IP フラグメンテーション攻撃と DNS flag day 2020 / fragmentation attack and flag day 2020

͜΍Ͷ !YLPZBOF

*1ϑϥάϝϯςʔγϣϯ߈ܸͱ
%/4GMBHEBZ
%/4Թઘ൪֎ฤJOେࡕ

View Slide

ൃදͷྲྀΕ
͸͡Ίʹ
w %/4qBHEBZͱ͸
w *1ϑϥάϝϯςʔγϣϯ߈ܸ
w qBHEBZ΁ͷରԠঢ়گ
w 4"%%/4ͱͷൺֱ
w ·ͱΊ

View Slide

%/4GMBHEBZ
ରԠ͠·͔ͨ͠

View Slide

ͦ΋ͦ΋
%/4GMBHEBZͱ͸

View Slide

%/4GMBHEBZ
͸͡Ίʹ
w ओʹ*1ϑϥάϝϯςʔγϣϯ͕Ҿ͖ى͜͢໰୊΁ͷରԠࡦͷ
ద༻
w ೔࣌೥݄೔
w ಺༰
&%/4CV⒎FSTJ[Fͷ࡟ݮ όΠτ

5$1΁ͷରԠ

ެࣜαΠτIUUQTEOTqBHEBZOFUJOEFYKBIUNM

View Slide

*1ϑϥάϝϯςʔγϣϯ͕ 
Ҿ͖ى͜͢໰୊
㲈*1ϑϥάϝϯςʔγϣϯ߈ܸ

View Slide

֓ཁ
*1ϑϥάϝϯςʔγϣϯ߈ܸ
w ΩϟογϡϙΠζχϯά߈ܸͷͻͱͭ
)FS[CFSH 4IVMNBO͕೥ʹ࿦จൃද
>
w ϑϥάϝϯτͨ͠%/4Ԡ౴ͷҰ෦Λࠩ͠ସ͑
ୈҰϑϥάϝϯτศ৐߈ܸ΍ΞΠίϥ߈ܸͱΑ͹ΕΔ͜ͱ΋
w ࣮ࡍͷܦ࿏.56ΑΓখ͍͞αΠζͰ΋߈ܸՄೳ
3*1&Ͱ)MBWBDFL͕ൃද
>
w ϙʔτϥϯμϚΠζͳͲͷैདྷͷରࡦ͕ແޮ

>IUUQTBSYJWPSHBCT
>IUUQTVDTCJVBDJMdIFS[CFBTFDVSJUZGSBHQEG
>IUUQTJFFFYQMPSFJFFFPSHEPDVNFOU
>IUUQTSJQFSJQFOFUQSFTFOUBUJPOTJQGSBHBUUBDLQEG

View Slide

Πϝʔδ

ୈϑϥάϝϯτ
*1ϔομ 6%1ϔομ %/4ϝοηʔδͷҰ෦
ਖ਼نͷୈϑϥάϝϯτ
*1ϔομ %/4ϝοηʔδͷ࢒Γ
ୈϑϥάϝϯτ
ِ૷ͨ͠ୈϑϥάϝϯτ
*1ϔομ %/4ϝοηʔδͷ࢒Γ
ਖ਼نͷݖҖαʔό͕ૹ৴͢Δύέοτ
߈ܸऀ͕ૹ৴͢Δύέοτ
߈ܸऀ͸ૹ৴͠ͳ͍
ਖ਼نͷԠ౴Λͦͷ··࢖༻

ผͷ಺༰ʹॻ͖׵͑ͨύέοτΛૹ৴
ِ૷ͨ͠ϑϥάϝϯτͱ
ϦΞηϯϒϧِͤͯ͞ͷ
Ԡ౴Λੜ੒

View Slide

߈ܸͷྫ

ਖ਼نͷԠ౴ ِ૷ͨ͠Ԡ౴
;; ADDITIONAL SECTION:
ns1.nodnssec.exp. 86400 IN A 192.168.11.7

View Slide

߈ܸखॱ

Ϧκϧό ݖҖαʔό ߈ܸऀ
ᶃِ૷ͨ͠
ୈϑϥάϝϯτΛૹ৴
ᶄ໊લղܾཁٻ
ᶅඇ࠶ؼ໰͍߹Θͤ
ᶆୈϑϥάϝϯτΛૹ৴
ᶇୈϑϥάϝϯτΛૹ৴ ߈ܸ੒ޭͷ৔߹ɺᶇ͸
ϦΞηϯϒϧ͞Εͳ͍
ᶃͷύέοτͱ*1*%͕Ұக
͢Δ৔߹͸߈ܸ੒ޭ
ᶃͱᶆ͕ϦΞηϯϒϧ

