SlideShare a Scribd company logo

2015年3月の中国からGitHubへのDDoS攻撃(MITM)の概要

Z
Zimb_

2015年3月の中国からGitHubへのDDoS攻撃(MITM)の概要

Internet
1 of 15
Download to read offline
Lightning Talk 2015/05/17 Zimb.
中国からGitHubへのDDoS攻撃(MITM) 今日のテーマはこれ 2015年3月に発生した
中国からGitHubへのDDoS攻撃(MITM) 2015年3月に発生した
DDoS攻撃とは... DoS攻撃…Denial of Service Attack DDoS攻撃…Distributed DoS Attack サービス拒否攻撃。トラフィックを増大させ、回線やサーバのリソースを占有 することでサービスを提供不能な状態にする。 ちょっとした小話 ・TCP SYN Flood Black Hat ServerTraffics … Black Hat Traffics … 分散型DoS攻撃。踏み台と呼ばれる多数のコンピュータが、標的とされた サーバなどに対して攻撃を行う。 Hosts Server …
中国からGitHubへのDDoS攻撃(MITM) 2015年3月に発生した
MITMとは... MITM…Man In The Middle Attack 暗号通信を盗聴したり介入したりする手法の一つ。 Black Hat User A User B A’s public key Black Hat’s public key MessageMessage’ 悪者によって送られて きた公開鍵をAのもの と判断し、暗号化して しまう 自分の秘密鍵でBから のメッセージを解読し、 変更後、Aの公開鍵で 暗号化
中国からGitHubへのDDoS攻撃(MITM) 2015年3月に発生した
USA 中国のMITMとは... 金盾(Great Firewall of China) 中華人民共和国(香港、マカオ除く)において実施されている情報化された 検閲システム。中国共産党にとって都合の悪い情報にアクセスできないように フィルタリングする。 Communist Party of China User A Server RSTとは? TCPで接続を中断・ 拒否する際に送られる パケット 含まれている文言や 宛先を検閲。問題が ある場合はアクセスを 遮断する ちょっとした小話 ・フィルタだけ? ・httpsは? China Inject RST Intercept
中国からGitHubへのDDoS攻撃(MITM) 2015年3月に発生した
USA 中国のGitHubへのMITMとは... 2013年1月にGitHubへのアクセス遮断 アクセスが全面的に遮断される。後日解除される。中国のエンジニアが困って しまったからという噂が…。 Communist Party of China User A github.com github.comへの アクセスを遮断 China Inject RST Intercept
中国からGitHubへのDDoS攻撃(MITM) 2015年3月に発生した
Global USA 中国のGitHubへのDDoS攻撃とは... 巨砲(Great Canon) 百度(Baidu)の提供するアクセス解析サービスを仲介し、悪意のあるJSを埋め 込み、クライアントから2秒おきにGitHubの特定ページへ接続するDDoS攻撃。 Communist Party of China User A github.com 対象にされたサイトは、 ・GreatFire.org ・NewYorkTimesの 中国版ミラーサイト China Inject JS Web Page Baidu Intercept … ちょっとした小話 ・金盾とTTLが同じ
中国からGitHubへのDDoS攻撃(MITM) ちょっとしたおまけ 2015年3月に発生した
この話をしようと思った契機は... Podcast “Security Now” セキュリティの専門家(Steve Gibson)が、司会(Leo Laporte)と一緒に今週話題 になったセキュリティ関連ニュースを解説する番組。大体1時間30分程。英語。
EOF

Recommended

Prabhu Sundaramurthi (4)
Prabhu Sundaramurthi (4)Prabhu Sundaramurthi (4)
Prabhu Sundaramurthi (4)Prabhu Sundaramurthi
 
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando M. Imperiale
 
Diapo bourse aux sports
Diapo bourse aux sportsDiapo bourse aux sports
Diapo bourse aux sportsmfrfye
 
National Development 5.15.15
National Development 5.15.15National Development 5.15.15
National Development 5.15.15Jack Murray III
 
Clustering Financial Time Series using their Correlations and their Distribut...
Clustering Financial Time Series using their Correlations and their Distribut...Clustering Financial Time Series using their Correlations and their Distribut...
Clustering Financial Time Series using their Correlations and their Distribut...Gautier Marti
 
International Coaching News article page 3
International Coaching News article page 3International Coaching News article page 3
International Coaching News article page 3Christine Charles
 
Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando M. Imperiale
 
Clustering CDS: algorithms, distances, stability and convergence rates
Clustering CDS: algorithms, distances, stability and convergence ratesClustering CDS: algorithms, distances, stability and convergence rates
Clustering CDS: algorithms, distances, stability and convergence ratesGautier Marti
 

