-----BEGIN PGP SIGNED MESSAGE----- ====================================================================== JPCERT-PR-2005-0001 JPCERT/CC JPCERT/CC $B3hF035MW(B [ 2004$BG/(B10$B7n(B1$BF|(B $B!A(B 2004$BG/(B12$B7n(B31$BF|(B ] $BH/9TF|(B: 2005-01-25 ====================================================================== $B!x(B1. $B%$%s%7%G%s%HJs9p(B 2004$BG/(B10$B7n(B1$BF|$+$i(B2004$BG/(B12$B7n(B31$BF|$^$G$N4V$K(B JPCERT/CC $B$,$C$F!"(B $Be$N4|4V$KEO$k%"%/%;%9$NMWLs%l%]!<%H$b4^$^$l$k$?$a!"%"%/%;(B $B%9$N2s?t$HJs9p7o?t$b0lHL$KBP1~$7$^$;$s!#$^$?!"Js9p85$K$O!"9qFb30(B $B$N%5%$%H$,4^$^$l$^$9!#(B I. $B%$%s%7%G%s%HJs9p$NAw?.85$K$h$kJ,N`(B JPCERT/CC $B$,IT?3$J%"%/%;%9(B (scan) JPCERT/CC $B$G$O!"[email protected]$7$?%"%?%C%/$d!"%3%s%T%e!<%?(B/$B%5!<%S%9(B/$B$NIT?3$J%"%/%;%9Ey!"%7%9%F%`$N%"%/%;%9(B $B8"$K$*$$$F1F6A$,@8$8$J$$!"$^$?$O!"L5;k$G$-$k%"%/%;%9$K$D$$$F(B 1864$B7o$N(B $BJs9p$re$NH$/$@$5$$!#(B 445 (microsoft-ds) 1156$B7o(B (*1) 135 (epmap) 664$B7o(B (*1) 80 (http) 382$B7o(B (*1) 1023 215$B7o(B (*1) 139 (netbios-ssn) 150$B7o(B (*1) 22 (ssh) 99$B7o(B 1433 (ms-sql-s) 95$B7o(B (*1) 1434 89$B7o(B 4899 79$B7o(B 6129 68$B7o(B (*2) 9898 (monkeycom) 42$B7o(B 23 (telnet) 37$B7o(B 5554 (sgi-esphttp) 31$B7o(B (*1) 21 (ftp) 28$B7o(B 901 (swat) 15$B7o(B $BAm9gE*$J%W%m!<%V!"%9%-%c%s(B 157$B7o(B (*3) (*1) $B%o!<%`$K$h$k46@w$N;n$_$d%o!<%`$J$I$K$h$C$F@_CV$5$l$?%P%C%/%I%"(B $B$+$i$N?/F~$N;n$_$H;W$o$l$k%"%/%;%9$,Js9p$5$l$F$$$^$9!#;29MJ88%(B [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28] $B$r$4;2>H$/$@$5$$!#(B $B$^$?!"0J2<$N(B URL $B$b$4;2>H$/$@$5$$!#(B phpBB $B$N@HH$/$@$5$$!#(B (*3) $BAm9gE*$J%W%m!<%V%9%-%c%s$H$O!"F10lH/?.85$+$i$NJ#?t%]!<%H$KBP$9(B $B$k%9%-%c%s$J$I!"$$$/$D$+$N%W%m!<%V%9%-%c%s>pJs$r$^$H$a$F$4Js9p(B $B$$$?$@$$$?$b$N$G$9!#(B (2) $BAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[Aw(B (forged) JPCERT/CC $B$G$O!":9=P?M%"%I%l%9$J$I$NAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$N(B $BG[Aw$K$D$$$F(B 2$B7o$NJs9p$r>N$7$F!"%a!<%k$NCf7Q$K$O4XM?$7$F$$$J$$Bh;0(B $B$N%5%$%H$X$N%a!<%kG[Aw$,9T$J$o$l$F$$$^$9!#$3$N7k2L!"B?NL$N%(%i!<%a!<%k(B $B$,:n@.$5$l!"7W;;5!;q8;$d%M%C%H%o!<%/NN0h$,>CHq$5$l$k2DG=@-$,$"$j$^$9!#(B $B$^$?!":9=P?M%"%I%l%9$r:>>N$5$l$?