åãµã€ããŒã°ã«ãŒãã«ã¯ããããã¯ãŒã¯ã€ã³ãã©ã¹ãã©ã¯ãã£ã«é¢ããç¬èªã®èŠä»¶ããããŸãããã«ãŒããã©ãŒã¹ãã¹ã¯ãŒãããããã¯ãŒã¯ã¹ãã£ã³ããŸãã¯ãã£ãã·ã³ã°ã¡ãŒã«çšã®äžæãµãŒããŒãå¿ èŠãªäººãããã°ãäžé£ã®ãªããŒã¹ãããã·ã®èåŸã«é ãããé²åŒŸãã¹ãã£ã³ã°ãå¿ èŠãªäººãããŸãããã ãããã¹ãŠã®å€æ§æ§ã¯ãããã€ãã®å žåçãªã·ããªãªã«èŠçŽãããŸãã
- éæ³ãŸãã¯çãããã³ã³ãã³ããå«ããµã€ãã®ãã¹ãã£ã³ã°ã
- 管çã€ã³ãã©ã¹ãã©ã¯ãã£ãã¹ãã£ã³ã°ã
- ãµãŒãã¹ã¢ããªã±ãŒã·ã§ã³ãšã³ã³ããŒãã³ãã®ãã¹ãã£ã³ã°ã
- ã¢ãããã€ã¶ãŒããã©ã¯ãŒãããã³ãªããŒã¹ãããã·ã®ãã¹ãã£ã³ã°ã
- ã¹ãã£ã³ããã³ãã«ãŒããã©ãŒã¹æ»æå°çšã®ãµãŒããŒã
- ãã£ãã·ã³ã°ãšã¹ããã³ã°ã®ããã®ãã©ãããã©ãŒã ã
ãããã£ãŠãç¯çœªãããã¯ãŒã¯ã€ã³ãã©ã¹ãã©ã¯ãã£ã¯ãéåžžã次ã®é åã§æ§æãããŸãã
- ç¹å¥ãªãã¹ãã£ã³ã°ãµãŒãã¹ã
- 䟵害ããããµãŒããŒã«åºã¥ããã¹ãã£ã³ã°ã
- æ©å¯æ§ããã³å¿åæ§ãµãŒãã¹ã
- DNSãµãŒãã¹ã
ãããã®ã³ã³ããŒãã³ãã詳ããèŠãŠãå°çšã®ãã¹ãã£ã³ã°ãµãŒãã¹ããå§ããŸãããã
é²åŒŸãã¹ãã£ã³ã°
é ããæ©ããéæ³è¡çºã¯ãããã«é¢é£ãããªãœãŒã¹ãæ³å·è¡æ©é¢ã®æ³šæã®å¯Ÿè±¡ãšãªããšããäºå®ã«ã€ãªãããŸãã次ã«ããããã®ãªãœãŒã¹ã®IPã¢ãã¬ã¹ããããã¯ããããµãŒããŒãæŒåããããã¡ã€ã³ãåå²ãããŸãããã®ç¶æ³ã¯ããµã€ããŒæ»æã®æ··ä¹±ãšæ°ããã€ã³ãã©ã¹ãã©ã¯ãã£ã®ç·šæã«è²»ããå¿ èŠæ§ã«ã€ãªãããŸãããã®ãããªç¶æ³ãåé¿ããããã«ãéæ³ãªæ§é ç©ã¯èŠå¯ã®èŠè«ã«åœ±é¿ãããªããµãŒãã¹ã«é Œã£ãŠããŸãã
ããšãã°ãBelizeãšSeychellesã®æ³åŸã«ããããã®ãããªãã¹ãã£ã³ã°ãµãŒãã¹ãæäŸããäŒæ¥ã¯ãæœèšã§ãã¹ããããŠãããªãœãŒã¹ã«é¢ããæ³å·è¡æ©é¢ããã®ãã¹ãŠã®èŠæ±ãç¡èŠããããšãã§ããŸãããã®çµæãå€ãã®é²åŒŸãã¹ãã£ã³ã°ãµã€ããããã§ãã¹ããããŠããŸãã
å¥ã®äŸã¯ãåäºãã¹ãã£ã³ã°ãæ°å®¶ã«é 眮ããããšã§ãããŠã¯ã©ã€ãã®èŠå¯ãæè¿çºèŠããŠæé€ããã®ã¯ã100å°ãè¶ ãããµãŒããŒãå«ãéæ³ãªããŒã¿ã»ã³ã¿ãŒã§ããã
