๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ

๋ณด์•ˆ/์ทจ์•ฝ์  ๋ถ„์„11

ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ - ํŒจ์น˜ ๋ฐ ๋กœ๊ทธ๊ด€๋ฆฌ, ๋งˆ๋ฌด๋ฆฌ ํŒจ์น˜ ๋ฐ ๋กœ๊ทธ๊ด€๋ฆฌ XE-28. SU ๋กœ๊ทธ ์„ค์ • ์ผ๋ฐ˜ ์‚ฌ์šฉ์ž์—์„œ Super User๋กœ ์‚ฌ์šฉ๋˜๋Š” ๊ธฐ๋ก์„ ๋‚จ๊ธฐ๊ธฐ ์œ„ํ•ด Su ์‚ฌ์šฉ๋กœ๊ทธ๋ฅผ ๋‚จ๊ธฐ๋„๋ก ํ•˜๋Š” ๋ณด์•ˆ ์„ค์ •์ด ํ•„์š” (์ทจ์•ฝ๋„ ์ƒ) ์ง„๋‹จ : ํŒŒ์ผ ํ™•์ธ # cat /etc/ssh/syslog.conf | grep authpriv.* ์กฐ์น˜ : ํŒŒ์ผ ์„ค์ • ๋ณ€๊ฒฝ 1) # vi /etc/syslog.conf # authpriv.* /var/log/secure 2) # /etc/rc.d/init.d/syslog restart XE-29. syslog ์„ค์ • syslog ๋ฐ๋ชฌ์ด๋ž€? syslog ๋ฐ๋ชฌ์€ ์‹œ์Šคํ…œ์˜ ๋กœ๊ทธ๋ฅผ ๊ธฐ๋กํ•˜๋Š” ์ „์šฉ ๋ฐ๋ชฌ, ์›๊ฒฉ ๋˜๋Š” ๋กœ์ปฌ ์‹œ์Šคํ…œ์˜ ์ปค๋„๋ฉ”์‹œ์ง€ ๋ฐ ์‹œ์Šคํ…œ ๋กœ๊ทธ๋ฅผ ๊ฐ์‹œ "syslog.co" ํŒŒ์ผ์˜ ๋ณด์•ˆ ์„ค์ •์ด ๋˜์—ˆ๋Š”์ง€ ์ ๊ฒ€ (์ทจ์•ฝ๋„ ์ƒ) ์ง„๋‹จ /e.. 2022. 12. 29.
ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ - ๋„คํŠธ์›Œํฌ ์„ค์ •, ํ•˜์ดํผ๋ฐ”์ด์ € ์ •์ฑ…์„ค์ • ๋„คํŠธ์›Œํฌ ์„ค์ • XE-20. ์„œ๋น„์Šค Banneer ๊ด€๋ฆฌ ํ•ด๋‹น ํ”„๋กœ์„ธ์Šค์˜ ๋ฒ„์ „๊ณผ ์‹œ์Šคํ…œ์˜ ํ˜ธ์ŠคํŠธ ๋ช…์ด ๋…ธ์ถœ๋˜์ง€ ์•Š๋„๋ก ๋ฐฐ๋„ˆ๋ฅผ ์„ค์ • (์ทจ์•ฝ๋„ ์ค‘) ์ง„๋‹จ : ๋ฐฐ๋„ˆํŒŒ์ผ์ด ์กด์žฌํ•˜๋Š” ๊ฒฝ๋กœ ํ™•์ธ # cat /etc/ssh/sshd_config | grep "Banner" -> ์œ„์—์„œ ํ™•์ธํ•œ ๊ฒฝ๋กœ์—์„œ ๋ฐฐ๋„ˆ ๋‚ด์šฉ ํ™•์ธ ์กฐ์น˜ : /etc/ssh/sshd_config ํŒŒ์ผ์— Banner ์„ค์ • -> /etc/issue.net ํŒŒ์ผ์„ ์ƒ์„ฑํ•˜๊ณ  ๊ฒฝ๊ณ  ๋ฉ”์‹œ์ง€ ์‚ฝ์ž… XE-21. seesion timeout ์„ค์ • ์ง€์ •๋œ ์‹œ๊ฐ„ ๋™์•ˆ ์‚ฌ์šฉํ•˜์ง€ ์•Š์„ ๊ฒฝ์šฐ ์ ‘์†๋œ session์„ ํ•ด๋‹น ์„œ๋ฒ„์—์„œ ๋Š๋„๋ก ์„ค์ •ํ•˜๋Š” ๊ฒƒ์ด ํ•„์š” (์ทจ์•ฝ๋„ ํ•˜) - /etc/profile์—์„œ session timeout ์„ค์ • ํ™•์ธ # cat /etc/profile | g.. 2022. 12. 29.
ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ - Xenserver, ํŒŒ์ผ์‹œ์Šคํ…œ Xenserver ๊ฐ€. ๊ณ„์ • ๊ด€๋ฆฌ 7๊ฐœ ํ•ญ๋ชฉ ๋‚˜. ํŒŒ์ผ ์‹œ์Šคํ…œ 12๊ฐœ ํ•ญ๋ชฉ ์ทจ์•ฝํ•œ ์ด์œ ? ์ •์ƒ์ ์ธ DNS๋ฅผ ์šฐํšŒํ•˜์—ฌ ์•…์„ฑ์‚ฌ์ดํŠธ๋กœ์˜ ์ ‘์†์„ ์œ ๋„ํ•˜๋Š” ํŒŒ๋ฐ(Pharming) ๊ณต๊ฒฉ ๋“ฑ์— ์•…์šฉ ํ˜ธ์ŠคํŠธ๋„ค์ž„ ๋“ฑ๋กํŒŒ์ผ์ธ /etc/hosts ํŒŒ์ผ์— ๋Œ€ํ•œ ์ ‘๊ทผ ์ œํ•œํ•˜๊ณ  ์žˆ๋Š”์ง€ ์ ๊ฒ€ (์ทจ์•ฝ๋„ ์ค‘) ์ง„๋‹จ๋ฐฉ๋ฒ•, ์กฐ์น˜๋ฐฉ๋ฒ•์€ XE-12์™€ ๋™์ผ XE-14. /etc/issue ํŒŒ์ผ ๊ถŒํ•œ ์„ค์ • ํ„ฐ๋ฏธ๋„ ์„ค์ •๊ณผ ๊ด€๋ จ๋œ /etc/issue ํŒŒ์ผ์— ๋Œ€ํ•œ ์ ‘๊ทผ ์ œํ•œํ•˜๊ณ  ์žˆ๋Š”์ง€ ์ ๊ฒ€ (์ทจ์•ฝ๋„ ์ค‘) ์ง„๋‹จ๋ฐฉ๋ฒ•, ์กฐ์น˜๋ฐฉ๋ฒ•์€ XE-12์™€ ๋™์ผ XE-15. ์‚ฌ์šฉ์ž ํ™ˆ ๋””๋ ‰ํ„ฐ๋ฆฌ ๋ฐ ํŒŒ์ผ ๊ด€๋ฆฌ ๊ฐ๊ฐ์˜ ์‚ฌ์šฉ์ž์˜ ํ™ˆ ๋””๋ ‰ํ„ฐ๋ฆฌ ๋‚ด์˜ ํŒŒ์ผ์„ ์ธ๊ฐ€๋˜์ง€ ์•Š์€ ์‚ฌ์šฉ์ž๊ฐ€ ์ ‘๊ทผํ•˜์—ฌ ๋ณ€์กฐํ•˜์˜€๋Š”์ง€ ์ ๊ฒ€ (์ทจ์•ฝ๋„ ํ•˜) /etc/passwd ํŒŒ์ผ์—์„œ ์‚ฌ์šฉ์ž ํ™ˆ ๋””๋ ‰ํ„ฐ๋ฆฌ ํ™•์ธ -.. 2022. 12. 28.
ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ - ๊ฐœ์š”, ๊ณ„์ •๊ด€๋ฆฌ https://isms.kisa.or.kr/main/csap/notice/ KISA ์ •๋ณด๋ณดํ˜ธ ๋ฐ ๊ฐœ์ธ์ •๋ณด๋ณดํ˜ธ๊ด€๋ฆฌ์ฒด๊ณ„ ์ธ์ฆ ํด๋ผ์šฐ๋“œ ๋ณด์•ˆ์ธ์ฆ์ œ ์ž๋ฃŒ์‹ค isms.kisa.or.kr 2020๋…„ 12์›”์— ํ•œ๊ตญ์ธํ„ฐ๋„ท์ง„ํฅ์›์ด ๋ฐฐํฌํ•œ 'ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ - ๋ณด์•ˆ์„ค์ •(CCE)' ๋‹ค์šด๋กœ๋“œ ๋งํฌ์ž…๋‹ˆ๋‹ค. 2022๋…„ 12์›” ํ˜„์žฌ๊นŒ์ง€ ์ถ”๊ฐ€๋กœ ๋ฐฐํฌํ•œ ๊ฐ€์ด๋“œ๊ฐ€ ์—†๊ธฐ์— 2020๋…„ 12์›”์— ๋ฐฐํฌ๋œ ๊ฐ€์ด๋“œ๊ฐ€ ์ตœ์‹ ์ž…๋‹ˆ๋‹ค. ํ‰์†Œ์— ํด๋ผ์šฐ๋“œ ์„œ๋น„์Šค์— ๊ด€์‹ฌ์ด ์žˆ์–ด ๊ธฐ์—… ๋ฉด์ ‘์— ๋„์›€์ด ๋ ๋งŒํ•œ ๋…ผ๋ฌธ๊ณผ ์ž๋ฃŒ๋ฅผ ์ฐพ์•„๋ณด๋˜ ์ค‘ 'ํด๋ผ์šฐ๋“œ ์„œ๋น„์Šค์˜ ๋ณด์•ˆ ์ทจ์•ฝ์ ๊ณผ ๋Œ€์‘๋ฐฉ์•ˆ' ๋…ผ๋ฌธ๊ณผ 'ํด๋ผ์šฐ๋“œ ์ทจ์•ฝ์  ์ ๊ฒ€ ๊ฐ€์ด๋“œ ์œ ํŠœ๋ธŒ ๊ฐ•์˜'๋ฅผ ํ†ตํ•ด ๊ณต๋ถ€ํ•œ ๋‚ด์šฉ์„ ์ •๋ฆฌํ•ฉ๋‹ˆ๋‹ค. ๊ฐœ์š” 1) ํด๋ผ์šฐ๋“œ ์„œ๋น„์Šค ์ผ๋ฐ˜์ ์œผ๋กœ ์ž์›์„ ์†Œ์œ ํ•˜์ง€ ์•Š๊ณ  On-Demand ํ˜•์‹์œผ๋กœ ์ž.. 2022. 12. 27.
CVE-2021-25076 ์ทจ์•ฝ์  ์‹ค์Šต ์ทจ์•ฝ์  : https://nvd.nist.gov/vuln/detail/CVE-2021-25076 NVD - CVE-2021-25076 CVE-2021-25076 Detail Undergoing Reanalysis This vulnerability has been modified and is currently undergoing reanalysis. Please check back soon to view the updated vulnerability summary. Current Description The WP User Frontend WordPress plugin before 3.5. nvd.nist.gov PoC ์ฝ”๋“œ : https://www.exploit-db.com/exploits/50772 Wo.. 2022. 2. 24.
Ubuntu 18.04 + WordPress ์„ค์น˜ ๋งํฌ Ubuntu 18.04 + WordPress ์„ค์น˜ https://www.youtube.com/watch?v=na-fT9ZgWPM&t=12s ์„ค์น˜ ์™„๋ฃŒ ํ™”๋ฉด 2022. 2. 16.

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”