>l9g!"$3$l$i$N%a!<%k$NH/?.85$G$"$k$H(B $B$$$&5?$$$r$b$?$l$k2DG=@-$,$"$j$^$9!#Aw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[(B $BAw$K$D$$$F$O;29MJ88%(B [20] [22] [29] $B$r$4;2>H$/$@$5$$!#(B (3) $B%7%9%F%`$X$N?/F~(B (intrusion) JPCERT/CC $B$G$O!"4IM}l9g$r4^$`%7%9%F%`$X$N?/(B $BF~$K$D$$$F(B 1$B7o$NJs9p$rl9g$NBP1~$K$D$$$F$O!"0J2<$N(B URL $B$G8x3+$7$F$$$kJ8=q!V%3(B $B%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~!W$N(B V. $B$*$h$S(B VI. $B$r;2>H$7(B $B$F$/$@$5$$!#(B $B%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~(B http://www.jpcert.or.jp/ed/2002/ed020002.txt $B:#2sR2p$7$^$9!#(B - $B%7%9%F%`$N2~$6$s(B ($B%U%!%$%k$NCV$-49$(!"%m%0$N>C5n!"(BWeb$B%Z!<%8$N2~(B $B$6$s$J$I(B) - $B%5!<%P%W%m%0%i%`$N%$%s%9%H!<%k(B ($B%P%C%/%I%"$N@_CV$J$I(B) - $BEpD0%W%m%0%i%`$N%$%s%9%H!<%k(B ($B%-!<%m%,!<$N@_CV$J$I(B) (*4) (*4) $B0J2<$N(B URL $B$r$4;2>H$/$@$5$$!#(B $B%-!<%\!<%IF~NO$J$I$r5-O?$730It$KAw?.$9$k%W%m%0%i%`$K4X$9$kCm0U4-5/(B http://www.jpcert.or.jp/at/2004/at040008.txt (4) Web $B56Au:>5=(B (phishing) JPCERT/CC $B$G$O!"6d9T$J$I$N%5%$%H$G$"$k$H:>>N$7$F!"(BWeb $B$N%U%)!<%`$J$I(B $B$+$iF~NO$5$l$?8}:BHV9f$d%-%c%C%7%e%+!<%I$N0E>ZHV9f$H$$$C$?8D?M>pJs$rEp(B $B$_5=$K$D$$$F(B 18$B7o$NJs9p$r5=$KMQ$$$k(B Web $B%5%$%H$N9=C[$rL\E*$H$7$F!"%7%9%F%`$X$N?/F~(B $B$,9T$o$l$k$3$H$,$"$j$^$9!#%7%9%F%`$,(B Web $B56Au:>5=$KMQ$$$i$l$?>l9g$NBP(B $B1~$K$D$$$F$O!"0J2<$N(B URL $B$G8x3+$7$F$$$kJ8=q!V%3%s%T%e!<%?%;%-%e%j%F%#(B $B%$%s%7%G%s%H$X$NBP1~!W$N(B V. $B$*$h$S(B VI. $B$r;2>H$7$F$/$@$5$$!#(B $B%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~(B http://www.jpcert.or.jp/ed/2002/ed020002.txt (5) $B$=$NB>(B (other) JPCERT/CC $B$G$O!">e5-(B (1) $B$+$i(B (4) $B$K4^$^$l$J$$%$%s%7%G%s%H(B ($B%3%s%T%e!<(B $B%?%&%#%k%9$d(B SPAM $B%a!<%k$N$K4X$9$kLd$$9g$o$;$J$I(B) $B$K$D$$$F(B 19$B7o$NJs9p$re(B (1) $B$+$i(B (5) $B$r$^$H$a$?$b$N$,!"0J2<$NI=$G$9!#(B scan forged intrusion phishing other Total ----------------------------------------------------------------- 10$B7n(B 461 0 0 4 5 470 11$B7n(B 910 1 1 7 8 927 12$B7n(B 493 1 0 7 6 507 ----------------------------------------------------------------- 1864 2 1 18 19 1904 scan : $B%W%m!<%V!"%9%-%c%s!"