Author Archives: pchero

The Mammon and the Archer

Posted on by
Reply

 Old Anthony Rockwell had retired. He had made a fortune as owner of Rockwell’s Soap. Now he sat in the library of his New York mansion and looked out the window. He watched his aristocratic neighbor, G. Van Schuylight Suffolk-Jones, walk out to his waiting car. His neighbor always looked over at the big Italian statue of the soap palace’s front, and wrinked his nose in disgust. Anthony grinned.

 “I’ll have my soap palace painted red, white and blue,” hi said. “That will make his aristocratic nose turn up even higher!”

 And them Anthony Rockwell, who didn’t like ringing bells for servants, shouted “Mike!” as loudly as he could. His voice was so loud that it used to peel paint in his Kansas soap factory.

 “Tell me son,” said Anthony to the servant, “to come in here before he leaves the house.”

 When young Richard Rockwell entered the library the old man put down his newspaper. He looked at his son kindly.

 “Richard,” he said, “How much money do you pay for the soap you use?”

 Richard was a little surprised. He had just returned home from university, and he never knew what his father would do next.

 “Six dollars a dozen, I think, dad.”

 “And your clothes?”

 “I suppose about sixty.”

 “You’re a gentleman,” said Anthony firmly. “I’ve heard of some young men spending $24 for a dozen cakes of soap, and more than a hundred for clothes. You’re as rich as any of them. But you are sensible and moderate. Now, I still use old Rockwell’s soap – it’s the purest soap ever made. Whenever you pay more than 10 cents for a cake of soap you buy bad perfume and brand names. If you’re spending 50 cents for a cake of soap, that’s good. For a young man your generation and position. As I said, you’re a gentleman. My money made you one. God, it even nearly made me into a gengleman – I’m nearly as rude and disagreeable as both my fancy neighbors. They can’t sleep at night because I moved in between them.”

 “There are some things money can’t buy,” said young Rockwell, gloomily.

 “Now don’t say that,” said old Anthony, shocked. “I’m up to Y in the encyclopedia looking for something that money can’t buy. Tell me something it won’t buy.”

 “Money won’t make you a member of high circles of society,” said Richard, and he sighed.

 “That’s what I was coming to,” said the old man. “That’s why I asked you to come in. There’s something wrong with you, my boy. Tell me what’s wrong. I’ve noticed you’ve been gloomy for two weeks. Do you need a holiday? You can go to the Bahamas tomorrow.”

 “You’re right, dad. Something’s wrong, but it’s not a holiday I need.”

 “Ah,” said Anthony, “what’s her name?”

 Richard began to walk up and down the library floor.

 “Why don’t you ask her to marry you?” demanded old Anthoy. “You’ve got the movey and the looks and you’re a decent boy. Your hands are clean. You’ve been to university, but she’ll forgive you.:

 “I haven’t had a chance,” said Richard.

 “Just take her for a walk in the park, or walk home from church with her. It’s easy!”

 “You don’t understand the way high sociey works, dad. Every minute of her time is booked for days in advance. I must have that girl, dad. Or this city will become a black swamp for me. But I can’t write to her – I can’t do that.”

 “Come on.” said the old man. “You mean with all of my money, you can’t get an hour or two of a girl’s time for yourself?

 “I’ve waited too long. She’s going to sail for Europe in two days. She’ll stay there for two years. I’ll see her alone tomorrow evening for a few minutes. She’s staying out of town at her aunt’s, but I can’t go there. I’m only allowed to pick her up at Grand Central Station from the 8:30 train. Then we will drive down Broadway at a gallop to Wallack’s Theater. Her mother and family will be waiting for us in the lobby. So I will only have six or eight minutes with her. In this situation what chance would I have to tell my feelings? None. No, dad this is one problem your money won’t solve. You can’t but one minute of time with cash. If we could, rich people would live forever. There’s no hope of talking to Miss Lantry before she sails away to Europe.”

