš±å¯ããå¿ èŠããããŸãã
第 XNUMX ã«ãäŒæ¥ã¯ç¬èªã®å€æ®µéä¿è·ã·ã¹ãã ãæ§ç¯ããèœåãå¿ èŠã§ãããã®ã·ã¹ãã ã«ã¯ãDDoS æ»æãé²æ¢ããããŒã«ã«å ããŠãè©æ¬ºãããŒã¿çé£ãã³ã³ãã³ãä¿è·ãªã©ã«å¯Ÿããã·ã¹ãã ãçµã¿èŸŒãŸããŠããŸãã
第äžã«ãæåã®ãªã¯ãšã¹ããããªã¢ã«ã¿ã€ã ã§æ©èœããå¿ èŠããããŸããã»ãã¥ãªã㣠ã€ã³ã·ãã³ãã«å³åº§ã«å¯Ÿå¿ã§ãããããæ»æãé²æ¢ãããããã®ç Žå£åã軜æžãããã§ããå¯èœæ§ãå€§å¹ ã«é«ãŸããŸãã
è¿æªæ¥: ãããã䜿çšããè©å€ç®¡çãšããã°ããŒã¿åé
DDoS ã®æŽå²ã¯ãåçŽãªãã®ããè€éãªãã®ãžãšé²åããŠããŸããã åœåãæ»æè
ã®ç®çã¯ãµã€ãã®åäœãåæ¢ãããããšã§ããã çŸåšã§ã¯ãäžæ žãšãªãããžãã¹ ããã»ã¹ãã¿ãŒã²ããã«ããæ¹ãå¹ççã§ããããšãããããŸããã
æ»æã®é«åºŠåã¯ä»åŸãé²ãããšã¯é¿ããããŸããã ããã«ãçŸåšæªè³ªãªããããè¡ã£ãŠããããš (ããŒã¿ã®çé£ãæ¹ãããæåãã¹ãã ) ã«å ããŠããããã¯å€æ°ã®ãœãŒã¹ (ããã°ããŒã¿) ããããŒã¿ãåéãã圱é¿å管çãè©å€ããŸãã¯å€§èŠæš¡ãªãã£ãã·ã³ã°ã®ããã«ã匷åãªãåœã¢ã«ãŠã³ããäœæããŸãã
çŸåšãDDoS ãšãããä¿è·ã«æè³ããäœè£ãããã®ã¯å€§äŒæ¥ã ãã§ããããã®äŒæ¥ã§ãã£ãŠãããããã«ãã£ãŠçæããããã©ãã£ãã¯ãåžžã«å®å šã«ç£èŠããã³ãã£ã«ã¿ãªã³ã°ã§ããããã§ã¯ãããŸããã ãããæ»æãããè€éã«ãªã£ãŠããããšã®å¯äžã®å©ç¹ã¯ãåžå Žãããã¹ããŒãã§é«åºŠãªã»ãã¥ãªã㣠ãœãªã¥ãŒã·ã§ã³ãäœæããããåºæ¿ãããŠããããšã§ãã
ãããä¿è·æ¥çã¯ã©ã®ããã«çºå±ããçŸåšåžå Žã§ã©ã®ãããªãœãªã¥ãŒã·ã§ã³ãå¿
èŠãšãããŠããã®ããã©ãæããŸãã?
åºæïŒ habr.com