$=$NB>IT?3$J%"%/%;%9(B forged : $BAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[Aw(B intrusion : $B%7%9%F%`$X$N?/F~(B phishing : $BG'>Z>pJsEy$NIT@5(B $B!x(B2. $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`(B (ISDAS) $B1?MQ(B http://www.jpcert.or.jp/isdas/ $B%$%s%?!<%M%C%H>e$K@_CV$7$?J#?t$N%;%s%5!<$+$iF@$i$l$k>pJs$r2r@O$9$k$H(B $B$H$b$K!"@$$NCf$KN.I[$9$k%;%-%e%j%F%#@HpJs$J$I$r$"$o$;$FAm9gE*$KI>(B $B2A$7$?>e$G!"%;%-%e%j%F%#M=KI4QB,$K4X$9$k>pJs$rDs6!$9$k%5!<%S%9$r9T$J$C(B $B$F$$$^$9!#(B I. $B%]!<%H%9%-%c%s3567(B $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N4QB,7k2L$O%9%-%c%s?d0\$rI=$9%0%i%U$H(B $B$7$F(B JPCERT/CC $B$N(B Web $B%Z!<%8$rDL$8$F8x3+$7$F$$$^$9!#$3$N%0%i%U$G$O!"08(B $B@h%]!<%HJL$K=87W$7$?%9%-%c%s%m%0$NAm7W$r%;%s%5!<$NBf?t$G3d$C$?CM!"$9$J(B $B$o$A%;%s%5!<0lBf$"$?$j$NJ?6QCM$rMQ$$$F$$$^$9!#$3$l$O%;%s%5!<$NBf?t$,JQ(B $B2=$9$k$3$H$K$h$k%9%-%c%s?t$X$N1F6A$r>.$5$/$9$k$?$a$N9)IW$G$9!#%0%i%U$N(B $BFI$_$+$?$K$D$$$F$O0J2<$N(B URL $B$b$4;2>H$/$@$5$$!#(B JPCERT/CC$B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N@bL@(B http://www.jpcert.or.jp/isdas/readme.html 2004$BG/(B10$B7n(B1$BF|$+$i(B2004$BG/(B12$B7n(B31$BF|$^$G$N4V$K(B ISDAS $B$G4QB,$5$l$?%9%-%c%s(B $B%m%0$K$D$$$F!">e0L(B1$B0L$+$i(B5$B0L$^$G$N08@h%]!<%H$K4X$9$k%;%s%5!<0lBf$"$?$j(B $B$NJ?6QCM$N?d0\$r0J2<$N%0%i%U$K<($7$^$9!#(B - $B%]!<%H%9%-%c%s(B top1-5 $B%0%i%U(B http://www.jpcert.or.jp/isdas/2004/2004q4top1-5.png $B$^$?!"$h$jD94|4V$N%9%-%c%s?d0\$rI=$9%0%i%U$H$7$F!"(B2004$BG/(B1$B7n(B1$BF|$+$i(B 2004$BG/(B12$B7n(B31$BF|$^$G$N4|4V$K$*$1$k!">e0L(B1$B0L$+$i(B5$B0L$^$G$N08@h%]!<%H$K4X$9(B $B$k%;%s%5!<0lBf$"$?$j$NJ?6QCM$N?d0\$r0J2<$N%0%i%U$K<($7$^$9!#(B - $B%]!<%H%9%-%c%s(B top1-5 $B%0%i%U(B http://www.jpcert.or.jp/isdas/2004/2004top1-5.png II. $B$*$b$J%$%s%7%G%s%H$K$*$1$k4QB,>u67(B $B9-HO0O$K1F6A$9$k82Cx$J%$%s%7%G%s%H$O$"$j$^$;$s$G$7$?!#$?$@$7(BISDAS $B%7(B $B%9%F%`$G$O0MA3$H$7$F%o!<%`Ey$,860x$H9M$($i$l$kB??t$N%9%-%c%s$r4QB,$7B3(B $B$1$F$*$j!"Dj>oE*$JCm0U$HKI1R$,I,MW$G$9!#(B III. $B$=$NB>(B (1) $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`4QB,%G!<%?$r(B CSV $B7A<0$GDs6!3+;O(B 2004$BG/(B12$B7n(B1$BF|$h$j%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`4QB,%G!