é«éãã©ãã¯ã¹ãµãŒãã¹
Fast-fluxã¯ããã¡ã€ã³åã®è§£æ±ºãIPã¢ãã¬ã¹ã®ããŒã«ã«çµ¶ããåãæ¿ããããšã«ããããµãŒãã¹ã®å¯çšæ§ãšè² è·åæ£ãåäžãããããã«äœ¿çšãããå®å šã«åæ³çãªãã¯ãããžãŒã§ãããã®ã¢ãããŒãã«ãããç¯çœªè ã¯ãããã³ã°ãååã«å¯Ÿããæµæåãé«ãããµãŒããŒã®å Žæãé ãããšãã§ããŸãã IPã¢ãã¬ã¹ã®ããŒã«ã¯ããªããŒã¹ãããã·ããã§ãŒã³ããããã«ãã䜿çšãããã¬ã³ã¿ã«ãããã¯ã©ãŠãVPSããããããããã¹ãããŸãã¯äŸµå®³ããããã·ã³ãªã©ãããã€ãã®ãªãœãŒã¹ã«ãã£ãŠæäŸãããŸãã
äžéå±€ãµãŒãã¹ãšããŠã®é«éãã©ãã¯ã¹ã®åäœãåºå žïŒä»¥äžãç¹ã«èšèŒããªãéãïŒïŒTrend Micro
fast-fluxæ¹åŒã®æ¬è³ªã¯ãDNS Aã¬ã³ãŒãã«çãTTLïŒåç¶æéïŒã䜿çšããããšã§ããããã«ãããã¹ããŒãžã³ã°DNSãµãŒããŒããã¡ã€ã³åããã£ãã·ã¥ããã®ãé²ããã¢ããã¿ã€ãºããããã¡ã€ã³ããŒã ã·ã¹ãã ïŒDNSïŒãµãŒããŒããã®èš±å¯ãåžžã«èŠæ±ããããã«åŒ·å¶ããŸãã TTLå€ãäœããšãæ»æè ã¯ãã¡ã€ã³ãå°çšããŒã«å ã®IPã¢ãã¬ã¹ã«é«é »åºŠã§è»¢éããäžéšã®ã¢ãã¬ã¹ãISPã«ãã£ãŠäŸµå®³ãŸãã¯çŠæ¢ãããŠããå Žåã§ãããµãŒãã¹ã®å¯çšæ§ã確ä¿ã§ããŸãã
é«éãã©ãã¯ã¹åºæã®DNSã¬ã³ãŒã
èµ€ã§è¡šç€ºãããŠããTTLå€ã¯ãåè©Šè¡åæ°ãç°åžžã«å°ãªããTTLæéãæå°ïŒç§åäœïŒã§èšå®ãããŠããŸããéåžžã®ç¶æ³ã§ã¯ãããã«ããDNSãµãŒããŒã«è¿œå ã®è² è·ãããããŸãããé«éãã©ãã¯ã¹ã®å Žåã®ç®æšã¯ããã£ãã·ã¥ã¡ã«ããºã ãæå¶ããŠãçŸåšãé«éãã©ãã¯ã¹ãã€ã³ãã©ã¹ãã©ã¯ãã£ã«ãã£ãŠæäŸãããŠããæå¹ãªIPã¢ãã¬ã¹ãã¯ã©ã€ã¢ã³ãã«æ瀺ãããããã«ããããšã§ãã
é«éãã©ãã¯ã¹ãµãŒãã¹ã¯ããªãã¬ãŒã¿ãŒããé«éãããŒãã€ã³ãã©ã¹ãã©ã¯ãã£ãæäŸããããã«IPã¢ãã¬ã¹ã®ããŒã«ãç¶æããå¿ èŠããããããã«ã¯è¿œå ã³ã¹ããå¿ èŠã«ãªããããé²åŒŸãã¹ãã£ã³ã°ãããè²»çšããããåŸåããããŸãã
é«éãã©ãã¯ã¹ãµãŒãã¹ã®æéã¯ã2ã€ã®ãã¡ã€ã³ã§æé¡100ãã«ã§ãããé²åŒŸãµãŒããŒã®æé¡æéã¯10ãã«ã§ãã
