From owner-doc-jp@jp.freebsd.org  Thu Dec 24 01:30:51 1998
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) id BAA00645;
	Thu, 24 Dec 1998 01:30:51 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from jiyu.net ([209.100.98.61])
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) with ESMTP id BAA00635
	for <doc-jp@jp.freebsd.org>; Thu, 24 Dec 1998 01:30:43 +0900 (JST)
	(envelope-from daichi@ongs.net)
Received: from localhost (ppph211.wbs.ne.jp [202.219.55.211])
	by jiyu.net (8.8.5/8.8.5) with ESMTP id BAA11954
	for <doc-jp@jp.freebsd.org>; Thu, 24 Dec 1998 01:33:02 +0900
To: doc-jp@jp.freebsd.org
In-Reply-To: <199812231549.AAA06426@smtp1.dti.ne.jp>
References: <199812221849.TAA09347@gvr.gvr.org>
	<19981223184706E.njt@nn.iij4u.or.jp>
	<19981223233804H.daichi@ongs.net>
	<199812231549.AAA06426@smtp1.dti.ne.jp>
X-Mailer: Mew version 1.94b1 on XEmacs 20.4 (Emerald)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19981224013159T.daichi@ongs.net>
Date: Thu, 24 Dec 1998 01:31:59 +0900
From: "Daichi T.GOTO" <daichi@ongs.net>
X-Dispatcher: imput version 981019(IM102)
Lines: 185
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+981115
X-Sequence: doc-jp 5706
Subject: [doc-jp 5706] Re: ANNOUNCE: CERT Advisory CA-98.13 - TCP/IP Denial of Service (fwd)
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: daichi@ongs.net

$BBgCO$G$9(B :)

From: Koga Youichirou <y-koga@jp.freebsd.org>
Subject: [doc-jp 5703] Re: ANNOUNCE: CERT Advisory CA-98.13 - TCP/IP Denial of Service (fwd)
Date: Thu, 24 Dec 1998 00:49:15 +0900

> $B!V(Bfwd$B!W$O!VE>Aw!W$G$7$g$&!#(B

$B$J$k$[$I$J$k$[$I!#(Bfwd $B$O$I$s$JN,$J$N$G$9$+!)(B







------------------------------------------------------------------------
$B$*CN$i$;(B: CERT $B4+9p(B CA-98.13 - TCP/IP $B%5!<%S%9K832(B ($BE>Aw(B)


$B:rF|2<5-$N4+9p$,(B CERT $B$h$jI=L@$5$l$^$7$?(B. $B$3$l$O(B FreeBSD $B$K$b3:Ev$9$k$b(B
$B$N$G(B, FreeBSD $B4XO"$NE,@Z$J%a!<%j%s%0%j%9%H$KE>Aw$7$^$9(B. $B$3$N7o$K4X$9$k(B 
FreeBSD $B%;%-%e%j%F%#%*%U%#%5!<$H$N6(NO$r(B CERT $B$K46<U$7$^$9(B. 

  -----BEGIN PGP SIGNED MESSAGE-----


CERT $B4+9p(B CA-98-13-tcp-denial-of-service

   $B86J8$NH/9TF|(B:  1998 $BG/(B 12 $B7n(B 21 $BF|(B

   $B:G=*99?7(B

$B7oL>(B: TCP/IP $B$NFCDj$N<BAu$K$*$1$k<eE@(B

$B1F6A$r<u$1$k%7%9%F%`(B

   BSD $BM3Mh$N(B TCP/IP $B%9%?%C%/$r;}$D%7%9%F%`$N$&$A$N$$$/$D$+$G$"$k(B. $B1F6A(B
   $B$r<u$1$k%7%9%F%`$N40A4$J%j%9%H$K$D$$$F$O(B Appendix A $B$r;2>H$N$3$H(B. 