View Slide

λʔήοτ
w %/4PWFS6%1PWFS*1W
w ݪཧతʹ͸*1W 5$1Ͱ΋Մೳ
Ͱ΋͋·ΓૂΘΕͳ͍ ཧ༝͸ޙड़

View Slide

ؔ܎͢Δϓϩτίϧɾػೳ

6%1DIFDLTVN
%/4%/44&$ &%/4
*1BEESFTT *EFOUJpDBUJPO qBHT P⒎TFU
*$.11BUI.56%JTDPWFSZ

View Slide

%/44&$

$ dig chukyo-u.ac.jp @a.dns.jp +dnssec
(snip)
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;chukyo-u.ac.jp. IN A
;; AUTHORITY SECTION:
chukyo-u.ac.jp. 86400 IN NS ns2.dc.ctc.ad.jp.
chukyo-u.ac.jp. 86400 IN NS ns1.hs.ctc.jp.
VJOG7GHBNE2GMJQ72U7J8DJBR9ECELQM.jp. 900 IN NSEC3 1 1 5 45EC942BAF VK94EPKGG2VSRBNU7V334S7O652C3M9K TXT
RRSIG
VJOG7GHBNE2GMJQ72U7J8DJBR9ECELQM.jp. 900 IN RRSIG NSEC3 8 2 900 20210111174503 20201212174503 18321 jp.
tm6tSRCyhQyX0DiG25WVBDMIOtQ/QFC2tw0w1zTiBnvhfCfAhm0Rx8jk FDiRJonL/IDnPkJ7/
cE67fiuX0z8zcetIxlsjyOqn6HPzPjl2yb8JuLP SW5vvswZ0FDF09/6ZhmD1E/K6bu4BQW3nIuiqt8EF5K0JVVNA/XvS9a+ /cs=
9KH0DHR7PFV2TKURF2493MN2THE8GAPR.jp. 900 IN NSEC3 1 1 5 45EC942BAF 9KTFU2AI6RE43JIMPB56SAA33GIFG075 TXT
RRSIG
9KH0DHR7PFV2TKURF2493MN2THE8GAPR.jp. 900 IN RRSIG NSEC3 8 2 900 20210111174503 20201212174503 18321 jp.
jUqxDzJVq9VxqfKpOWCLNkhX/8CkuB1XkKp0GTzJHRmjk2oVs0ffkHEt 0nuLS9bMkfcg3NWC26r0j0DbKxx2P6pIlOFxjfI00h2/
OyCYR6C388R+ FUiOT4UX9w+LjktmLnz6Cb2bkw8nHaxIjKGEn7oELcfF0wCWqJQEsxq+ 0PE=
ns2.dc.ctc.ad.jp. 86400 IN A 218.216.176.115
(snip)
;; MSG SIZE rcvd: 604
%0Ϗοτ͕Φϯʹͳ͍ͬͯΔͱ
ॺ໊ݕূ͍ͯ͠ͳͯ͘΋334*(
/4&$
ϨίʔυͳͲ͕͍ͭͨ
Ԡ౴͕ฦͬͯ͘Δ

View Slide

&%/4

(snip)
RRSIG
RRSIG
ns2.dc.ctc.ad.jp. 86400 IN A 218.216.176.115
(snip)
w %/4ͷ֦ு 3'$

w *1W %/44&$Ͱ͸ରԠඞਢ
w 6%1Ͱ΋όΠτΛ௒͑Δ
Ԡ౴ΛॲཧͰ͖Δ
࠷େόΠτ

View Slide

%/44&$&%/4ͷӨڹ

(snip)
RRSIG
RRSIG
ns2.dc.ctc.ad.jp. 86400 IN A 218.216.176.115
(snip)
w Ԡ౴͕ϑϥάϝϯτ͢ΔཁҼʹ
6%1Ͱॲཧ͢ΔԠ౴αΠζ͕
େ͖͘ͳΔ
ॺ໊ݕূ͠ͳ͍ͳΒ334*(
/4&$
ͳͲ͸ෆཁ
‣ Ԡ౴αΠζ͕૿͑Δ͚ͩ
‣ ʹ΋ؔΘΒͣ%0ϏοτΛΦϑ
ʹͰ͖ͳ͍࣮૷͕͋Δ
6OCPVOEͱ͔
ॺ໊ݕূ͠ͳ͍ͳΒෆཁ