DDoSä¿è·
ãµã€ããŒç¯çœªã°ã«ãŒãã¯ãæ³çãªçµç¹ãšåæ§ã«äºãã«ç«¶äºãã競äºã®æ段ãšããŠãã¬ã€ã€ãŒ4ããã³ã¬ã€ã€ãŒ7ã®æ¹æ³ã䜿çšããŠã競åä»ç€Ÿã®ãªãœãŒã¹ãžã®ãµãŒãã¹æåŠã«å¯Ÿããæ»æãæé ããŸãããã®ãããå€ãã®é²åŒŸãµãŒãã¹ã§ã¯ããªãœãŒã¹ã«äœ¿çšã§ããDDoSä¿è·ãã¹ãã£ã³ã°ãŸãã¯DDoSä¿è·ãµãŒãã¹ãæäŸããŠããŸãã
éåžžããã®ãããªãµãŒãã¹ã¯ãWAFïŒWeb Application FirewallïŒãªã©ã®ä¿è·ããããµãŒããŒã®åã«ç¹æ®ãªãªãœãŒã¹ãé 眮ããããšã«ãã£ãŠæäŸãããŸãã
䟵害ããããã¹ãããã®VDââS
䟵害ããããµãŒããŒã¯ãç¯çœªåçåã©ã€ããµã€ã¯ã«ã®1ã€ä»¥äžã®æ®µéã§ãã¹ãã£ã³ã°ã«äœ¿çšãããããšããããããŸãã
ã³ã³ãããŒã«ããã£ããã£ããã«ã¯ã次ã®ããã«äœ¿çšããŸãã
- ãµãŒããŒãœãããŠã§ã¢ã®è匱æ§ã
- ç·åœããæ»æã
- çãŸããAPIããŒã
- æ¥ç¶ããããµãŒããŒãä»ããŠã¢ã«ãŠã³ããçãã
- ãã£ãã·ã³ã°ãšäžæ£ãªãã£ã³ããŒã³ã
ãã¹ã¯ãŒãæšæž¬ã¯éåžžãSSHãVNCãããã³RDPãµãŒãã¹ã«å¯Ÿããæ»æã§äœ¿çšãããŸãã
ãã€ãžã£ãã¯ããããµãŒããŒã«ã¢ã¯ã»ã¹ããããã®è³æ Œæ å ±ã¯ããã®åŸãå°äžã®ãªã³ã©ã€ã³ã¹ãã¢ã§è²©å£²ãã
ãŸã
ã䟵害ãããRDPãµãŒããŒã«ã¢ã¯ã»ã¹ããããã®ãªã³ã©ã€ã³ã¢ã«ãŠã³ãã¹ãã¢ãããå®å šãªãµãŒããŒããã€ãžã£ãã¯ããã«ã¯ããŒããã€ã®è匱æ§ãå¿ èŠã«ãªãå ŽåããããŸããããã¯ãµã€ããŒãã©ãŒã©ã ã§ãæäŸãããŸãã
FreeBSDãNetBSDãDebianãFedoraãAlpine Linuxãå®è¡ããŠãããµãŒããŒã䟵害ãããããããã¹ãã£ã³ã°ã«äœ¿çšã§ããOpenSMTPDã®è匱æ§ã®è²©å£²ã®çºè¡š
ã¯ã©ãŠããã¹ãã£ã³ã°ã®äŸµå®³
æ»æè ã®èŠ³ç¹ããã¯ãGoogleCloudãšMicrosoftAzureã¯éåžžã«ã¢ã¯ã»ã¹ãããããªãœãŒã¹ã§ããã©ã¡ãããã¢ã«ãŠã³ãã«æ¥ç¶ãããéè¡ã«ãŒããæã€ãŠãŒã¶ãŒãç¡æã§ãµãŒãã¹ãè©Šãããšãã§ããããã§ããããã«ããããµã€ããŒç¯çœªè ã¯ãæ¥ç¶ãããéè¡ã«ãŒãã䜿çšããŠGoogleã¢ã«ãŠã³ãããããŒã¿ãç©æ¥µçã«åéãããããã䜿çšããŠå°çšãµãŒããŒã®ã€ã³ã¹ã¿ã³ã¹ãèµ·åããããã«ãªããŸãããåå¿è ã®ããã«ãŒåãã«ã詳现ãªãã¥ãŒããªã¢ã«ãå ¬éãããŠããŸãã