<%?$r(B CSV $B7A<0(B $B$GDs6!$r3+;O$7$^$7$?!#(B $B>\:Y$K$D$$$F$O%W%l%9H/I=;qNA$r$4;2>H2<$5$$!#:#(B $B2s$N%G!<%?Ds6!$O!"4QB,7k2L$NJ,@O$J$I$N8&5fL\E*$GMxMQ$7$F$$$?$@$/$3$H$r(B $BA[Dj$7$F$$$^$9!#(B - $BDs6!%G!<%?$N@bL@(B http://www.jpcert.or.jp/isdas/data/ - $B%$%s%?!<%M%C%HDjE@4QB,%G!<%?;HMQ>e$NCm0U(B http://www.jpcert.or.jp/isdas/data/agreement.html ($B%W%l%9H/I=;qNA(B) $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`4QB,%G!<%?$r(B CSV $B7A<0$GDs6!3+;O(B http://www.jpcert.or.jp/press/2004/1201.txt (2) eCSIRT.net IDS $B%M%C%H%o!<%/$X$N6(NO(B JPCERT/CC $B$G$O!"%h!<%m%C%Q$N(B CSIRT $B%3%_%e%K%F%#(B TF-CSIRT $B$G9T$J$o$l(B $B$F$$$k(B IDS $B%M%C%H%o!<%/$X$N5;=Q6(NO$r$7$F$$$^$9!#>\:Y$K$D$$$F$O;29MJ8(B $B8%(B [30] [31] $B$r$4;2>H$/$@$5$$!#(B $B!x(B3. $B@HpJsN.DL(B http://www.jpcert.or.jp/vh/ I. $B%3!<%G%#%M!<%7%g%s$*$h$S8x3+$7$?@HpJs(B 2004$BG/(B10$B7n(B1$BF|$+$i(B2004$BG/(B12$B7n(B31$BF|$^$G$N4V$K!"(BJPCERT/CC $B$,F|K\9qFb$N@=(B $BIJ3+H/pJs$O(B 23$B7o$G$9!#(B $B$3$N$&$A!"7P:Q;:6H>J9p<(!V%=%U%H%&%'%"Ey@HpJs$C(B $B$F!"FHN)9T@/K!?M>pJs=hM}?d?J5!9=(B (IPA) $B$KJs9p$5$l!"8x3+$5$l$?@Hp(B $BJs$O(B 8$B7o$G$9!#(B JVN#B4BE09A4: Shuriken Pro3 $B$N(BS/MIME$B5!G=$G=pL>8!>Z;~$K>ZL@=q$N??@5@-$,3NG'$5$l$J$$(B JVN#904429FE: Namazu $B$K$*$1$k%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H8!>Z;~$K(BFrom$B%"%I%l%9$,3NG'$5$l$J$$(B JVN#7C9208F1: Becky! Internet Mail $B$K$*$1$k(BS/MIME $B$N=pL>8!>Z$K@H8!>Z$K@HuBV$K$h$k%j%=!<%9>CHq(B JVN#E7DDE712: $BElZ$J$7$G%"%/%;%92DG=(B JVN#89DE2014: desknet's $B$K@HpJs$rDI2C(B) $B$^$?!";D$j$N(B 15$B7o$O3$30(B CSIRT $B$H$N%Q!<%H%J!<%7%C%W$K4p$E$-!"(B JPCERT/CC $B$,F|K\9qFb$N%Y%s%@$H$N%3!<%G%#%M!<%7%g%s$r9T$$$^$7$?!#(B JVNVU#226184: Samba $B$K@0?t%*!<%P!<%U%m!<$N@HZ>pJs$,J?J8$GJ]B8$5$l$k2DG=@-(B JVNVU#555304: LibTIFF$B$K(BDoS$B967b$rpJs$,%m%0%U%!%$%k$KJ?J8$GJ]B8$5$l$k(B JVNVU#457622: Samba QFILEPATHINFO $B=hM}$K%P%C%U%!%*!<%P!<%U%m!<(B JVNVU#725401: Striker $B%F%9%H%D!<%k$K$D$$$F(B JVNVU#541574: freeRADIUS $B%5!<%P$K%5!<%S%91?MQK832$rH<$&@HpJs(B II. $B3$30(B CSIRT $B$H$N@HpJsN.DL6(NOBN@)$N9=C[!"9q:]E*$J3hF0(B JPCERT/CC $B$G$O!"9q:]E*$JOHAH$_$K$*$1$k@HpJs$N1_3j$JN.DL$N$?$a!"(B $B3$30$N(B CSIRT $B$N6(NO4X78$r9=C[!"6/2=$7$F$$$^$9!