Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hardening 1010 CashFlow 大阪 振り返り会 (2017/7/13) #9...

Jun Matsumoto
July 20, 2017
Technology
0
250

Hardening 1010 CashFlow 大阪 振り返り会 (2017/7/13) #9 NearMULL

2017/6/23,24 に開催された Hardening 1010 CashFlow (#h1010cf)
#9 NearMULL 大阪振り返り会(2017/7/13)

Jun Matsumoto

July 20, 2017
Tweet

More Decks by Jun Matsumoto

See All by Jun Matsumoto
OWASP ZAP 簡単な使い方
jun_matsumoto
3
2.6k

Other Decks in Technology

See All in Technology
AIエージェント元年@日本生成AIユーザ会
shukob
1
240
Pwned Labsのすゝめ
ken5scal
2
510
事業を差別化する技術を生み出す技術
pyama86
2
420
リクルートのエンジニア組織を下支えする 新卒の育成の仕組み
recruitengineers
PRO
1
140
入門 PEAK Threat Hunting @SECCON
odorusatoshi
0
170
Autonomous Database Serverless 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
17
45k
急成長する企業で作った、エンジニアが輝ける制度/ 20250227 Rinto Ikenoue
shift_evolve
0
180
遷移の高速化 ヤフートップの試行錯誤
narirou
6
1.8k
JAWS FESTA 2024「バスロケ」GPS×サーバーレスの開発と運用の舞台裏/jawsfesta2024-bus-gps-serverless
ma2shita
3
270
2/18 Making Security Scale: メルカリが考えるセキュリティ戦略 - Coincheck x LayerX x Mercari
jsonf
0
240
Change Managerを活用して本番環境へのセキュアなGUIアクセスを統制する / Control Secure GUI Access to the Production Environment with Change Manager
yuj1osm
0
110
日経のデータベース事業とElasticsearch
hinatades
PRO
0
260

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
33
2.8k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
30
4.6k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
7k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Documentation Writing (for coders)
carmenintech
68
4.6k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
10
520
Site-Speed That Sticks
csswizardry
4
410
Building Applications with DynamoDB
mza
93
6.2k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
580
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2.1k

Transcript

  1. None

  2. ࣗݾ঺հ ∗ ·ͭ΋ͱ ͡ΎΜʢHardeningॳࢀՃʣ ∗ ։ൃʢϓϩάϥϚʣ→ωοτϫʔΫɾγ εςϜ؅ཧ→৘ใγεςϜ→։ൃʢηΩ ϡϦςΟؔ࿈ʣ 2

  3. ڝٕ։͔࢝Β1࣌ؒऑ

  4. WebαΠτվ͟Μ

  5. ∗ ݕ஌ ∗ ޡݕ஌ Barracuda WAF

  6. None

  7. ৘ใڞ༗ͷαΠΫϧ

  8. None

  9. ∗ ޕલதɺࡏݿΛ੾Βͯ͠͠·ͬͨ… ࣦഊ 1  "! "8 $ ; I_500` I

     3T^Z> I_500` I  VKXPLPQ^Y� 2000 500 150000 300 125000 250 9+N^PR^� 100 700 210000 420 175000 350 @HFA� 500 30000 9000000 18000 7500000 15000 -2R\U� 100 3000 900000 1800 750000 1500 O^R^J]SM^� 1000 4000 1200000 2400 1000000 2000 PWZ05� 2000 5000 1500000 3000 1250000 2500 (.#CNP[� 100 10000 3000000 6000 2500000 5000 -C7� 600 15000 4500000 9000 3750000 7500 BEG*� 600 900 270000 540 225000 450

  10. ∗ ࡏݿ௥Ճͱ঎඼࢓ೖΕ਺ͷᴥᴪ Ø ࠮ٗࢣ Patrick Hurley͞Μ ͷϚΠφεൃ஫Ͱࡏݿ਺͕ ૿͍͑ͯͨʁ Ø ࡏݿ਺ใࠂͷλΠϛϯά (14:00, 17:00) Ͱൃ֮

    ∗ ࡏݿ͕૿͑ͨͷͰ ޿ࠂΛग़ͯ͠ചΔͧʂ Λमਖ਼͢Δ ࣦഊ 2

  11. είΞ෼ੳ 1 Team� 4:D8 � <� ='� 3'� '� /%'�

    6'� 1 6906780 14 2400 2800 2600 2100 300 2 23380397 7 2600 2600 2600 2900 1000 3 54284400 1 3000 3000 2900 2835 0 4 7678260 13 2400 2500 2300 15375 0 5 26962776 5 2400 2700 2500 500 1700 6 14385551 11 3000 3300 3100 1775 0 7 32919260 3 2400 2700 2500 1925 1800 8 15927099 10 2400 2700 2500 1120 2000 9 19625350 8 2400 2700 2500 1075 6600 10 17194924 9 2600 2600 2500 1270 1800 11 25319470 6 2400 2700 2600 7020 1200 12 30367854 4 2600 2700 2600 190 2000 13 36963410 2 2400 2800 2600 11900 1800 14 10060614 12 2400 2600 2400 16000 1200 15 -17931510 15 2400 2600 2400 16740 1200
  12. None

  13. είΞ෼ੳ 2 Team� 4:D8 � <� ,PNJ� <� '/&'� &)�

    1� 1 6906780 14 7674200 14 -767420 -0.10 ?� 2 23380397 7 51956437 2 -28576040 -0.55 ?� 3 54284400 1 60316000 1 -6031600 -0.10 ?� 4 7678260 13 17062800 11 -9384540 -0.55 ?� 5 26962776 5 29958640 7 -2995864 -0.10 ?� 6 14385551 11 16145400 12 -1759849 -0.11 ?� 7 32919260 3 29926600 8 2992660 0.10 36 � 8 15927099 10 33869430 4 -17942331 -0.53 ?� 9 19625350 8 39250700 3 -19625350 -0.50 ?� 10 17194924 9 17368610 10 -173686 -0.01 ?� 11 25319470 6 23017700 9 2301770 0.10 � 12 30367854 4 30674600 6 -306746 -0.01 ?� 13 36963410 2 33603100 5 3360310 0.10 a?� 14 10060614 12 11178460 13 -1117846 -0.10 ?� 15 -17931510 15 -19923900 15 1992390 -0.10 ?�

  14. ∗ ࡏݿ Ø EC؅ཧαΠτΛਅͬઌʹ֬ೝ Ø ചΕے / ߴऩӹ঎඼Λઈ΍͞ͳ͍ Ø ਖ਼֬ʹ؅ཧʢ࢓ೖΕ਺΋ʣ ∗ ϚΠφεධՁ (-10%) Ø hardening ΞΧ΢ϯτ

    Ø ࡞ۀใࠂॻ Ø ෆਖ਼ߦҝɺ΄͔ ∗ ϑΝΠϯϓϨΠ (+??%) Ø ʮڝٕഎܠʯʹ࢓ࠐ·ΕͨωλΛಡΈղ͘ ·ͱΊ

  15. ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