Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Understanding DNS with ActionDispatch::HostAuth...

Yuka Kato
October 03, 2020
Programming
3
1.5k

Understanding DNS with ActionDispatch::HostAuthorization

2020 年 10 月 3 日開催の、Kaigi on Rails で発表した内容です。(発表時間 20 分)

## 2020/10/12 追記
このスライドの説明だけですと攻撃の特性がわかりづらかったので、個人ブログの以下の記事にて追加の説明を行いました。
https://yucao24hours.me/blog/2020/10/12/dns-rebindig-basics-revised/

Yuka Kato

October 03, 2020
Tweet

More Decks by Yuka Kato

See All by Yuka Kato
The basic architecture of Capybara
yucao24hours
0
730

Other Decks in Programming

See All in Programming
Flutterを言い訳にしない!アプリの使い心地改善テクニック5選🔥
kno3a87
1
150
Realtime API 入門
riofujimon
0
150
Compose 1.7のTextFieldはPOBox Plusで日本語変換できない
tomoya0x00
0
190
as(型アサーション)を書く前にできること
marokanatani
9
2.6k
弊社の「意識チョット低いアーキテクチャ」10選
texmeijin
5
24k
CSC509 Lecture 09
javiergs
PRO
0
140
Amazon Bedrock Agentsを用いてアプリ開発してみた!
har1101
0
330
Kaigi on Rails 2024 〜運営の裏側〜
krpk1900
1
190
Outline View in SwiftUI
1024jp
1
320
ECS Service Connectのこれまでのアップデートと今後のRoadmapを見てみる
tkikuc
2
250
Tauriでネイティブアプリを作りたい
tsucchinoko
0
370
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
110

Featured

See All Featured
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
860
4 Signs Your Business is Dying
shpigford
180
21k
A Modern Web Designer's Workflow
chriscoyier
693
190k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
Teambox: Starting and Learning
jrom
133
8.8k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Become a Pro
speakerdeck
PRO
25
5k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
What's in a price? How to price your products and services
michaelherold
243
12k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
16
2.1k
Unsuck your backbone
ammeep
668
57k
Into the Great Unknown - MozCon
thekraken
32
1.5k

Transcript

  1. ,BJHJPO3BJMT QSFTFOUFECZZVDBPIPVST ActionDispatch::HostAuthorization DNS ͱֶͿ ͷ͠ ͘ Έ Photo by

    Gauravdeep Singh Bansal on Unsplash

  2. 2 Ӭ࿨γεςϜϚωδϝϯτΞδϟΠϧࣄۀ෦ॴଐ 3BJMTΛ࢖ͬͨ࢓ࣄɺΞδϟΠϧͳ։ൃ͕ಘҙͰ޷͖ ޷͖ͳݘछ͸ γϕϦΞϯɾϋεΩʔ δϟʔϚϯɾγΣύʔυ ຊ೔ͷൃද΁ͷϑΟʔυόοΫΛ͓଴͍ͪͯ͠·͢ʂ Hello, I’m… yucao24hours

  3. 3

  4. 4

  5. 5

  6. 6 ਆాਢాொํ໘͔Β͖·ͨ͠ ʁ ˞Ӭ࿨γεςϜϚωδϝϯτ౦ژࢧࣾ͸ਆాਢాொʹҐஔ͍ͯ͠·͢ Distinguished Engineer 5%%XJUIHJU
 -POHMJWFFOHJOFFSJOH Koichi ITO

    Super duper wakamono ίʔυϨϏϡʔຊϊοΫͰ ֶΜͩ3BJMTϦϑΝΫλϦϯά 9sako6 Me "DUJPO%JTQBUDI)PTU"VUIPSJ[BUJPO ͱֶͿ%/4ͷ͘͠Έ yucao24hours A Living Legend a_matsuda DPNJOHTPPO

  7. 7 ຊ೔͓࿩͢͠Δ͜ͱ  %/4ͷ͖΄Μ • %/4ͱ͸ͳʹ͔ • ໰͍߹Θͤޮ཰ԽͷͨΊʹ  %/4ϦόΠϯσΟϯά

    • ߈ܸͷͨΊͷ४උ • ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔  )PTU"VUIPSJ[BUJPOͱ͍͏3BDLϛυϧ΢ΣΞʹ͍ͭͯ • %/4ϦόΠϯσΟϯάͷݟഁΓํ • 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ

  8. 8 %/4ͷ͖΄Μ • %/4ͱ͸ͳʹ͔ • ໰͍߹Θͤޮ཰ԽͷͨΊʹ 5PQJD Photo by Stephane

    YAICH on Unsplash

  9. 9 DNS … Domain Name System %/4ͱ͸ͳʹ͔

  10. 10 Πϯλʔωοτ্Ͱϗετͷಛఆʜ*1ΞυϨε %/4ͱ͸ͳʹ͔ *1WΞυϨε *1WΞυϨε ਺ࣈͷཏྻͳͷͰਓ͕ؒهԱɾ؅ཧ͢Δͷ͸λΠϔϯ

  11. 11 ਓ͕ؒѻ͍΍͍ࣝ͢ผࢠʜ໊લ %/4ͱ͸ͳʹ͔ هԱ͠΍͍͢ɺղऍ͠΍͍͢ ʮ෼ࢄ؅ཧʯͷߟ͑ํʹରԠͰ͖ΔʢυϝΠϯͱ%/4ͷ୉ޣຯ ͚ͩΕͲࠓ೔͸͓࿩͠·ͤΜʣ Πϯλʔωοτ্ʹ͓͚ΔlൣғzʜυϝΠϯ υϝΠϯ͝ͱʹ෇͚ΒΕ໊ͨલ͕υϝΠϯ໊

  12. 12 %/4ͷجຊతͳ໾ׂ %/4ͱ͸ͳʹ͔ υϝΠϯ໊ͱ*1ΞυϨεͱͷରԠ͚ͮΛ؅ཧ͢Δ ඞཁʹԠͯ͡ɺυϝΠϯ໊ʹରԠ͢Δ*1ΞυϨεΛ୳͠ग़͢ ໊લղܾ

  13. 13 υϝΠϯ໊͝ͱʹ؅ཧΛҕ೚͢Δ ໰͍߹Θͤޮ཰ԽͷͨΊʹ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 agile.esm.co.jp 13.33.9.96

    ͷ*1ΞυϨε͸ TTL 60 kaigionrails.org 185.199.109.153 ͷ*1ΞυϨε͸ TTL 3600

  14. 14 υϝΠϯ໊͝ͱʹ؅ཧΛҕ೚͢Δ ໰͍߹Θͤޮ཰ԽͷͨΊʹ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 agile.esm.co.jp 13.33.9.96

    ͷ*1ΞυϨε͸ TTL 60 kaigionrails.org 185.199.109.153 ͷ*1ΞυϨε͸ TTL 3600

  15. 15 υϝΠϯ໊͝ͱʹ؅ཧΛҕ೚͢Δ ໰͍߹Θͤޮ཰ԽͷͨΊʹ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 agile.esm.co.jp 13.33.9.96

    ͷ*1ΞυϨε͸ TTL 60 kaigionrails.org 185.199.109.153 ͷ*1ΞυϨε͸ TTL 3600

  16. 16 υϝΠϯ໊͝ͱʹ؅ཧΛҕ೚͢Δ ໰͍߹Θͤޮ཰ԽͷͨΊʹ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 agile.esm.co.jp 13.33.9.96

    ͷ*1ΞυϨε͸ TTL 60 kaigionrails.org 185.199.109.153 ͷ*1ΞυϨε͸ TTL 3600

  17. 17 ར༻ऀ yucao24hours.me ͷ*1ΞυϨεΛ
 ஌Γ͍ͨ ϑϧϦκϧό ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ 99.84.130.27

    ໰͍߹Θͤޮ཰ԽͷͨΊʹ ໊લղܾͷ͘͠Έ

  18. 18 ར༻ऀ yucao24hours.me ͷ*1ΞυϨεΛ
 ஌Γ͍ͨ ϑϧϦκϧό ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ 99.84.130.27

    ໰͍߹Θͤޮ཰ԽͷͨΊʹ ໊લղܾͷ͘͠Έ

  19. 19 ར༻ऀ yucao24hours.me ͷ*1ΞυϨεΛ
 ஌Γ͍ͨ yucao24hours.me ͷ*1ΞυϨε͸ʁ ϑϧϦκϧό 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ

    ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  20. 20 ར༻ऀ ϑϧϦκϧό yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ

    ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  21. 21 ར༻ऀ ϑϧϦκϧό yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 yucao24hours.me 99.84.130.27

    ͷ*1ΞυϨε͸ 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  22. 22 ར༻ऀ ϑϧϦκϧό 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  23. 23 ϑϧϦκϧό ར༻ऀ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ

    ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  24. 24 ϑϧϦκϧό ར༻ऀ yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ

    ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  25. 25 ར༻ऀ yucao24hours.me ͷ*1ΞυϨεΛ
 ஌Γ͍ͨ ϑϧϦκϧό ݖҖαʔό yucao24hours.me. 99.84.130.27 ໰͍߹Θͤޮ཰ԽͷͨΊʹ

    yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  26. 26 ར༻ऀ ϑϧϦκϧό 99.84.130.27 yucao24hours.me 99.84.130.27 ͷ*1ΞυϨε͸ TTL 60 yucao24hours.me

    99.84.130.27 ͷ*1ΞυϨε͸ ໰͍߹Θͤޮ཰ԽͷͨΊʹ ݖҖαʔό yucao24hours.me. ໊લղܾͷ୅ߦ໾ ໊લղܾͷ͘͠Έ

  27. 27 %/4·ͱΊ υϝΠϯ໊ͱ*1ΞυϨεͷରԠ͚ͮΛ؅ཧ͠ɺ໊લղܾΛߦ͏ͨΊͷ͘͠Έ ϑϧϦκϧό໊͕લղܾΛ୅ߦ͢Δ ϑϧϦκϧό͸ɺݖҖαʔό͔Βͷ໰͍߹Θͤ݁ՌΛҰఆ࣌ؒΩϟογϡ͠ ͯΑ͍ͱ͞ΕΔ ϑϧϦκϧό͸ɺҎલͷ໰͍߹Θͤ݁ՌͷΩϟογϡ͕͋Ε͹ͦΕΛ࢖ͬͯ Ϣʔβ΁Ԡ౴͠ɺݖҖαʔό΁͸৽ͨʹ໰͍߹ΘͤΛൃߦ͠ͳ͍ ϑϧϦκϧό͕Ԡ౴಺༰ΛΩϟογϡͯ͠Α͍࣌ؒ 55-

    ͸֤κʔϯͷ؅ཧ ऀ͕ܾΊΒΕΔ

  28. 28 ΋ͬͱ%/4Λֶͼ͍ͨͳΒʜ %/4͕Α͘Θ͔ΔڭՊॻʛ4#ΫϦΤΠςΟϒ https://www.sbcr.jp/product/4797394481/

  29. 29 %/4 ϦόΠϯσΟϯά • ߈ܸͷͨΊͷ४උ • ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ 5PQJD Photo by

    Jonatan Lewczuk on Unsplash

  30. 30 ߈ܸͷͨΊͷ४උ Piyostagram piyostagram.com 133.127.254.9 ߈ܸऀ

  31. 31 ߈ܸͷͨΊͷ४උ ߈ܸऀ kougeki.com

  32. 243.102.110.103 32 ߈ܸͷͨΊͷ४උ ߈ܸऀ ᠘αΠτ kougeki.com

  33. 33 ߈ܸͷͨΊͷ४උ ߈ܸऀ ᠘αΠτ ݖҖαʔό kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3

    243.102.110.103

  34. 34 ߈ܸͷͨΊͷ४උ ߈ܸऀ ᠘αΠτ kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3 243.102.110.103

    ݖҖαʔό

  35. 35 ߈ܸͷͨΊͷ४උ ߈ܸऀ ᠘αΠτ kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3 243.102.110.103

    ݖҖαʔό lϩʔυޙOඵޙʹ kougeki.comʹࣗಈͰΞΫηε͠
 ͦ͜ͰYYY ѱ͍͜ͱ Λ͢Δz ͕ίʔσ Οϯά͞Εͨ
 ߈ܸ༻+BWB4DSJQUίʔυ Λฦ͢Α͏ʹ͓ͯ͘͠

  36. 36 ߈ܸ։࢝ ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔

  37. 37 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ 243.102.110.103 133.127.254.9 ϑϧϦκϧό ݖҖαʔό kougeki.com.