$B35MW(B

   $B967b<T$O(B TCP/IP $B%9%?%C%/$N<eE@$r0-MQ$7$F(B, $B%5!<%S%9$rCfCG$5$;$?$j(B, $B%7(B
   $B%9%F%`$r%/%i%C%7%e$5$;$?$j$9$k$3$H$,$G$-$k(B. $BFCJL$N%"%/%;%9<jCJ$OITMW(B
   $B$G(B, $B967b<T$OK\Ev$N%"%I%l%9$r1#$9$?$a$K;OE@%"%I%l%956B$(B 
   (source-address spoofing) $B$r$9$k$3$H$,$G$-$k(B. 

I. $B2r@b(B

   $B967b<T$OFCDj$NFCD'$r;}$D0lO"$N%Q%1%C%H$rCm0U?<$/9=@.$9$k$3$H$K$h$j(B, 
   $B<eE@$r;}$D%7%9%F%`$r%/%i%C%7%e$5$;$?$j(B, $B%O%s%0$5$;$?$j(B, $BM=B,$G$-$J$$(B
   $B7A$N$U$k$^$$$r$5$;$k$3$H$,$G$-$k(B. $B$3$l$O0J2<(B

       http://www.cert.org/advisories/CA-97.28.Teardrop_Land.html

   $B$K<($5$l$F$$$k<eE@$r4^$`B>$N%5!<%S%9K832(B (denial-of-service) $B967b$HF1(B
   $BMM$N8z2L$r;}$D$b$N$G$"$k(B. 
   $BFC$K(B, $B$3$N<eE@$H(B IP $B$N;OE@%"%I%l%956B$(B (IP-source-address spoofing)$B$r(B
   $BAH9g$o$;$k$3$H$G(B, $B967b<T$N0LCV$rFM$-;_$a$k$3$H$r:$Fq(B, $B$J$$$7IT2DG=$K(B
   $B$9$k$3$H$,$G$-$k(B. $B$^$?(B, $B%V%m!<%I%-%c%9%H%Q%1%C%H$HAH9g$;$k$3$H$G(B, $B>/(B
   $B?t$N%Q%1%C%H$r;H$C$F$3$N<eE@$r;}$DB??t$N%^%7%s$K1F6A$rM?$($k$3$H$,$G(B
   $B$-$k(B. 

II. $B1F6A(B

   $B$3$N<eE@$r;}$D%^%7%s$rC/$G$b%j%b!<%H$+$i%/%i%C%7%e$5$;$?$j%O%s%0$5$;(B
   $B$k$3$H$,$G$-$k(B. $B$"$k$$$O%7%9%F%`$KM=B,$G$-$J$$7A$N$U$k$^$$$r$5$;$k$3(B
   $B$H$,2DG=$G$"$k(B. 

III. $B2r7hK!(B

A. $B%Y%s%@$+$i$N%Q%C%A$rE,MQ$9$k(B

   Appendix A $B$O(B, $B$3$N4+9p$K4X$9$k%Y%s%@$+$i$N>pJs$r4^$s$G$$$k(B. $B?7$?$J(B
   $B>pJs$r<u$1$H$j<!Bh(B, $B$3$N>pJs$r99?7$9$k(B. $B$b$7%Y%s%@$NL>A0$,8+Ev$?$i$J(B
   $B$1$l$P(B, CERT/CC $B$O$=$N%Y%s%@$+$i$O>pJs$r$$$?$@$$$F$$$J$$$N$G(B, $B%Y%s%@(B
   $B$KD>@\O"Mm$r$H$C$FD:$-$?$$(B. 

