º¶ >§Þ³N½×¾Â
Mirai´c·Nµ{¦¡±´°Q»P¨¾½d
¥»¤åÂà¸ü¦Û»OÆW¤j¾Çp¸ê¤¤¤ß¥_°Ï¾Ç³N¸ê°T¦w¥þºû¹B¤¤¤ß
¥Í¬¡¦b¬ì§Þ½´«kµo¹Fªº®É¥N¡A´X¥G¨CÓ¤H³£¦Ü¤Ö¾Ö¦³¤@¤ä´¼¼z«¬¤â¾÷¡A³\¦h³õ©Ò¤]´£¨Ñ§K¶OªºµL½uºô¸ô¨Ñ¤H¨Ï¥Î¡C¤j®a¬O§_«ä¦Ò¹L¡A¦b±z¨Ã䪺ª«Ápºô(IoT)¸Ë¸m¡A©Î³\¤w¸g¾D¤£©ú¤H¤h°½°½´Ó¤J´c·Nµ{¦¡¤F©O¡H
®Ú¾Ú¥h¦~iThomeªº¤@½g³ø¾É¡G¡uÀb«È̦bºô¸ô½×¾Â¤Wµo¥¬®ø®§¡A·Qn¥X¯²¥HMirai´c·N³nÅ鬰¥DªºíL«Íºô¸ô¡A¨äíL«Íºô¸ô©Ò±±¨îªº¸Ë¸m¼Æ¶q¤w¹F¨ì¥|¤Q¸UÓ¡v¡C±q³o½g³ø¾É¬Ý¨Ó¡A¨üMirai·P¬Vªº¸Ë¸m¼Æ¶qÃe¤j¡A¦pªG§Q¥Î¤j¶qªºIoT¸Ë¸m§ðÀ»¬Y¤@¥Ø¼Ð¡A©Ò³y¦¨ªº·l¥¢±NÃø¥H¦ôp¡C
¥Ø«eMirai¥Dnªº§ðÀ»¤è¦¡¬O¥Î¤À´²¦¡ªýÂ_ªA°È§ðÀ»(Distributed Denial of Service ¢w DDoS)¡A¥Øªº¬OnÅõºÈ§ðÀ»¥Ø¼Ðªººô¯¸ªA°È¡C¥h¦~µo¥Í¹L¼Æ¦¸³z¹LMirai¾Þ±±ªºDDoS§ðÀ»¡A¨Ò¦p¥h¦~¤Q¤ë¡ADyn¤½¥q´£¨ÑªºDNSªA°È³QDDoS§ðÀ»¡A¾ÉP¤@¨Çºô¯¸µLªk¥¿±`¹B§@¡C
¦b¨Ï¥Î°ª¬ì§Þ²£«~ªº¦P®É¡A¼ç¦bªº¦MÀI¤]¤@ª½¦s¦bµÛ¡C¤j®a¥i¥H³z¹L¾\Ū¥»½g¤å³¹¡A¶i¤@¨B¤F¸ÑMirai¡C
¹Ï¤@¡G¥X¯²Miraiªº¼s§i°T®§
Mirai¤¶²Ð
Mirai¬O¤@Ó´c·N³nÅé¡A¥¦ªº¦æ¬°ªí²{Ãþ¦ü¹q¸£Ä¯ÂΡCMiraiªº¥Dn·P¬V¥Ø¼Ð¬Oª«Ápºô¸Ë¸m¡F·í¸Ë¸m³Q´Ó¤JMirai«á¡A§ðÀ»ªÌ¥i¥H¾Þ±±¸Ó¸Ë¸m¡A¥B§â¸Ó¸Ë¸mÂàÅܬ°íL«Íºô¸ôªº¦¨û¡A§ðÀ»ªÌ¥i§Q¥ÎíL«Íºô¸ô¶i¦æ¤j³W¼Òºô¸ô§ðÀ»¡CMiraiªºì©l½X(Source Code)¤w¸g¦bÀb«È½×¾Â¤½¶}¡A¥H¶}·½ì©l½X(Open Source Code)ªº§Î¦¡µo¥¬¡A±N¾ÉP¤J«IIoT³]³Æªº§Þ³N¡A¥i¯à¥Î¦b§ó¦h·sªº´c·N³nÅé¤W¡C