View Slide


6%1DIFDLTVN
%/4%/44&$ &%/4

View Slide

w 6%1ٖࣅϔομɺ6%1ϔομɺϖΠϩʔυ͔Βܭࢉ
߈ܸऀ͸͜ͷ஋ΛҰகͤ͞ͳ͍ͱ͍͚ͳ͍
TPVSDFBEESFTT
EFTUJOBUJPOBEESFTT
[FSP QSPUPDPM 6%1MFOHUI
TPVSDFQPSU EFTUJOBUJPOQPSU
-FOHUI $IFDLTVN
QBZMPBE
6%1νΣοΫαϜ

6%1ٖࣅϔομ
6%1ϔομ

View Slide

6%1νΣοΫαϜ
w ܭࢉํ๏ͷิ਺࿨ͷͷิ਺

ྫ03 64 6e 73 c0 0c
03 64
6e 73
c0 0c
01 31 e3
31 e4
ᶃ όΠτͣͭՃࢉ
ᶄ ্ܻ͕ΓΛ࠷ԼҐʹՃࢉ

01 31 e3
ᶅ ͷิ਺ΛٻΊΔ ൱ఆ
ce 1b
^ 31 e4

νΣοΫαϜ

View Slide

6%1νΣοΫαϜͷِ૷
w νΣοΫαϜ͸ຖճมԽ
w Ԡ౴಺༰ͱϑϥάϝϯτҐஔ͕ҰఆͳΒɺ൪໨Ҏ߱ͷ
ϖΠϩʔυ͸ෆม
w ϑϥάϝϯτ͝ͱʹิ਺࿨ͷܭࢉ͕Ұக͢Ε͹Α͍
w ߈ܸऀ͸ࣄલʹԠ౴Λ༻ҙͯ͠ 
νΣοΫαϜ͕Ұக͢ΔΑ͏ʹ 
ِ૷Ͱ͖Δ

ͳΒ͹
ͷิ਺࿨

Csum = Csum1
+ Csum2
Csum′ = Csum1
+ Csum′
2
Csum2
= Csum′
2
Csum = Csum′
Csum :

View Slide

6%1νΣοΫαϜͷِ૷

2 όΠτͣͭՃࢉͨ͠߹ܭ஋: 0x22f5f3 2 όΠτͣͭՃࢉͨ͠߹ܭ஋: 0x3f612
1 ͷิ਺࿨: 0xf615 1 ͷิ਺࿨: 0xf615
ਖ਼نԠ౴ͷྫ ِ૷Ԡ౴ͷྫ

View Slide


6%1DIFDLTVN
%/4%/44&$ &%/4

View Slide

w ܦ࿏্ͷ.56Λ୳ࡧͯ͠ૹ৴ݩͰϑϥάϝϯτ
ܦ࿏్தͰͷϑϥάϝϯςʔγϣϯΛ཈੍
*1WͰ͸ΤϯυϊʔυͰϑϥάϝϯτͤ͞Δ
1BUI.56%JTDPWFSZ