#6qBNE*$K$O!"Js9p$5$l$?(B $B@HpJs$N6&M-!"%Y%s%@$X$NDLCN$N6&F1%*%Z%l!<%7%g%s!"8x3+F|$ND4@0!"3F(B $B9q%Y%s%@>pJsEy8x3+>pJs$N6&M-$r9T$C$F$$$^$9!#$^$?!">pJsN.DL$r8zN(2=$9$k(B $B$?$a$N6&DL%,%$%I%i%$%s$d%7%9%F%`9=C[!"%G!<%?8r49%U%)!<%^%C%H!"%"%I%P%$(B $B%6%j$NI8=`%U%)!<%^%C%H$N:vDjEy$r6&F1$G?J$a$F$$$^$9!#(B $B\:Y$K(B $B$D$$$F$O;29MJ88%(B [32] [33] $B$r$4;2>H$/$@$5$$!#$^$?0J2<$N(B URL $B$b$4;2>H$/(B $B$@$5$$!#(B $B@HpJs%3!<%G%#%M!<%7%g%s35MW(B http://www.jpcert.or.jp/vh/ III. $BF|K\9qFb$N@HpJsN.DLBN@)$N@0Hw(B JPCERT/CC $B$G$O!"7P:Q;:6H>J9p<(!V%=%U%H%&%'%"Ey@HpJs$C$F!"F|K\9qFb$N@HpJsN.DLBN@)$r@0Hw$7$F$$$^$9!#(B $BK\4p=`$K$D$$$F$O;29MJ88%(B [34] $B$r$4;2>H$/$@$5$$!#$^$?0J2<$N(B URL $B$b$4;2(B $B>H$/$@$5$$!#(B $B@HpJs%3!<%G%#%M!<%7%g%s35MW(B http://www.jpcert.or.jp/vh/ $B!V>pJs%;%-%e%j%F%#Aa4|7Y2|%Q!<%H%J!<%7%C%W!W$N1?MQ$r3+;O(B http://www.jpcert.or.jp/press/2004/0708.txt $B>pJs%;%-%e%j%F%#Aa4|7Y2|%Q!<%H%J!<%7%C%W%,%$%I%i%$%s(B http://www.jpcert.or.jp/vh/partnership_guide.pdf JPCERT/CC $B@HpJspJs=hM}?d?J5!9=(B (IPA) $B$H$NO"7H(B $BK\4p=`$G$O!"pJs8r49$r9T$C$F$$$^$9!#$^$?!"(B $B@HZ%D!<%k$K4X$7$F$b(B IPA $B$H$NO"7H$N$b$HJ,@O$r9T$C$F$$$^$9!#(BIPA $B$N>\:Y$K$D$$$F$O;29MJ88%(B [35] [36] $B$r$4;2>H$/$@$5$$!#(B (2) $BF|K\9qFb%Y%s%@$H$NO"7H(B $BK\4p=`$G$O!"(BJPCERT/CC $B$,@HpJs$rDs6!$9$k@h$H$7$FF|K\9qFb$N%Y%s%@(B $B%j%9%H(B($B@=IJ3+H/pJs$r@0Hw$7$F$$$^$9!#0J(B $B2<$N(B URL $B$r$4;2>H$/$@$5$$!#(B JPCERT $B%3!<%G%#%M!<%7%g%s%;%s%?!<@=IJ3+H/pJs$K4X$7$FF|K\9qFb$N@=IJ3+H/u67(B $B$r8x3+$9$k%5%$%H$G$9!#$3$l$i$N@HpJs$K$O!"K\OHAH$_$K;22C$7$F$$$kF|(B $BK\9qFb$N@=IJ3+H/u67$b4^$^$l$F$*$j$^$9!#(BJVN $B$K$D$$$F$O0J2<$N(B URL $B$r$4;2>H$/$@$5$$!#(B JP Vendor Status Notes (JVN) http://jvn.jp/ JVN $B$G$O>e5-!V(BI. $B%3!<%G%#%M!<%7%g%s$*$h$S8x3+$7$?@HpJs!W0J30$K(B 7$B7o$N@HpJs$r8x3+$7$F$$$^$9!#(B JVNTA04-356A: phpBB$B$K$*$1$k(Bhighlight$B%Q%i%a!<%?$N@H]$H$9$k?/323hF0(B JVNTA04-336A: Microsoft Internet Explorer HTML Elements $B$N@H4|$N3hF035MW$G$9!#>\(B $B:Y$O0J2<$NDL$j$G$9!#(B I. $BCm0U4-5/(B 1$B7o(B http://www.jpcert.or.jp/at/ 2004-12-22 phpBB $B$N@HpJs$N9`L\?t$O!"9g7W$7$F(B 63$B7o$G$9!#$=$N$&$A(B 12$B7o$O!"(B2004-04-07$B9f$h$j7G:\$7$F$$$k!V:#=5$N0l8}%a(B $B%b!W$N%3!