    ໊લղܾͷ୅ߦ໾ kougeki.com ΁ͷϦϯΫΛ
 ΫϦοΫ ϝʔϧ಺ͷ

  38. 38 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ kougeki.com ͷ*1ΞυϨεΛ
 ஌Γ͍ͨ kougeki.com ͷ*1ΞυϨε͸ʁ

    ϑϧϦκϧό 243.102.110.103 133.127.254.9 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  39. 39 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ 243.102.110.103

    133.127.254.9 kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  40. 40 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com 243.102.110.103

    ͷ*1ΞυϨε͸ TTL 3 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  41. 41 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 ݖҖαʔό kougeki.com.

    kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3 ໊લղܾͷ୅ߦ໾

  42. 42 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 ݖҖαʔό kougeki.com.

    kougeki.com 243.102.110.103 ͷ*1ΞυϨε͸ TTL 3 lϩʔυޙOඵޙʹ kougeki.comʹࣗಈͰΞΫηε͠
 ͦ͜ͰYYY ѱ͍͜ͱ Λ͢Δz ͕ίʔσ Οϯά͞Εͨ
 ߈ܸ༻+BWB4DSJQUίʔυ ໊લղܾͷ୅ߦ໾

  43. 43 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com 243.102.110.103

    ͷ*1ΞυϨε͸ TTL 3 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  44. 44 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com 243.102.110.103

    ͷ*1ΞυϨε͸ TTL 3 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  45. 45 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com 243.102.110.103

    ͷ*1ΞυϨε͸ 133.127.254.9 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  46. 46 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com ͷ*1ΞυϨεΛ


    ஌Γ͍ͨ ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  47. 47 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com ͷ*1ΞυϨεΛ


    ஌Γ͍ͨ kougeki.com ͷ*1ΞυϨε͸ʁ ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  48. 48 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 kougeki.com ͷ*1ΞυϨε͸

    kougeki.com 133.127.254.9 ͷ*1ΞυϨε͸ TTL 86400 133.127.254.9 ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  49. 49 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ߈ܸऀ ߈ܸର৅ऀ :͞Μ ϑϧϦκϧό 243.102.110.103 133.127.254.9 ݸਓ৘ใΛ
 ൈ͖औΔFUDʜ

    ݖҖαʔό kougeki.com. ໊લղܾͷ୅ߦ໾

  50. 50 ͲͷΑ͏ʹ߈ܸ͞ΕΔͷ͔ ͋͘·Ͱ΋%/4ͷ࢓༷Ͳ͓ΓͰ͋Δ %/4ͷ੬ऑੑΛͭ͘Α͏ͳ߈ܸͰ͸ͳ͍ ʜͰ͸ɺͲ͏ͨ͠Βʁ

  51. 51 %/4ϦόΠϯσΟϯά·ͱΊ %/4ͷ࢓༷Λѱ༻ͨ͠߈ܸख๏Ͱ͢ ϗετ໊͸ม͑ͣɺ*1ΞυϨεΛ࠮শ͞ΕΔ߈ܸͰ͢ ϦόΠϯσΟϯάޙʹϓϥΠϕʔτωοτϫʔΫͷ*1ΞυϨε౳Λࢦఆ͞ΕΔ ͜ͱͰɺϑΝΠΞ΢Υʔϧ಺ͷϓϥΠϕʔτωοτϫʔΫ΋߈ܸର৅ͱͳΓ· ͢ʢࠓճͷΑ͏ʹΠϯλʔωοτ্ͷαʔόΛ߈ܸ͞ΕΔͱ͍͏ͷ͸͋͘·Ͱ ΋Ұྫʣ

  52. 52 5PQJD ActionDispatch:: HostAuthorization • %/4ϦόΠϯσΟϯάͷݟഁΓํ • 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ Photo by

    Wolfgang Hasselmann on Unsplash

  53. 53 %/4ϦόΠϯσΟϯάͷݟഁΓํ GET /login.html HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows

    NT) Host: kougeki.com Accept-Language: ja-JP ߈ܸͷಛੑ্ɺ

  54. 54 GET /login.html HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)

    Host: kougeki.com Accept-Language: ja-JP ໊લղܾͷࡍʹ࢖ΘΕͨυϝΠϯ໊͕)PTUʹهࡌ͞ΕΔ ߈ܸͷಛੑ্ɺ %/4ϦόΠϯσΟϯάͷݟഁΓํ ˞9.-)UUQ3FRVFTUͰ͸ɺϢʔβʹΑΔ)PTUϔομͷมߋ͸Ͱ͖ͳ͍