䟵害ãããGoogleã¢ã«ãŠã³ãããGoogle Cloud Hostingãéãããã®ã¬ã€ãã¢ã«ãŠã³ãã
ãããã³ã°ããããªã人ã®ããã«ããã§ã«ãããã³ã°ãããMicrosoftAzureã¢ã«ãŠã³ããšGoogleCloudã¢ã«ãŠã³ããæäŸããã¹ãã¢ããããŸãã
ãœãã¯ã¹ããããã·ãSSHãã³ãã«
SOCKSãšãããã·ãµãŒãã¹ã䜿çšãããšãæ»æè ã¯ããŸã泚ç®ãéãããããããã¯ãŒã¯ã»ãã¥ãªãã£ç£èŠããŒã«ãä»ããŠæ€åºãããªã¬ãŒãããããããšãªãé衚瀺ã«ã§ããŸãã
ãã®ããŒã«ã®éèŠãèæ ®ãããšãSOCKSãããã·ãè³Œå ¥ããããã®ãªãœãŒã¹ãèŠã€ããã®ã¯æ¯èŒçç°¡åã§ãããæå·é貚ã§è³Œå ¥ä»£éãæ¯æãããšãã§ããŸãã
BitcoinãšEthereumã䜿çšããŠæ¯æãããšãã§ããSOCKSãããã·ã®äŸ¡æ Œè¡š
éä¿¡ãé ãå¥ã®æ¹æ³ã¯ãæ£åœãªãããã³ã«ãžã®ãã³ããªã³ã°ã§ããããšãã°ãSSHïŒ
SSHãã³ãã«ã®äŸ¡æ Œè¡š
SSHãã³ãã«ã®ã³ã¹ãã¯ãå Žæã®åœã«ãã£ãŠç°ãªããŸããå Žæã¯ãããã€ãã®éæ³è¡çºã«ãšã£ãŠéåžžã«éèŠã§ããããšãã°ãéè¡ã®äžæ£é²æ¢ã·ã¹ãã ã¯ãã«ãŒãææè ã«é¢ããæ å ±ããããã䜿çšããããšããIPã¢ãã¬ã¹ã®å°ççäœçœ®ãšé¢é£ä»ããŸãããããã£ãŠãç¯çœªè ã¯ãåžæããåœã ãã§ãªãéœåžã«ãäžèŽãããã³ãã«ãè³Œå ¥ããããã«ãããå€ãã®ãéãæã£ãŠãæ§ããªããšæã£ãŠããŸãã
VPNã®å¿åå
ãµã€ããŒç¯çœªç°å¢ã§æ±ããããŠãããã1ã€ã®ãµãŒãã¹ã¯å¿åVPNã§ããããã®éšåã§ã¯ã°ã«ãŒãã®å¥œã¿ãåãããŠããŸããNordVPNãProtonVPNãªã©ã®åæ³çãªåçšVPNã䜿çšããããšã奜ã人ãããã°ãå°äžåžå Žã§åæ§ã®ãµãŒãã¹ãã¬ã³ã¿ã«ãã人ãããã°ãOpenVPNãWireGuardãSoftEtherã«åºã¥ããŠç¬èªã«ã€ã³ãã©ã¹ãã©ã¯ãã£ãäœæãã人ãããŸãã ..ã
䟵害ããããã¹ããVPNãµãŒãã¹ã®æäŸã«äœ¿çšãããŠããããšãéæ¥çã«ç€ºãå åã®1ã€ã¯ããµãŒãã¹ã®ãå¯çšæ§ä¿èšŒæéãã®å åã§ããæ°å€ãå°ããã»ã©ããããã®ãµãŒãã¹ã¯çããããã®ã«ãªããŸããæ£åœãªVPNãããã€ããŒãããæäŸãããè³æ Œæ å ±ã24æéïŒ48æéãŸãã¯72æéïŒä»¥å ã«æ©èœããªãå Žåãæ°ããè³æ Œæ å ±ã¯ç¡æã§æäŸãããããšããæ¡ä»¶ã§æžãå¯èœæ§ã¯ã»ãšãã©ãããŸãããããããããã¯ãŸãã«éæ³ãªãµãŒãã¹ã®æäŸã«éåžžååšãããã®ã§ãã