ᶃMFOX%'qBH
ᶄ*$.1UZQF DPEF .56

ᶅGSBHNFOUFEQBDLFUT

View Slide

1BUI.564QPPGJOH
w ֎෦͔Βِ૷*$.1ύέοτΛૹ৴
ϑϥάϝϯτΛ༠ൃ
w *1Wʹ͓͚ΔӨڹ
-JOVY͋Γ ,FSOFMͰ֬ೝ

'SFF#4%ͳ͠

߈ܸऀ
Ϧκϧό ݖҖαʔό
ૹ৴ݩΛϦκϧό
ʹِ૷ͨ͠ΫΤϦΛ
ૹ৴
Ϩεϙϯε
ِ૷*$.1
ύέοτͷૹ৴

View Slide


6%1DIFDLTVN
%/4%/44&$ &%/4

View Slide

*1ϔομ
w ΞυϨεɺϑϥάɺΦϑηοτͳͲΛҰகͤ͞Δ

7FSTJPO *)- 5ZQFPG4FSWJDF 5PUBM-FOHUI
*EFOUJpDBUJPO
%
'
.
'
'SBHNFOU0⒎TFU
5JNFUP-JWF 1SPUPDPM )FBEFS$IFDLTVN
4PVSDF"EESFTT
%FTUJOBUJPO"EESFTT
0QUJPOT 1BEEJOH
*1Wϔομ

View Slide

*1*EFOUJGJDBUJPO
w *1WϏοτ
w ߈ܸऀ͸༧ଌ͢Δඞཁ͕͋Δ

*EFOUJpDBUJPO
%
'
.
'
'SBHNFOU0⒎TFU
4PVSDF"EESFTT
%FTUJOBUJPO"EESFTT
0QUJPOT 1BEEJOH

View Slide

*1*EFOUJGJDBUJPO
w ͜ͷ஋͚ͩ༧ଌ͢Ε͹Α͍
w ߈ܸͷΤϯτϩϐʔ͕Ϗοτʹ௿Լ

*EFOUJpDBUJPO
%
'
.
'
'SBHNFOU0⒎TFU
4PVSDF"EESFTT
%FTUJOBUJPO"EESFTT
0QUJPOT 1BEEJOH
*1Wϔομ

View Slide

ϑϥάϝϯτύέοτͷѻ͍
w ͢΂ͯͷϑϥάϝϯτΛड৴͢Δ·ͰҰఆ࣌ؒόοϑΝϦϯά
-JOVYσϑΥϧτͰඵ
w ड৴ॱং͸ؔ܎ͳ͍
ઌʹୈϑϥάϝϯτΛड৴ͯ͠΋Α͍
w όοϑΝαΠζʹ͸্ݶ͋Γ
-JOVYσϑΥϧτͰύέοτ
‎߈ܸऀ͕ઌʹِ૷ϑϥάϝϯτΛόοϑΝ্ݶ·Ͱૹ৴Ͱ͖Δ

View Slide

͜͜·Ͱͷ·ͱΊ
w %/44&$ &%/4͕Ԡ౴αΠζ૿ՃͷཁҼ
w 6%1νΣοΫαϜ͸ِ૷Ͱ͖Δ
w 1BUI.56TQPPpOHͰ.56ΑΓখ͍͞αΠζͰͷϑϥά
ϝϯτΛ༠ൃ
w ߈ܸऀ͸ઌճΓͯ͠߈ܸͰ͖Δ
w *1*EFOUJpDBUJPO͚ͩ͸༧ଌ͢Δඞཁ͕͋Δ

View Slide

*1W΍5$1ͷ৔߹͸
w *1W*1*EFOUJpDBUJPO͕Ϗοτ
ैདྷͷ߈ܸͱൺֱͯ͠Τϯτϩϐʔͷ͕ࠩͳ͍
‣ 6%1ιʔεϙʔτ Ϗοτ
ͱτϥϯβΫγϣϯ*% Ϗοτ
ͷ
߹ܭͱಉ͡
w 5$11BUI.56TQPPpOH͢ΔͱϑϥάϝϯτͰ͸ͳ͘
ηάϝϯςʔγϣϯ͢Δ
൪໨Ҏ߱ͷύέοτʹ΋5$1ϔομ͕ೖΔ

View Slide

ΞλοΫϕΫλ

View Slide

.56ͱϑϥάϝϯτҐஔ
ΞλοΫϕΫλ
w .56*1W͸όΠτҎ্
-JOVY*1W1BUI.56࠷খ஋͸όΠτ
w 1.56TQPPpOHͰ͸6%1ϔομͷҐஔ͔ΒόΠτ୯Ґ
ͰϑϥάϝϯτҐஔͷௐ੔͕Մೳ
1BUI.56͕όΠτͳΒόΠτͷύέοτ͕ૹ৴
‎ROBNFͰඍௐ੔