<%J!<$G>pJs$7$?>pJs$G$9!#(B III. $B3hF035MW(B 1$B7o(B http://www.jpcert.or.jp/pr/ 2004-10-18 JPCERT/CC $B3hF035MW(B [ 2004$BG/(B7$B7n(B1$BF|(B $B!A(B 2004$BG/(B9$B7n(B30$BF|(B ] $B!x(B5. $B$=$NB>$N3hF0(B 2004$BG/(B10$B7n(B1$BF|$+$i(B2004$BG/(B12$B7n(B31$BF|$^$G$N4V$K(B JPCERT/CC $B$,e5-(B $B!x(B1.$B!A(B4. $B0J30$N3hF0$O0J2<$NDL$j$G$9!#(B I. JPNIC$B!&(BJPCERT/CC $B%;%-%e%j%F%#%;%_%J!<(B 2004 http://www.jpcert.or.jp/press/2004/0721.txt $B\:Y$O;29MJ8(B $B8%(B [37] [38] $B$r$4;2>H$/$@$5$$!#(B II. APCERT $B;vL36I1?1D(B http://www.jpcert.or.jp/english/secretariat.html $B%"%8%"B@J?MNCO0h$N(B CSIRT $B$N=8$^$j$G$"$k!"(BAPCERT (Asia Pacific Computer Emergency Response Team) $B$N;vL36I$rC4Ev$7$F$$$^$9!#>\:Y$O;29M(B $BJ88%(B [39] $B$r$4;2>H$/$@$5$$!#(B III. FIRST $B%l%W%j%+%5!<%P$N1?MQ(B FIRST (Forum of Incident Response and Security Teams) $B$N(B Web $B%5!<%P(B www.first.org $B$N%l%W%j%+%5!<%P(B ($B%_%i!<%5!<%P(B) $B$r1?MQ$7!"(BFIRST $B$N3hF0$K(B $B9W8%$7$F$$$^$9!#(BFIRST $B$N>\:Y$K$D$$$F$O;29MJ88%(B [40] $B$r$4;2>H$/$@$5$$!#(B IV. FIRST Sponsorship $B9qFb$N(B CSIRT $B$N(B FIRST $B$X$N2CLA$r;Y1g$7$^$7$?!#(BFIRST $B2CLA%A!<%`$K$D$$(B $B$F$O;29MJ88%(B [41] $B$r$4;2>H$/$@$5$$!#(B __________ Appendix. $B;29MJ88%(B [1] IN-98.02: New Tools Used For Widespread Scans http://www.cert.org/incident_notes/IN-98.02.html [2] IN-98.04: Advanced Scanning http://www.cert.org/incident_notes/IN-98.04.html [3] IN-98.05: Probes with Spoofed IP Addresses http://www.cert.org/incident_notes/IN-98-05.html [4] IN-98.06: Automated Scanning and Exploitation http://www.cert.org/incident_notes/IN-98-06.html [5] IN-99-01: "sscan" Scanning Tool http://www.cert.org/incident_notes/IN-99-01.html [6] Packet Filtering for Firewall Systems http://www.cert.org/tech_tips/packet_filtering.html [7] CA-2001-19 "Code Red" Worm Exploiting Buffer Overflow in IIS Indexing Service DLL http://www.cert.org/advisories/CA-2001-19.html [8] CA-2001-26 Nimda Worm http://www.cert.org/advisories/CA-2001-26.html [9] IN-2002-04: Exploitation of Vulnerabilities in Microsoft SQL Server http://www.cert.org/incident_notes/IN-2002-04.html [10] CA-2002-27 Apache/mod_ssl Worm http://www.cert.org/advisories/CA-2002-27.html [11] AL-2002.12 W32/BUGBEAR@MM Virus http://www.auscert.org.au/render.html?it=2447 [12] AU-2002.008 Updated Information Regarding BugBear Virus http://www.auscert.org.au/render.html?it=2452 [13] IN-2002-06: W32/Lioten Malicious Code http://www.cert.org/incident_notes/IN-2002-06.html [14] IN-2003-01: Malicious Code Propagation and Antivirus Software Updates http://www.cert.org/incident_notes/IN-2003-01.html [15] CA-2003-04 MS-SQL Server Worm http://www.cert.org/advisories/CA-2003-04.html [16] CA-2003-08 Increased Activity Targeting Windows Shares http://www.cert.org/advisories/CA-2003-08.html [17] CA-2003-09 Buffer Overflow in Core Microsoft Windows DLL http://www.cert.org/advisories/CA-2003-09.html [18] CA-2003-28 Buffer Overflow in Windows Workstation Service http://www.cert.org/advisories/CA-2003-28.html [19] CERT/CC Current Activity W32/Welchia Worm http://www.cert.org/current/archive/2003/08/18/archive.html#welchia [20] IN-2004-01: W32/Novarg.A Virus http://www.cert.org/incident_notes/IN-2004-01.html [21] TA04-041A: Multiple Vulnerabilities in Microsoft ASN.1 Library http://www.us-cert.gov/cas/techalerts/TA04-041A.html [22] Technical Cyber Security Alert TA04-028A http://www.us-cert.gov/cas/techalerts/TA04-028A.html [23] Sasser $B%o!<%`$K$D$$$F$N$*CN$i$;(B http://www.microsoft.com/japan/security/incident/sasser.mspx [24] Microsoft Windows $B$N%;%-%e%j%F%#=$@5%W%m%0%i%`(B (835732) (MS04-011) http://www.microsoft.com/japan/technet/security/bulletin/MS04-011.asp [25] US-CERT Current Activity: W32/Sasser http://www.us-cert.gov/current/archive/2004/06/24/archive.html#sasser [26] Vulnerability Note VU#909678 http://www.kb.cert.org/vuls/id/909678 [27] US-CERT Current Activity: Santy Worm http://www.us-cert.gov/current/archive/2004/12/21/archive.html#Santy [28] Vulnerability Note VU#497400 http://www.kb.cert.org/vuls/id/497400 [29] Email Bombing and Spamming http://www.cert.org/tech_tips/email_bombing_spamming.html [30] TERENA - TF-CSIRT - Collaboration of Security Incident Response Teams http://www.terena.nl/tech/task-forces/tf-csirt/ [31] The European CSIRT Network http://www.ecsirt.net/ [32] CERT Coordination Center (CERT/CC) http://www.cert.org/ [33] National Infrastructure Security Co-ordination Centre (NISCC) http://www.niscc.gov.uk/ [34] $B@HpJspJs=hM}?d?J5!9=(B http://www.ipa.go.jp/ [36] $B>pJs=hM}?d?J5!9=%;%-%e%j%F%#%;%s%?!