ã·ã§ãŒãã©ã€ãVPN販売ã®ãç¥ãã
ãµãŒãã¹ã®å¿ååã®ç¯çœªçæ§è³ªã®å¯èœæ§ã瀺ããã1ã€ã®çãããå åã¯ãå¥çŽæéã§ããæ³çãªVPNãããã€ããŒã¯å°ãªããšã1ãæéãµãŒãã¹ãæäŸããŸãããç¯çœªç°å¢ã§ã¯1æ¥ä»¥å ã®VPNãµãŒãã¹ããããŸãããã®ãããªçãæéã§ååãªåæ³çãªäœ¿çšã®äºäŸãæ³åããããšã¯å°é£ã§ãããã ããç¯çœªè ã«ãšã£ãŠã¯ãããã§ååã§ãã
- 䟵害ãããéè¡ã«ãŒãã®æå¹æ§ã確èªãã
- 䟵害ãããã¢ã«ãŠã³ãã®æå¹æ§ã確èªãã
- ã¯ã©ãŠããã©ãããã©ãŒã ãŸãã¯ã³ã³ãã³ããã¹ãã£ã³ã°ãã©ãããã©ãŒã ã§ã¢ã«ãŠã³ããç»é²ãã
- ãœãŒã·ã£ã«ãããã¯ãŒã¯äžã§äžæ£ãªã¡ãŒã«ãäœæãã
- æªæã®ããåºåãã£ã³ããŒã³ãéå§ããŸãã
ã·ã£ããŠãµã€ããŒããžãã¹ã®ã€ã³ãã©ã¹ãã©ã¯ãã£ã®æäŸã¯ãæ¯èŒçæšæºçãªãµãŒãã¹ã«éå®ãããŸãããåºåã調ã¹ããšãããããªã¯ã©ã€ã¢ã³ããããŸã éèŠãããããŸãã¯äººæ°ã®åŸåãé«ãŸã£ãŠããéåžžã«èå³æ·±ããµãŒãã¹ãèŠã€ããããšãã§ããŸãã
ã¢ãã€ã«ã¯ãŒã¯ãã¬ã€ã¹
äžéšã®ãã³ããŒã¯ãéšå€è ããã®ä¿è·ãåžæãã人ã«é²åŒŸã¢ãã€ã«ã¯ãŒã¯ã¹ããŒã·ã§ã³ãæäŸããŠããŸãã
ãã®ãµã€ãã®æ£åŒãªããªã·ãŒã§ã¯ãã«ãŠã§ã¢ã®æ¡æ£ã¯çŠæ¢ãããŠããŸããããã©ãŒã©ã ã§ä»ã®æªæã®ããã¢ã¯ã·ã§ã³ã蚱容ããã
ããšã瀺åããåºåãèŠã€ãããŸãããææ¡ã§ã¯ãå®å šãªå¿åæ§ããŠãŒã¶ãŒãç¹å®ã§ããªãããšãé«éã€ã³ã¿ãŒãããæ¥ç¶ãDDoSä¿è·ãã¢ãŠãããŠã³ããã©ãã£ãã¯ãããµãŒãªã©ãèšåãããŠããŸããããŸããŸãªVPNãçŽæ¥ã®ããŒãã¹ãã£ã³ããã«ãŒããã©ãŒã¹ãããã³ãã«ãŠã§ã¢ã®é åžã¯èš±å¯ãããŠããŸããããæ»æè ã¯ãã®ãããªAWPã䜿çšããŠä»ã®ç¯çœªè¡çºãå®è¡ã§ããŸãã
ãã©ãã£ãã¯ãããµãŒã®å¿åå