View Slide

ϑϥάϝϯτύέοτͷِ૷
ΞλοΫϕΫλ
w ιʔεϙʔτ΍%/4)FBEFS 2VFTUJPOηΫγϣϯ͸࠷ॳͷ
ϑϥάϝϯτʹ͋Δ
ߟྀ͠ͳͯ͘Α͍͕มߋ΋Ͱ͖ͳ͍
֤ηΫγϣϯͷ33਺΋Ұகͤ͞ͳ͍ͱ͍͚ͳ͍
w ߈ܸʹ࢖͏Ԡ౴಺༰Λߟྀ͠ͳ͍ͱ͍͚ͳ͍

View Slide

߈ܸྫ
ΞλοΫϕΫλ
w ҕৡԠ౴ͷࠩ͠ସ͑
w TJCMJOHEPNBJOͷHMVFϨίʔυͷࠩ͠ସ͑
w ൱ఆԠ౴ͷࠩ͠ସ͑
w ͦͷଞ
ϫΠϧυΧʔυΛૂ͏
Θ͟ͱϦΞηϯϒϧΛࣦഊͤ͞Δ %P4

View Slide

ҕৡԠ౴ͷࠩ͠ସ͑
ΞλοΫϕΫλ
w ॺ໊κʔϯ͔Βະॺ໊κʔϯ΁ͷҕৡԠ౴Λ߈ܸ
ॺ໊ݕূ༗ޮ࣌Ͱ΋߈ܸՄೳͳέʔε΋
‣ /4&$0QU0VU͕༗ޮͳκʔϯͷ0QU0VU۠ؒ΁ͷҕৡ
‣ ॺ໊πʔϧʹґଘ
w ର৅κʔϯ͕Ωϟογϡʹଘࡏ͠ͳ͍৔߹ʹ༗ޮ
w େྔͷ/4Λ࣋ͭ৔߹΍/4ͷϥϕϧ͕௕͍৔߹͸ΑΓةݥ
/4&$334*(͕ͳͯ͘΋ϑϥάϝϯτͤ͞ΒΕΔՄೳੑ

View Slide

ҕৡԠ౴ͷࠩ͠ସ͑
ΞλοΫϕΫλ

ࠩ͠ସ͑ର৅ͷϨίʔυ
ਖ਼نԠ౴
ِ૷Ԡ౴
55-ʹΑΔ
νΣοΫαϜͷௐ੔
*1ΞυϨεͷஔ͖͔͑

View Slide

TJCMJOHEPNBJOͷHMVFϨίʔυͷࠩ͠ସ͑
ΞλοΫϕΫλ
w ߈ܸऀࣗ਎͕υϝΠϯ໊Λ༻ҙ
TJCMJOHEPNBJOͷ/4ʹҕৡ
͍ͯ͠ΔΑ͏ʹΈ͔͚ͤ
"EEJUJPOBMηΫγϣϯͷ 
"""""ϨίʔυΛِ૷
w ِ૷ର৅ͷϨίʔυ͕͢Ͱʹ 
Ωϟογϡ͞Ε͍ͯΔ৔߹ʹ 
্ॻ͖Մೳ͔Ͳ͏͔͸࣮૷ґଘ

TJCMJOHEPNBJOͷ/4Ϩίʔυ
ஔ͖׵͑ର৅ͷϨίʔυ

View Slide

൱ఆԠ౴ͷࠩ͠ସ͑
ΞλοΫϕΫλ
w ϝδϟʔͳ044࣮૷͸ରࡦࡁΈ
#*/% ,OPU3FTPMWFS͸Өڹͳ͠ #*/%1 ,OPU3FTPMWFSͰ֬ೝ

6OCPVOE
> 1PXFS%/43FDVSTPS
>Ͱमਖ਼ࡁΈ
w ॺ໊κʔϯ΁%0ϏοτΛΦϯʹͯ͠໰͍߹ΘͤΔ৔߹Λ૝ఆ
w Өڹ
ॺ໊ະݕূυϝΠϯϋΠδϟοΫ
ॺ໊ݕূ࣌/4&$0QU0VU۠ؒ΁αϒυϝΠϯΠϯδΣΫγϣϯͰ͖ΔՄೳੑ
w ࿈ଓ߈ܸ͕Մೳ