B. $B;OE@%"%I%l%956B$$rKI$0$h$&$K%k!<%?$d%U%!%$%"%&%)!<%k$r@_Dj$9$k(B

   $B;OE@%"%I%l%956B$$r9T$&967b<T$r8:$i$9$h$&$K%k!<%?!<$d%U%!%$%"%&%)!<%k(B
   $B$rD4@0$9$k$3$H$r>)Ne$7$F$$$k(B. $B:#$N$H$3$m%M%C%H%o!<%/$KN.$l$kB?$/$N(B IP 
   $B56B$%Q%1%C%H$r8:$i$9$?$a$N:GNI$N<jCJ$O(B, $BDL2a;~$K;OE@%"%I%l%9$rMW5a$9(B
   $B$k$h$&$K$9$k%U%#%k%?$r%k!<%?$K%$%s%9%H!<%k$9$k$3$H$G$"$k(B. $B$3$N<j$N(B
   $B%U%#%k%?$O30It%M%C%H%o!<%/$X=P$F$$$/$9$Y$F$N%Q%1%C%H$r%U%#%k%?%j%s%0(B
   $B$9$k$3$H$GH/?.(B IP $B%"%I%l%956B$967b$rL58z$K$9$k(B. 

   $B$3$N<j$N%U%#%k%?%j%s%0$K4X$9$k>\:Y@bL@$O(B Cisco Systems, Inc. $B$N(B Paul
   Ferguson $B$,$K$h$k(B RFC 2267$B!H(BNetwork Ingress Filtering: Defeating
   Denial of Service Attacks which employ IP Source Address Spoofing$B!I$r(B
   $B;2>H$"$l(B. $B2f!9$O$3$l$r%$%s%?!<%M%C%H%5!<%S%9%W%m%P%$%@$H%k!<%?$r4IM}(B
   $B$7$F$$$k%5%$%H$NN>J}$K4+$a$F$$$k(B. $B$3$N(B RFC $B$O2<5-$r;2>H$N$3(B
   $B$H(B. 

      http://info.internet.isi.edu:80/in-notes/rfc/files/rfc2267.txt

   $B>e5-$N%?%$%W$N%U%#%k%?%j%s%0$O967b<+BN$+$i%5%$%H$r<i$k$o$1$G$O$J$$$3(B
   $B$H$KCm0U$7$FD:$-$?$$(B. $B967b<T$N0LCV$r1#$9G=NO$r2<$2(B, $B967b$r;W$$$H$I$^(B
   $B$i$;$k$@$1$G$"$k(B. 


 Appendix A - $B%Y%s%@>pJs(B ($BLuCm(B*:FreeBSD $B4XO"$N$_H4?h(B)

    FreeBSD, Inc.
    FreeBSD 2.2.8 $B$K$O$3$N<eE@$O$J$$(B. 
    2.2.8 $B$h$jA0$N%P!<%8%g%s$N(B FreeBSD $B$K$O$3$N<eE@$,$"$k(B. 
    FreeBSD 3.0 $B$K$b$3$N<eE@$,$"$k(B. 
    1998/11/12 $BIU$N(B FreeBSD 3.0-current $B$K$O$3$N<eE@$O$"$k(B. 


$B9W8%<T(B

    $B$3$N<eE@$O(B Cambridge Technology Partners $B%(%s%?!<%W%i%$%:%;%-%e%j%F%#(B
    $B%5!<%S%9%A!<%`$N(B Joel Boutros $B$K$h$C$F:G=i$KH/8+$5$l$?(B. 
    FreeBSD, Inc. $B$N(B Guido van Rooij $B$,$3$N<eE@$N2r@O$H1F6A$N5Z$VHO0O$K(B
    $B4X$9$k>pJs$rDs6!$/$@$5$C$?(B. 
    ______________________________________________________________________

    $BK\%I%-%e%a%s%H$O2<5-$h$jF~<j2DG=(B:
    http://www.cert.org/advisories/CA-98-13-tcp-denial-of-service.html.
    ______________________________________________________________________


CERT/CC $BO"Mm@h(B

    Email: cert@cert.org
           $BEEOC(B: +1 412-268-7090 ( 24 $B;~4V%[%C%H%i%$%s(B)
           FAX: +1 412-268-6989
           $B=;=j(B:
           CERT Coordination Center
           Software Engineering Institute
           Carnegie Mellon University
           Pittsburgh PA 15213-3890
           U.S.A.
     $B7nMK$+$i6bMK$^$G$N(B 08:00-20:00 EST(GMT-5) / EDT(GMT-4) $B$N4V(B CERT $B?&(B
     $B0w$O%Q!<%=%J%k%"%s%5!<%[%C%H%i%$%s$K$FBP1~(B. $B=5Kv$dJF9q5YF|$K$O6[5^(B
     $BHI$,EEOC$r<u$1IU$1$F$$$k(B. 

