ÇØÅ· ½Ã ¼ºñ½º °ÅºÎ ¹ß»ý¡¦¹æȺ® µî ³×Æ®¿öÅ© Àåºñ ¿µÇâ ¹Þ¾Æ
Çѱ¹Á¤º¸º¸È£ÁøÈï¿ø »êÇÏ ÀÎÅͳÝħÇØ»ç°í´ëÀÀÁö¿ø¼¾ÅÍ(KRCERT)´Â IPSec ISAKMP ÇÁ·ÎÅäÄÝ ±¸Çö»ó¿¡ Ãë¾àÁ¡ÀÌ Á¸ÀçÇß´Ù¸ç 17ÀÏ ÆÐÄ¡¸¦ ±Ç°íÇß´Ù.
KRCERT¿¡ µû¸£¸é IPSEC ISAKMP ÇÁ·ÎÅäÄÝ ±¸Çö»óÀÇ ¿À·ù·Î¼, ¿µÇâ¹Þ´Â Ç÷§Æû¿¡ ¿ø°Ý °ø°ÝÀÚ°¡ ¾ÇÀÇÀûÀ¸·Î Á¶ÀÛµÈ IKE(Internet Key Exchange) ÆÐŶÀ» Àü¼ÛÇÏ¿´À» ¶§ ¼ºñ½º °ÅºÎ°¡ ¹ß»ýÇϰųª, Æ÷¸Ë ½ºÆ®¸µ, ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡ÀÌ ¾Ç¿ëµÉ ¼ö ÀÖ´Ù.
ÇØ´ç Ãë¾àÁ¡Àº PROTOS ÇÁ·ÎÁ§Æ®ÀÇ IPSec Test Suite(ÇÁ·ÎÅäÄÝ º¸¾È Á¡°Ë µµ±¸)¿¡ ÀÇÇØ º¸°íµÇ¾úÀ¸¸ç, Á¦Ç°º° Ãë¾àÁ¡ÀÇ »ó¼¼ ³»¿ëÀº °ø°³µÇÁö ¾Ê¾Ò´Ù.
ÀÌ Ãë¾àÁ¡¿¡ °ø°ÝÀ» ¹ÞÀ¸¸é ¼ºñ½º °ÅºÎ(Denial Of Service) µîÀÌ ¹ß»ýÇÒ ¼ö ÀÖ¾î ÁÖÀÇ°¡ ÇÊ¿äÇÏ´Ù. À̹ø ½Ã½ºÅÛ¿¡ ¿µÇâ¹Þ´Â Ç÷§ÆûÀ¸·Î´Â IETF RFC 2409(IKE) ¸í¼¼¸¦ ÁØ¿ëÇÏ¿© ±¸ÇöµÈ ¹æȺ®(Firewall), ¶ó¿ìÅÍ, VPN µîÀÇ ³×Æ®¿öÅ© Àåºñ°¡ ÀÖ´Ù.
ÇØ°á¹æ¾ÈÀ¸·Î´Â Àӽ÷ΠÆÐŶ ÇÊÅ͸¦ »ç¿ëÇÏ¿© ½Å·ÚÇÒ ¼ö ÀÖ´Â IP ÁּҷκÎÅÍ ¼ö½ÅµÈ ISAKMP ÆÐŶ¸¸ Çã¿ëÇÏ´Â ¹æ¹ýÀÌ ÀÖÀ¸¸ç, ÇØ´ç º¥´õ»çÀÇ ÆÐÄ¡¸¦ Àû¿ëÇÏ´Â ¹æ¹ýÀÌ ÀÖ´Ù.
¡Þº¥´õ»ç¿¡ µû¸¥ ÆÐÄ¡ Àû¿ë ¹æ¹ý
- Cisco Security Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080572f55.shtml
- Sun Solaris
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102040-1
- OpenSwan
http://www.openswan.org/niscc2/
- StoneGate
http://www.stonesoft.com/support/Security_Advisories/7244.html
- Entrust
https://www.entrust.com/trustedcare/troubleshooting/e05-009.htm
- Juniper Security Update : º¥´õ»ç¿¡ Á÷Á¢ ¹®ÀÇ
¡Ø ¿ë¾î Á¤¸®
o IPSec(Internet Protocol Security protocol) : IP ÆÐŶ¿¡ º¸¾ÈÀ» ºÎ¿©Çϱâ À§ÇÑ ÀÏ·ÃÀÇ ÇÁ·ÎÅäÄÝ. µ¥ÀÌÅÍ ¼Û½ÅÀÚÀÇ ÀÎÁõÀ» Çã¿ëÇÏ´Â ÀÎÁõ Çì´õ(AH)¿Í ¼Û½ÅÀÚÀÇ ÀÎÁõ ¹× µ¥ÀÌÅÍ ¾Ïȣȸ¦ ÇÔ²² Áö¿øÇÏ´Â ESP(Encapsulating Security Payload)ÀÇ º¸¾È ¼ºñ½º¸¦ Á¦°øÇÔ
o ISAKMP((Internet Key Exchange) : IPSecÀÇ Å° °ü¸® ¸ÞÄ¿´ÏÁòÀ¸·Î¼ ÀÎÁõ¹æ¹ý, ¾ÏÈ£È ¾Ë°í¸®Áò, ¾ÏÈ£È¿Í ÀÎÁõ¿¡ »ç¿ëµÇ´Â Å°ÀÇ À¯È¿ »ç¿ë±â°£ µî º¸¾È ¼³Á¤ »çÇ×À» Çù»óÇÏ°í »ý¼ºÇÔ. ISAKMP ÇÁ·ÎÅäÄÝ·Î Çù»ó ¿Ï·á ÈÄ IPSec ¿¬°áÀÌ ÀÌ·ç¾îÁü
o PROTOS ÇÁ·ÎÁ§Æ® : Çɶõµå Oulu ´ëÇп¡¼ ÁøÇàÇÏ°í ÀÖÀ¸¸ç, ÇÁ·ÎÅäÄÝ ±¸Çö»óÀÇ º¸¾ÈÃë¾à¼ºÀ» Æò°¡ÇÒ ¼ö ÀÖ´Â ¹æ¹ý·Ð ¹× µµ±¸¸¦ °³¹ßÇÏ´Â ÇÁ·ÎÁ§Æ®. SNMPv1, ISAKMP µîÀÇ º¸¾ÈÁ¡°Ë µµ±¸°¡ °ø°³µÇ¾î ÀÖÀ½
[Á¤ÀçÇü ±âÀÚ(is21@infothe.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com). ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>