>IUUQTXXXOMOFUMBCTOMOFXT%FDVOCPVOESFMFBTFE
>IUUQTHJUIVCDPN1PXFS%/4QEOTQVMM

View Slide

ΞλοΫϕΫλ
w ҎԼʹج͍ͮͨ߈ܸ
3'$ͷSBOLJOHEBUB
3'$ͷ൱ఆԠ౴ͷྫ

ݖҖ͋ΔԠ౴ͷ"OTXFSηΫγϣϯʹؚ·ΕΔݖҖ͋Δσʔλ
ݖҖ͋ΔԠ౴ͷ"VUIPSJUZηΫγϣϯʹؚ·ΕΔσʔλ
ݖҖͷͳ͍Ԡ౴ͷ"OTXFSηΫγϣϯͷσʔλ
ݖҖ͋ΔԠ౴ͷ"OTXFSηΫγϣϯʹؚ·ΕΔݖҖͷͳ͍σʔλ
ݖҖ͋ΔԠ౴ͷ"EEJUJPOBMηΫγϣϯͷσʔλ
ݖҖͷͳ͍Ԡ౴ͷ"VUIPSJUZηΫγϣϯͷσʔλ
ݖҖͷͳ͍Ԡ౴ͷ"EEJUJPOBMηΫγϣϯͷσʔλ
৴པ౓
ߴ
௿
3'$SBOLJOHEBUB

View Slide

ΞλοΫϕΫλ
w ҎԼʹج͍ͮͨ߈ܸ
3'$ͷSBOLJOHEBUB
3'$ͷ൱ఆԠ౴ͷྫ

)FBEFS
3%$0%&/9%0."*/
2VFSZ
"/&9".1-&"
"OTXFS
FNQUZ
"VUIPSJUZ
&9".1-&40"/499)045."45&3/499
&9".1-&/4/499
&9".1-&/4/499
"EEJUJPOBM
FNQUZ
3'$ͷ൱ఆԠ౴ͷྫΛࢀߟʹͨ͠දه
͜ΕΛ࠶ݱ
Ԡ౴ͷྫ͕ޡ͍ͬͯͨͷͰ3'$Λࢀߟʹͨ͠΋ͷʹमਖ਼͠·ͨ͠ɻ
ͳ͓ɺ3'$ͷ/9%0."*/ͷྫͦͷ··Ͱ͸/4Ϩίʔυ͕֎෦໊ͱͳ͍ͬͯΔͨΊ༗ޮͳಟʹͳΓ·ͤΜɻ

View Slide

ΞλοΫϕΫλ

ਖ਼نԠ౴
ࠩ͠ସ͑ର৅ͷϨίʔυ

View Slide

ΞλοΫϕΫλ

ِ૷Ԡ౴
差し替え後のレコード
EDNS パディングオプションによる
メッセージサイズとチェックサムの調整

View Slide

ରࡦ

View Slide

ݖҖɾϦκϧό૒ํͷରࡦ
ରࡦ
w ׬શͳରࡦ͸ࠔ೉
%'ϑϥάΛཱͯΔͱ.56ͷখ͍͞ܦ࿏Ͱ෭࡞༻
‣ Ԡ౴Λड৴Ͱ໊͖ͣલղܾ͕ࣦഊ͢ΔՄೳੑ
w ؇࿨ࡦ
&%/4CV⒎FSTJ[FΛখ͘͞͠ɺେ͖͍Ԡ౴͸5$1ϑΥʔϧόοΫ
‣ qBHEBZͰ͸όΠτΛਪ঑
‣ චऀΒ͸όΠτΛਪ঑

View Slide

ݖҖɾϦκϧό૒ํͷରࡦ
ରࡦ
w %/44&$΁ͷ׬શͳରԠ
/4&$0QU0VU΋ແޮʹ
ීٴ్্͕ةݥ
‣ Ϧκϧόͷ%0Ϗοτ͕༗ޮͩͱະॺ໊κʔϯ΁ͷҕৡԠ౴ʹ/4&$
334*(͕෇Ճ
‣ 4IVMNBOΒ>
ͷࢦఠ

"incremental DNSSEC deployment is vulnerable to our cache poisoning
attacks, and complete adoption of DNSSEC may take considerable
time, since it depends on adoption by both name server and resolver."