  55. 55 ϦΫΤετͷ)PTUϔομͷ஋͕ ҙਤͨ͠υϝΠϯ໊*1ΞυϨε͔Λ ֬ೝ͢Ε͹ྑ͍ʂ %/4ϦόΠϯσΟϯάͷݟഁΓํ

  56. 56 GET /login.html HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)

    Host: piyostragram.com Accept-Language: ja-JP GET /login.html HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT) Host: kougeki.com Accept-Language: ja-JP Valid Request Invalid Request %/4ϦόΠϯσΟϯάͷݟഁΓํ

  57. 57 ͦͷͨΊʹ࣮૷͞Εͨͷ͕ɺ %/4ϦόΠϯσΟϯάͷݟഁΓํ

  58. 58 https://github.com/rails/rails/blob/6-0-stable/actionpack/CHANGELOG.md#rails-600beta1-january-18-2019 ͜Ε͸ɺϦΫΤετ͕Ͱ͖ΔϗετΛ໌ࣔతʹڐՄ͢Δ͜ͱͰɺ%/4ϦόΠϯσΟϯά߈ܸΛ๷ޚ͢Δɺ ৽͍͠ϛυϧ΢ΣΞͰ͢ɻ ͦΕͧΕͷϗετ͸ DBTF PQFSBUPS   ͰνΣοΫ͞ΕɺϗετΛڐՄ͢ΔͨΊͷ΋ͷͱͯ͠

    3FHFYQ  1SPD *1"EES ΧελϜΦϒδΣΫτΛαϙʔτ͍ͯ͠·͢ɻ 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ

  59. 59 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ Rails.application.config.hosts = [ IPAddr.new(“0.0.0.0/0”), # All IPv4 addresses.

    IPAddr.new(“::/0"), # All IPv6 addresses. “localhost” # The localhost reserved domain. ] )PTUͷڐՄϦετΛ࡞੒͢Δ

  60. 60 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ σϑΥϧτͰ͸ɺڐՄϦετʹ஋͕͋Δͷ͸ https://github.com/rails/rails/blob/6-0-stable/railties/lib/rails/application/ configuration.rb#L34 EFWFMPQNFOU؀ڥͷΈ ڐՄϦετ͕ۭ)PTUϔομ͸ݕূ͠ͳ͍

  61. 61 EFWFMPQNFOU؀ڥҎ֎Ͱ΋ݕূΛ༗ޮʹ͍ͨ͠৔߹͸ʜ # config/environments/#{environment}.rb Rails.application.config.hosts = [ “yucao24hours.me" # Add

    hostname you’d like to pass ] 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ

  62. 62 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ https://github.com/rails/rails/blob/6-0-stable/actionpack/lib/action_dispatch/ middleware/host_authorization.rb#L22-L30 ڐՄϦετ ϦΫΤετϔομͷ஋
 )PTU 9'PSXBSEFE)PTU ൑ఆ෦෼ͷϝιουͷ࣮૷ΛݟͯΈΔ

  63. 63 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ https://github.com/rails/rails/blob/6-0-stable/actionpack/lib/action_dispatch/ middleware/host_authorization.rb#L56-L67 Λฦ͢ ൑ఆ෦෼ͷϝιουͷ࣮૷ΛݟͯΈΔ

  64. 64 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ Rails.application.config.hosts << IPAddr.new(“10.0.0.1/8”) IPAddr Rails.application.config.hosts << /.*\.example\.com/ RegExp

    Rails.application.config.hosts << "yucao24hours.me" String

  65. 65 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ υοτ͔Β࢝·Δ4USJOHͰαϒυϝΠϯΛڐՄ͢Δ Rails.application.config.hosts << “.example.com" https://github.com/rails/rails/blob/6-0-stable/actionpack/lib/action_dispatch/ middleware/host_authorization.rb#L47-L53