<(B $B@HpJs$Ne$G0z$-5/$3$5$l$k$5$^$6$^$J%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H(B $B$K4X$9$k>pJs$,$"$j$^$7$?$i!"([email protected] $B$^$G$4Ds6!$/$@$5$$$^$9$h(B $B$&$*4j$$$7$^$9!#Js9pMM<0$K4X$7$F$O0J2<$N(B URL $B$r$4Mw$/$@$5$$(B http://www.jpcert.or.jp/form/ $BJs9pMM<0$K$45-:\$N$&$(!"(B [email protected] $B$^$G$*Aw$j$/$@$5$$!#(B JPCERT/CC $B$KD:$$$?Js9p$O!"Js9pAH?%Ey$K3+<((B $B$9$k$3$H$O$"$j$^$;$s!#(BJPCERT/CC $B$NAH?%35MW$K$D$-$^$7$F$O!"(B http://www.jpcert.or.jp/ $B$r$4;2>H$/$@$5$$!#(B JPCERT/CC $B$G$O!"%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$K4X$9$k>pJs$r?W(B $BB.$K$4Ds6!$9$k$?$a$K!"%a!<%j%s%0%j%9%H$r3+@_$7$F$$$^$9!#EPO?$NJ}K!Ey!"(B $B>\$7$/$O!"(B http://www.jpcert.or.jp/announce.html $B$r$4;2>H$/$@$5$$!#(B __________ $BCm(B: JPCERT/CC $B$N3hF0$O!"FCDj$N8D?M$dAH?%$NMx1W$rJ]>c$9$k$3$H$rL\E*$H$7(B $B$?$b$N$G$O$"$j$^$;$s!#8DJL$NLdBj$K4X$9$k$*Ld$$9g$o$;Ey$KBP$7$FI,$:$*Ez(B $B$($G$-$k$H$O8B$i$J$$$3$H$r$"$i$+$8$a$4N;>5$/$@$5$$!#$^$?!"K\7o$K4X$9$k(B $B$b$N$b4^$a!"(BJPCERT/CC $B$X$N$*Ld$$9g$o$;Ey$,A}2C$9$k$3$H$,M=A[$5$l$k$?$a!"(B $B$*Ez$($G$-$k>l9g$G$b$42sEz$,CY$l$k2DG=@-$,$"$k$3$H$r2?B4$4>5CN$*$-$/$@(B $B$5$$!#(B $BCm(B: $B$3$NJ8=q$O!"%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$K4X$9$k0lHLE*$J>p(B $BJsDs6!$rL\E*$H$9$k$b$N$G$"$j!"FCDj$N8D?M$dAH?%$KBP$9$k!"8DJL$N%3%s%5%k(B $B%F%#%s%0$rL\E*$H$7$?$b$N$G$O$"$j$^$;$s!#$^$?(B JPCERT/CC $B$O!"$3$NJ8=q$K(B $B5-:\$5$l$?>pJs$NFbMF$,@53N$G$"$k$3$H$KEX$a$F$*$j$^$9$,!"@53N@-$r4^$a0l(B $B@Z$NIJZ$9$k$b$N$G$O$"$j$^$;$s!#$3$NJ8=q$K5-:\$5$l$?(B $B>pJs$K4p$E$$$F!"5.J}$"$k$$$O5.AH?%$,$H$i$l$k9TF0(B / $B$"$k$$$O$H$i$l$J$+$C(B $B$?9TF0$K$h$C$F0z$-5/$3$5$l$k7k2L$KBP$7$F!"(BJPCERT/CC $B$O2?$iJ]>c$rM?$($k(B $B$b$N$G$O$"$j$^$;$s!#(B __________ 2005 (C) JPCERT/CC $B$3$NJ8=q$rE>:\$9$k:]$K$O!"A4J8$rE>:\$7$F$/$@$5$$!#$^$?!":G?7>pJs$K$D(B $B$$$F$O(B JPCERT/CC $B$N(B Web $B%5%$%H(B http://www.jpcert.or.jp/ $B$r;2>H$7$F$/$@$5$$!#(B JPCERT/CC $B$N(B PGP $B8x3+80$O0J2<$N(B URL $B$+$iF~