ª«Ápºô(Internet of Things¡A²ºÙIoT)¡A¼sªx©w¸q¬°¦UÃþ¸Ë¸m³]³Æ³z¹L³s¤Wºô»Úºô¸ô¡A¤¬¬Û«Ø¥ß³s½u¥H¶Ç°e»P±µ¦¬¸ê°T(©Î¬O¸ê®Æ)¡C¨Ò¦pºô¸ô¦Lªí¾÷¡B´¼¼z«¬¹qµø¡Bºô¸ôºÊ±±Äá¼v¾÷¡B®a¥Î¸ô¥Ñ¾¹¥H¤Î¹q¾¹¥Î«~µ¥µ¥¡A³£¬Oª«Ápºôªº¸Ë¸m¡C
ƒÜMirai§ðÀ»¦æ¬°
(¤@) ¨üMirai·P¬Vªº¸Ë¸m¡A·|«ùÄò¦a¦bºô»Úºô¸ô¤W(¥ý±q¬Û¦Pºô¬q¶}©l¡A¤§«áÂX±i¨ì¥~±)±½´yª«Ápºô¸Ë¸mªºIP¦ì§}©M³s±µ°ð¡C
(¤G) ±½´y¨ì¨ä¥L¥¼¨ü·P¬V¸Ë¸mªºIP¦ì§}©M³s±µ°ð¤§«á¡AMirai·|³q¹L¦hºØ±`¥Î¹w³]±b¸¹©M±K½X¹Á¸Õ§ðÀ»¸Ó¸Ë¸m¡A¦pªG¥i¥Hµn¤J¸Ó¸Ë¸m¡AÀH§Y¶}©l¦w¸ËMirai¡CÁöµM¨ü·P¬Vªº¸Ë¸m¤ñ±¤W¬Ý°_¨Ó¥¿±`¹B§@¡A¦ý¦³®ÉÔ·|¦³¨Ç©µ¿ð¡A¦Ó¥Bºô¸ôÀW¼e¬y¶q¤]µo¥Í²§±`ª¬ªp¡C
(¤T) Mirai¦¨¥\·P¬V«á¡A·|§R°£¸Ó¸Ë¸m¤W¦PÃþ«¬ªº´c·N³nÅé¡A¦Ó¥B·|Ãö³¬»·ºÝºÞ²z³s±µ°ð¡C
(¥|) ¥un¸Ë¸m¥¼«·s±Ò°Ê¡A·|¤@ª½³B¦b¨ü·P¬Vªºª¬ºA¡C¤@¥¹¸Ë¸m«·s¶}¾÷¤§«áMirai¤£·|¹B§@¡A¦ý¬Oµu®É¶¡¤º¸Ó¸Ë¸mÁÙ¬O«Ü¦³¥i¯à³Q·P¬V¡C
Mirai§ðÀ»¤âªk¡G¤À´²¦¡ªýÂ_ªA°È§ðÀ»
¹Ï¤G¡GMirai DDoS§ðÀ»¥Ü·N¹Ï
DDoS§ðÀ»¬OªýÂ_ªA°È§ðÀ»(Denial of Service ¢w DoS)ªº¶i¶¥ª©¡CDoS¬O¤@ºØ´c·Nªº§ðÀ»¤âªk¡A§ðÀ»ªÌ·|¨Ï¥Î¦hºØ¤è¦¡¹ï¥Ø¼Ð¶Ç°e¤j¶qªº«Ê¥]¡A¨Ãn¨D¥Ø¼Ð¶Ç°e¦^ÂаT®§¡AÅý¥Ø¼Ðªººô¸ôÀW¼e¾Ö¶ë©Î¬O¨t²Î¸ê·½¯ÓºÉ¡A³y¦¨¥Ø¼ÐµLªk´£¨ÑªA°Èµ¹»Ýnªº¨Ï¥ÎªÌ¡C
¥HDoS§ðÀ»¬°°ò¦¡ADDoS§ðÀ»¬O§Q¥Î¨ä¼Æ¶qÃe¤jªºíL«Í¹q¸£©Ò«Ø¥ßªºíL«Íºô¸ô¨Óµo°Ê¤j³W¼Ò§ðÀ»¡A¦¹ºØ§ðÀ»¥i¥HÅý¥Ø¼ÐªºªA°È¼È®ÉµLªk´£¨Ñ¡C¦³¤ß¤H¤h§Q¥Î³oºØ¤è¦¡¶i¦æ´c·Nªº°Ó·~¬¡°Ê©Î¬Fªv¦æ¬°¡A¨Ò¦p§ðÀ»°Ó·~¤WªºÄvª§¹ï¤â¡BÅõºÈ§ë²¼ºô¶µ¥¡C
«Øij±¹¬I