Recommended

Prabhu Sundaramurthi (4)
Prabhu Sundaramurthi (4)Prabhu Sundaramurthi (4)
Prabhu Sundaramurthi (4)Prabhu Sundaramurthi
 
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando M. Imperiale
 
Diapo bourse aux sports
Diapo bourse aux sportsDiapo bourse aux sports
Diapo bourse aux sportsmfrfye
 
National Development 5.15.15
National Development 5.15.15National Development 5.15.15
National Development 5.15.15Jack Murray III
 
Clustering Financial Time Series using their Correlations and their Distribut...
Clustering Financial Time Series using their Correlations and their Distribut...Clustering Financial Time Series using their Correlations and their Distribut...
Clustering Financial Time Series using their Correlations and their Distribut...Gautier Marti
 
International Coaching News article page 3
International Coaching News article page 3International Coaching News article page 3
International Coaching News article page 3Christine Charles
 
Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando M. Imperiale
 
Clustering CDS: algorithms, distances, stability and convergence rates
Clustering CDS: algorithms, distances, stability and convergence ratesClustering CDS: algorithms, distances, stability and convergence rates
Clustering CDS: algorithms, distances, stability and convergence ratesGautier Marti
 
Yazeed kay-ghazi
Yazeed kay-ghaziYazeed kay-ghazi
Yazeed kay-ghaziYounas Aziz
 
Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015Bestr
 
bala.resume
bala.resumebala.resume
bala.resumebala krishna
 
Yasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucarYasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucarzeynepucarr
 
On the stability of clustering financial time series
On the stability of clustering financial time seriesOn the stability of clustering financial time series
On the stability of clustering financial time seriesGautier Marti
 
EColi_CaseStudyRoughDraft.docx
EColi_CaseStudyRoughDraft.docxEColi_CaseStudyRoughDraft.docx
EColi_CaseStudyRoughDraft.docxDelaney Hettithantrige
 
NSO_cv_20160511
NSO_cv_20160511NSO_cv_20160511
NSO_cv_20160511Matthew Penn
 
Nutrifit parcial vane
Nutrifit parcial vaneNutrifit parcial vane
Nutrifit parcial vanevanessaghia12
 
Prevenzione
PrevenzionePrevenzione
PrevenzioneMichele Barilaro
 
Health & safety officer performance appraisal
Health & safety officer performance appraisalHealth & safety officer performance appraisal
Health & safety officer performance appraisalsandersjamie999
 

More Related Content

Viewers also liked

Yazeed kay-ghazi
Yazeed kay-ghaziYazeed kay-ghazi
Yazeed kay-ghaziYounas Aziz
 
Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015Bestr
 
Yasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucarYasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucarzeynepucarr
 
On the stability of clustering financial time series
On the stability of clustering financial time seriesOn the stability of clustering financial time series
On the stability of clustering financial time seriesGautier Marti
 
Nutrifit parcial vane
Nutrifit parcial vaneNutrifit parcial vane
Nutrifit parcial vanevanessaghia12
 
Health & safety officer performance appraisal
Health & safety officer performance appraisalHealth & safety officer performance appraisal
Health & safety officer performance appraisalsandersjamie999
 

Viewers also liked (10)

Yazeed kay-ghazi
Yazeed kay-ghaziYazeed kay-ghazi
Yazeed kay-ghazi
 
Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015Carla Casilli - Cineca + open badges - May 2015
Carla Casilli - Cineca + open badges - May 2015
 
bala.resume
bala.resumebala.resume
bala.resume
 
Yasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucarYasemin yilmazer latifepalta_zeynepucar
Yasemin yilmazer latifepalta_zeynepucar
 
On the stability of clustering financial time series
On the stability of clustering financial time seriesOn the stability of clustering financial time series
On the stability of clustering financial time series
 
EColi_CaseStudyRoughDraft.docx
EColi_CaseStudyRoughDraft.docxEColi_CaseStudyRoughDraft.docx
EColi_CaseStudyRoughDraft.docx
 
NSO_cv_20160511
NSO_cv_20160511NSO_cv_20160511
NSO_cv_20160511
 
Nutrifit parcial vane
Nutrifit parcial vaneNutrifit parcial vane
Nutrifit parcial vane
 
Prevenzione
PrevenzionePrevenzione
Prevenzione
 
Health & safety officer performance appraisal
Health & safety officer performance appraisalHealth & safety officer performance appraisal
Health & safety officer performance appraisal
 

2015年3月の中国からGitHubへのDDoS攻撃(MITM)の概要