View Slide

ݖҖαʔόଆ
ରࡦ
w 1.56%ͷ݁ՌΛແࢹ
-JOVY,FSOFMҎ߱ͷIP_PMTUDISC_OMITιέοτΦϓγϣϯΛ༗ޮʹ
04ͱݖҖαʔό࣮૷྆ํͷରԠ͕ඞཁ
‣ #*/%Ҏ߱>
‣ /4%Ҏ߱>
‣ ,OPU%/4Ҏ߱>
‣ 1PXFS%/4SDҎ߱>

>IUUQTXXXJTDPSHCMPHTCJOEBQSJM
>IUUQTXXXOMOFUMBCTOMQSPKFDUTOTEEPXOMPBEOTE
>IUUQTXXXLOPUEOTD[WFSTJPOIUNM
>IUUQTEPDQPXFSEOTDPNBVUIPSJUBUJWFDIBOHFMPHIUNMDIBOHFSD

View Slide

Ϧκϧόଆ
ରࡦ
w ϑϥάϝϯτͨ͠Ԡ౴Λυϩοϓ
w ॺ໊ݕূ͠ͳ͍৔߹͸%0ϏοτΛΦϑʹ
334*(΍/4&$͸ෆཁ
ϝοηʔδαΠζΛ࡟ݮ

View Slide

ͦͷଞͷ؇࿨ࡦ
ରࡦ
w 2/".&NJOJNJTBUJPO
&NQUZ/PO5FSNJOBMͳͲ෭࡞༻͋Γ
w ֤κʔϯͷ/4"""""ϨίʔυΛ"VUIPSJUBUJWF
"OTXFSͱͯ͠Ωϟογϡ
ΑΓߴ͍৴པ౓ͷԠ౴ΛಘΔ
‣ 3'$TFDUJPO3BOLJOHEBUB
Ωϟογϡͷ্ॻ͖Λ๷ࢭ

View Slide

&%/4CVGGFSTJ[F
ରࡦ
w WT
ͩͱ-JOVYͰ1.56TQPPpOHͰ߈ܸͰ͖ΔՄೳੑ͕࢒Δ
͸5$1ϑΥʔϧόοΫ͕૿Ճͯ͠ύϑΥʔϚϯε͕௿Լ͢Δ
Մೳੑ

View Slide

CVGGFSTJ[F࡟ݮ΋৔߹ʹΑͬͯ͸ʜ
ରࡦ

w ݖҖαʔό࣮૷ʹΑͬͯ
෭࡞༻͋Γ
ஸ౓HMVFϨίʔυͷखલ
·ͰͷόοϑΝαΠζʹ
ͳ͍ͬͯΔ৔߹
HMVFϨίʔυ͕ඞཁͳͷ
ʹ͍ͭͯ͜ͳ͍
5$Ϗοτ΋ཱͬͯͳ͍
ҕৡԠ౴
HMVF͕ͳ͍

View Slide

ͲΕ͘Β͍ରԠͯ͠Δͷ͔

View Slide

ௐࠪ
ରԠঢ়گ
w ର৅"MFYBUPQ.ͷ্ҐυϝΠϯ
w ಺༰%/4qBHEBZ΁ͷରԠঢ়گ
5$1ΫΤϦʹԠ౴͢Δ͔
όοϑΝαΠζͷઃఆ஋͕Ͳ͏ͳ͍ͬͯΔ͔