$B0E9f$NMxMQ(B

     $B5!L)$N9b$$>pJs$O0E9f2=$7$F$+$i%a!<%k$GAw$k$9$h$&$K6/$/4+$a$F$$$k$b$N(B
     $B$G$"$k(B. $B2f!9$N(B PGP $B8x3+80$O(B http://www.cert.org/CERT_PGP.key $B$K$F<j(B
     $B$KF~$l$k$3$H$,$G$-$k(B. $B$b$7(B DES $B$NMxMQ$r$*K>$_$G$"$l$P(B CERT $B%[%C%H%i(B
     $B%$%s$K$F>\:Y$rJ9F~$7$FM_$7$$(B. 

$B%;%-%e%j%F%#>pJs$N<hF@(B

   CERT $B$N=PHGJ*$*$h$S$=$NB>$N>pJs$O(B http://www.cert.org/ $B$N(B web $B%5%$(B
   $B%H$+$i<hF@$G$-$k(B. 

   $B2f!9$N%a!<%j%s%0%j%9%H$K2C$o$C$F4+9p$d9-Js$rCN$j$?$$$H$$$&J}$O(B 
   subject $B$K(B SUBSCRIBE $B$"$J$?$N%a!<%k%"%I%l%9$H5-F~$N>e(B 
   cert-advisory-request@cert.org $B$^$G%a!<%k$7$FD:$-$?$$(B. 

   Copyright 1998 Carnegie Mellon University.
   $BMxMQ>r7o(B, disclaimers, $B%9%]%s%5!<>pJs$O(B http://www.cert.org $B$r;2>H$N$3$H(B
   
    * CERT $B$O(B U.S. Patent and Trademark Office $B$K$FEPO?:Q$_(B
    ______________________________________________________________________
    $BL5J]>Z(B
    $B%+!<%M%.!<%a%m%sBg3X$H%=%U%H%&%'%"%(%s%8%K%"%j%s%0%$%s%9%F%#%F%e!<%H(B
    $B$K$h$C$FDs6!$5$l$?%^%F%j%"%k$O(B $B!H(Bas is$B!I(B $B$N9M$($,$b$H$G$"$k(B. $B%+!<%M(B
    $B%.!<%a%m%sBg3X$O$9$Y$F$NJs9p$5$l$?(B, $B$=$l$H$J$/Js$8$i$l$?(B, $B@)8B$5$l$F(B
    $B$$$k(B, $BFCDj$NL\E*$d>&6H$X$NE,9g@-(B, $BMxMQ$K$h$k7k2L$dFH@j$K4X$7$FL5J]>Z(B
    $B$G$"$k(B. $B%+!<%M%.!<%a%m%sBg3X$OFC5v(B, $B%H%l!<%I%^!<%/(B, $B%3%T!<(B $B%i%$%H$K(B
    $B4X$9$k0cH?;v9`$K4X$7$F$^$C$?$/L5J]>Z$G$"$k(B.  
    _________________________________________________________________


    $B2~DjMzNr(B
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNn64knVP+x0t4w7BAQHd/wQAv+1cQif/KNdFZ1ObARzlJJUd9T0Za5WM
GjZwrlYR3CIm+eByVbGGizCYTXzuiTjQdenKxfDXAXXwqZRIvFbpjU3qWY6kCicf
BhTbvzOOIT/ROhr9fWRwPqqPMKUyUYaJCbeWYWeV6PFJ6fYhWrBihiE+yml4n1Xp
k2lHvwHl9lE=
=9kEz
-----END PGP SIGNATURE-----

-----------------------------------------------------------
----
 Daichi T.GOTO (ONGS)
    http://www.ongs.net/daichi, daichi@ongs.net