  66. 66 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ τϥϒϧใࠂ "84&-#"-#͔Β3BJMTΞϓϦ΁ͷIFBMUIDIFDLϦΫΤετ࣌ɺ)PTUϔομ͕ ڐՄϦετʹ͋Δ΋ͷͰ͸ͳ͔ͬͨͨΊɺʹͳͬͯ͠·ͬͨ %PDLFS%FTLUPQGPS.BDͷIPTUEPDLFSJOUFSOBMΛ࢖͍͕ͬͯͨɺڐՄϦετʹೖ Ε͍ͯͳ͔ͬͨͨΊʹͳͬͯ͠·ͬͨ ʹ઀ଓ͢ΔࡍʹMWINFΛ࢖͍͕ͬͯͨɺڐՄϦετʹೖΕ͍ͯͳ͔ ͬͨͨΊʹͳͬͯ͠·ͬͨ 66

  67. 67 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ طʹϦόʔεϓϩΩγ౳Ͱ )PTUϔομͷݕূΛ͍ͯ͠ΔͳΒ Θ͟Θ͟ڐՄϦετΛઃఆ͢Δඞཁ͸ͳ͍ 67

  68. 68 3BJMTͷ)PTU"VUIPSJ[BUJPOͱ͸Ͳ͏͍͏΋ͷʁ ҆қʹڐՄϦετΛۭʹͤͣɺ ࣗ͝਎ͷαʔϏεߏ੒ʹ͋Θͤͯ ରԠ͠·͠ΐ͏ 68

  69. 69 )PTU"VUIPSJ[BUJPO·ͱΊ 3BJMT͔Βಋೖ͞Ε·ͨ͠ ڐՄϦετʹͳ͍υϝΠϯ໊͕ )PTU  9'PSXBSEFE)PTU ϔομʹؚ·Ε ͍ͯΔϦΫΤετʹ͸ɺσϑΥϧτͰ͸Λฦ͠·͢ ͨͩ͠ڐՄϦετ͕ۭͰ͋Ε͹ϔομͷݕূ͸͠·ͤΜʢࠓ·Ͱͱಈ࡞͸

    มΘΓ·ͤΜʣ ࣗαʔϏεͷߏ੒ʹ͋Θͤͯઃఆ͠·͠ΐ͏

  70. 75 参考文献 DNS がよくわかる教科書 (SB クリエイティブ) https://www.sbcr.jp/product/4797394481/ 【インターネットとは】 1-2. ドメイン名とIPアドレス

    ~ドメイン名~ (JPNIC) https://youtu.be/l2XZBjOEK2w ドメイン名のしくみ - JPNIC https://www.nic.ad.jp/ja/dom/system.html 浸透いうな! http://www.e-ontap.com/dns/propagation/ DNS浸透の都市伝説を斬る ~ランチのおともにDNS~ https://jprs.jp/tech/material/iw2011-lunch-L1-01.pdf DNS のきほん

  71. 76 参考文献 DNS rebinding attack の対策と考察 https://dnsops.jp/bof/20071119/dnsrebinding-20071119.pdf Protecting Browsers from

    DNS Rebinding Attacks https://crypto.stanford.edu/dns/ DNS Rebinding ~今日の用語特別版~ | 徳丸浩の日記 https://blog.tokumaru.org/2007/11/dns-rebinding.html DNS リバインディング

  72. 77 参考文献 Guard against DNS rebinding attacks by permitting hosts

    by gsamokovarov · Pull Request #33145 · rails/rails https://github.com/rails/rails/pull/33145/ #3397 ([PATCH] CgiRequest returns incorrect host name in event of multiple proxies) - Rails Trac - Trac https://web.archive.org/web/20100618053001/http://dev.rubyonrails.org/ticket/3397 X-Forwarded-Host - HTTP | MDN https://developer.mozilla.org/ja/docs/Web/HTTP/Headers/X-Forwarded-Host ターゲットグループのヘルスチェック - Elastic Load Balancing https://docs.aws.amazon.com/ja_jp/elasticloadbalancing/latest/network/target-group-health- checks.html Application Load Balancer のヘルスチェック失敗のトラブルシューティング https://aws.amazon.com/jp/premiumsupport/knowledge-center/elb-fix-failing-health-checks-alb/ ActionDispatch::HostAuthorization(1/2)

  73. 78 参考文献 Practical Web Cache Poisoning | PortSwigger Research https://portswigger.net/research/practical-web-cache-poisoning

    How to Configure Symfony to Work behind a Load Balancer or a Reverse Proxy (Symfony Docs) https://symfony.com/doc/current/deployment/proxies.html ActionDispatch::HostAuthorization(2/2)