View Slide

νΣοΫͰ͖ͨυϝΠϯ਺ɾαʔό਺
ରԠঢ়گ

݄຤ ݄த० ݄ॳ०
υϝΠϯ਺
ݖҖαʔό਺

View Slide

݁Ռ
ରԠঢ়گ

w 5$1
ׂҎ্ରԠࡁΈ

݄

݄

݄

݄

݄

݄
ݖҖαʔό͝ͱ υϝΠϯ໊͝ͱ
Ԡ౴͋Γ
Ԡ౴ͳ͠

View Slide

ௐࠪ݁Ռ
ରԠঢ়گ
w &%/4CV⒎FSTJ[F
͕࠷ଟɺ͕एׯ૿Ճ܏޲͕ͩ΄ͱΜͲมԽͳ͠

ݖҖαʔό͝ͱ
݄ ݄ ݄

݄ ݄ ݄
υϝΠϯ໊͝ͱ

ͦͷଞ
ඇରԠ

View Slide

ͱ͜ΖͰ
4"%%/4ͱͷҧ͍͸

View Slide

߈ܸ֓ཁ
4"%%/4
w *$.1SBUFMJNJUΛѱ༻ͯ͠ιʔεϙʔτΛεΩϟϯ
QSPCFύέοτΛHMPCBMSBUFMJNJU্ݶ·Ͱ 
ૹ৴
֬ೝ༻ͷύέοτʹରͯ͠*$.1QPSU 
VOSFBDIBCMF͕ฦͬͯ͜Ε͹QSPCFͨ͠ 
͏ͪͷͲ͔͕͜։͍͍ͯΔ
ೋ෼୳ࡧͰߜΓࠐΉ
w ैདྷܕͷΩϟογϡϙΠζχϯάΛޮ཰త 
ʹ࣮ߦ
w Τϯτϩϐʔ͸ ϙʔτεΩϟϯ5Y*%

216 + 216

,.BO FUBM %/4$BDIF1PJTPOJOH"UUBDL
3FMPBEFE3FWPMVUJPOTXJUI4JEF$IBOOFMT
Q'JHVSFΑΓҾ༻

View Slide

*1ϑϥάϝϯτ߈ܸͱࣅͯΔͱ͜Ζ
4"%%/4
w P⒎QBUI߈ܸ
w ιʔεϙʔτϥϯμϚΠζ͕ແޮ
w *$.1͕ؔ܎͢Δ
w ߈ܸͷΤϯτϩϐʔ͕ैདྷΑΓ௿͍
w 5$1Λ࢖͏ํ͕Αͦ͞͏

View Slide

*1ϑϥάϝϯτ߈ܸͱҟͳΔͱ͜Ζ
4"%%/4
w ߈ܸʹ࢖͏Ԡ౴
4"%%/4ैདྷͱಉ͡
*1ϑϥάϝϯτ߈ܸԠ౴ͷબ୒ࢶ͕ڱ͍
w ࣌ؒͷՔ͗ํ
4"%%/43FTQPOTF3BUF-JNJUPS$/".&DIBJO
‣ ಛʹϙʔτ୳ࡧ͸࣌ؒʹγϏΞ
*1ϑϥάϝϯτ߈ِܸ૷ϑϥάϝϯτͷࣄલૹ৴
w Τϯτϩϐʔ

View Slide

*1ϑϥάϝϯτ߈ܸͱҟͳΔͱ͜Ζ
4"%%/4
w ରࡦ
4"%%/4
‣ %/44&$ YFODPEJOH %/4$PPLJF connect()Λ࢖͏
‣ *$.1%FTUJOBUJPO6OSFBDIBCMFΛฦ͞ͳ͍
%/4$PPLJF͸*1ϑϥάϝϯτ߈ܸͰ΋෼ׂͳΒ༗ޮ
w *$.1ͷ੍ݶͷӨڹ
*1ϑϥάϝϯτ߈ܸ1.56%ΛϒϩοΫ͢Δͱ1.56%CMBDLIPMFʹ

View Slide

·ͱΊ

View Slide

·ͱΊ
w %/4qBHEBZ*1ϑϥάϝϯςʔγϣϯ߈ܸ΁ͷରԠ
w *1ϑϥάϝϯτ߈ܸϑϥάϝϯτύέοτΛِ૷ͯ͠ಟೖΕ
w &%/4CV⒎FSTJ[FΛখ͘͢͞ΔɺϑϥάϝϯτύέοτΛ
υϩοϓ͢ΔͳͲͷରࡦ
5$1ରԠ͸ඞਢ
w 5$1ʹ͸ରԠ͍ͯ͠Δ͕όοϑΝαΠζ࡟ݮͷରԠ͸ਐ·ͣ
w 04ɾιϑτ΢ΣΞͷΞοϓσʔτɺઃఆͷ֬ೝΛ

View Slide

IP フラグメンテーション攻撃と DNS flag day 2020 / fragmentation attack and flag day 2020

IP フラグメンテーション攻撃と DNS flag day 2020 / fragmentation attack and flag day 2020

koyane

More Decks by koyane

Other Decks in Technology

Featured

Transcript