æ³å·è¡æ©é¢ã競åä»ç€Ÿã®æ³šææ·±ãç®ãã身ãé ãæ¹æ³ã¯ãTorã ãã§ã¯ãããŸãããå ç¢ãªã¯ãŒã¯ã¹ããŒã¹ãæäŸãããµãŒãã¹ã¯ãå°ççã«åæ£ããã«ãŒã¿ãŒã®ãããã¯ãŒã¯ã䜿çšããŠç¬èªã®ãã©ãã£ãã¯ãããµãŒãéçºããŸããããã®ãã©ãã£ãã¯ã¯ãããŸããŸãªåœã«ããããŒã¿ã»ã³ã¿ãŒéãå®æçã«ç§»åããå¿åVPSã®ãã©ãã£ãã¯ãšæ··ããåã£ãŠããããã®ãããªã·ã¹ãã ã远跡ããããšã¯ããã«å°é£ã«ãªã£ãŠããŸãã
VPNæ¥ç¶ãTorãããã³å°ççã«åæ£ããã«ãŒã¿ãŒã®ã»ããããã³ãã«ããããã®ã«ã¹ã¿ã ãµãŒãã¹ãå©çšã§ããŸãããããã®çµã¿åããã«ããããã¹ããšãªãã€ã¬ã¯ã¿ã®è€éãªãã§ãŒã³ãäœæãããããã远跡ããããšã¯ã»ãšãã©äžå¯èœã§ãã
ãã©ãã£ãã¯é£èªåãã§ãŒã³ã®æäŸ
ããšãã°ããµãŒãã¹ã®1ã€ã¯ã次ã®ãã§ãŒã³ã®äœ¿çšãæäŸããŸãã
ãã¹ãâVPN1âVPN2âTORâãã©ãã£ãã¯ãããŠã³ã¹ããããã®ã²ãŒããŠã§ã€âãã©ãã£ãã¯ãããµãŒâãã©ãã£ãã¯ãããŠã³ã¹ããããã®å°ççã«åæ£ããã«ãŒã¿ãŒâäœæ¥çšã®ãªã¢ãŒããã¹ã¯ãããïŒRDPïŒâä»ã®å°ççã«åæ£ããã«ãŒã¿ãŒãä»ããæ¥ç¶âTorãµãŒããŒâåºåããŒãâå®å ã
çµè«
ç§ãã¡ã®èª¿æ»ã«ãããšããµã€ããŒç¯çœªã€ã³ãã©ã¹ãã©ã¯ãã£ã¯ãå€ãã®ç 究è ãæ³å®ããŠãããããå€§å¹ ã«é²ãã§ããŸãããã®ç¹å®ã®èŠçŽ ã¯ãç¯çœªããžãã¹ã®æãæçããåŽé¢ã®1ã€ã§ãããšç§ãã¡ã¯ä¿¡ããŠããŸãããããã¯ãŒã¯ã¯ãŒã ã¯ããã€ã®æšéŠ¬ã«åã£ãŠä»£ãããããã©ãŠã¶ã¯æšçãçµã£ããã£ãã·ã³ã°æ»æã«æªçšãããå®å šãªåŒ·å¥ªã¯æ å ±çé£ã®ããžãã¹ã¢ãã«ã«åã£ãŠä»£ããã€ã€ãããŸãããã ããããããã¹ãŠã®ã¢ã¯ã·ã§ã³ã®åºç€ãšãªãã€ã³ãã©ã¹ãã©ã¯ãã£ã¯åŒãç¶ãéèŠãããã絶ããé²åããŠãããæè¡çã«æŽç·Žãããæ°ãããµãŒãã¹ãæäŸããŠããŸãã
ãµã€ããŒç¯çœªè ã¯ãæ³å·è¡æ©é¢ããã§ããã ãé·ãé ããªããè¡åã§ããä¿¡é Œæ§ã®é«ããµãŒãã¹ãå¿ èŠãšããŠããŸãããã®éèŠã¯ãéæ¥çã«ç¯çœªè ãæ¯æŽããªããããµã€ããŒç¯çœªè ã«å¯Ÿå¿ããæºæ³åãµãŒãã¹ã®æ¥çå šäœãçã¿åºããŸãããåé¡ã¯ãä¿¡é Œæ§ãé«ã远跡äžå¯èœãªãã¹ãã£ã³ã°ãµãŒãã¹ãæäŸããããšèªäœãéæ³ã§ã¯ãªããšããããšã§ãããã®åé¡ã解決ããããšã¯ãã°ããŒãã«ãªåé¡ãšããŠãµã€ããŒç¯çœªãšæŠã£ãŠãã人ã ã«ãšã£ãŠéåžžã«éèŠãªåé¡ã§ãã