1. ÁʶRª«Ápºô¸Ë¸m®É¡A»Ý½T»{¸Ë¸m¯àקï±b¸¹±K½X¡F¨Ï¥Î«e¡Aקïì¸Ë¸mªº¹w³]±b¸¹±K½X¡A«Ø¥ß±j°·ªº±K½X(^¤å¤j¤p¼g¡B¼Æ¦r²Å¸¹²V¥Î)¡C
2. ª«Ápºô¸Ë¸mªº³nÅ骩¥»»Ý©w´Á§ó·s¡A¥H¨¾¤î¦³¤ß¤H¤h§Q¥Îº|¬}¨ú±o¸Ë¸m¨Ï¥ÎÅv¡C
3. ½ÐÃö³¬ª«Ápºô¸Ë¸m¥¼¨Ï¥ÎªºªA°È(¨Ò¦p»·ºÝ¦s¨ú¥\¯à)¡C
°Ñ¦Ò¸ê®Æ
1. ³¯¾å²ú¡C2016-11-30¡C40¸U¸Ë¸mªºMiraiíL«Í¤jx³ºµM¤Wºô¤½¶}¥X¯²¡CiThome¡Cºô§}¡Ghttp://www.ithome.com.tw/news/109941¡C
2. Mirai(´c·N³nÅé)¤¶²Ð¡Cºû°ò¦Ê¬ì¡Cºô§}¡Ghttps://zh.wikipedia.org/wiki/Mirai_(%E6%81%B6%E6%84%8F%E8%BD%AF%E4%BB%B6)¡C
3. Symantec Security Response¡C2016-10-27¡CMirai: what you need to know about the botnet behind recent major DDoS attacks¡Cºô§}¡Ghttps://www.symantec.com/connect/blogs/mirai-what-you-need-know-about-botnet-behind-recent-major-ddos-attacks¡C
4. §õ¬ü¶²¡C2016-02-18¡CWordPress Pingback DDoS§ðÀ»¤ÀªR¡Cºô§}¡Ghttp://cert.ntu.edu.tw/Document/TechDoc/Analysis_of_WordPress_Pingback_DDoS_Attack.pdf¡C
5. TREND LABSÁͶլì§Þ¥þ²y§Þ³N¤ä´©»P¬ãµo¤¤¤ß¡C2014-09-15¡C¡mIoTª«Ápºô¦w¥þÁͶաn±ÄÁÊ´¼¼z«¬¸Ë¸m¸Óª`·N¨Ç¤°»ò¡Hºô§}¡Ghttps://blog.trendmicro.com.tw/?p=9617
6. ª«Ápºô©w¸q¡Cºû°ò¦Ê¬ì¡Cºô§}¡Ghttps://zh.wikipedia.org/wiki/%E7%89%A9%E8%81%94%E7%BD%91
¹Ï¤ù¨Ó·½
1. Mirai¥Xɪº¼s§i¡A¨Ó·½ºô§}¡Ghttps://www.bleepingcomputer.com/news/security/you-can-now-rent-a-mirai-botnet-of-400-000-bots/¡C
PÁÂ
·PÁÂ¥_°ÏASOCºû¹B¹Î¶¤´£¨Ñ§Þ³N¸ê°T