 “All right, Richard, my boy,” said old Anthony, cheerfully. “You may go to your club now. You say that money can’t but time. I guess it’s true that you can’t order eternity wrapped-up and delivered to you home. But always remember to burn incense and pray to the great god Mammon now and again.”

 That night Anthony’s sister, Ellen, came to visit. She began to talk about Richard’s problem.

 “He told me all about it,” said Anthony, yawning. “I told him he was rich and a gentleman. Then he criticized money, and said it couldn’t help. He said the rules of society couldn’t be moved a meter by a team of ten milliionaires.”

 “Oh, anthony,” said Ellen. “I wish you would not think so much of money. Love is more powerful. He should have spoken to her earier. Then she wouldn’t have refused our Richard. But now I fear it’s too late. He won’t have the chance to speak to her. Even all your gold cannot bring happiness to your son.”

 At eight o’clock the next evening, Ellen gave an old gold ring to Richard.

 “Wear it tonight, nephew,” she begged. “Your mother gave it to me. She said it was good luck for love. She asked me to give it to you when you had found the one you loved.”

 Young Rockwell took the ring with great respect. He tried to put it on his little finger, but it would not fit. So he put it in his pocket. And then he phoned for his cab.”

 At the station he found Miss Lantry in the crowd at eight thirty two.

 “We mustn’t keep mother and the others waiting,” she said.

 “To Wallack’s Theater as fast as you can drive!” said Richard.

 They raced up Fory-second Street and down Broadway. At Thirty-fourth Street young Richard ordered the cabman to stop.

 “I’ve dropped a ring,” he apologized, as he climbed out. “It was my mother’s, and I’d hate to lose it. Just wait a minute – I know where it fell.”

 In less than a minute he was back in the cab with the ring.

 But within that minute a car had stopped in front of the cab. The cabman tried to pass to the left, but a heavy express wagon blocked the way. He tried to the right but had to back away from a furniture van. He was stuck in a tangled mess of vehicles and horses.

 “Why don’t you drive on?” said Miss Lantry, impatiently. “We’ll be late.”

 Richard stood up in the cab and looked around. He saw a flood of wagons, trucks, cabs, vans and cars. And more were coming all the time, adding to the noise and confusion. Even the oldest New Yourker had not seen such a terrible traffic jam.

 “I’m very sorry,” said Richard, as he sat down again,  “but it looks like we’re stuck for at least an hour. It was my fault. If I hadn’t dropped this ring we…”

 “Let me see the ring,” said Miss Lantry. “There’s nothing we can do about this traffic. I don’t care. I think the theater is stupid, anyway.”

 At 11 o’clock that night Ellen knocked lightly on Anthony Rockwell’s door.

 “Come in!” shouted Anthony, who was reading a book of pirate stories.

 “They’re engaged, Anthony,” she said softly. “She had promised to marry our Richard. On the way to the theater there was a traffic jam, and it was two hours before their cab could get out of it.”

 “So Anthony, never boast about the power of money again,” she continued. “A little symbol of true love – a ring – was the cause of Richard’s happiness. He dropped it in the street, and got out to find it. And before they could continue they got caught in the traffic jam. He spoke to his love and won her while the cab was stuck. Money is nothing compared to love, Anthony.”

 “All right, sister,” said old Anthony. “I’m glad the boy got what he wanted. Now my pirate is in big truble. His ship is sinking. And I really want to finish this chapter.”

 The story should end here. I wish it would end here. And I’m sure that most readers would like the story to end here. But we must go on to find the truth.

 The next day a person with red hands and a blue polka-dot necktie came to see Anthony Rockwell. His name was Kelly, and he was invited into the library.

 “Well,” said Anthony, reaching for his checkbook. “How much do I owe you?”

 “I paid out $300 of my own money. It cost a little more than I expected. I got the express wagons and cabs for $5 each; but the trucks and two-horses teams cost me $10. The motormen wated $10. The cops cost me the most – $50. But didn’t it work beautifully, Mr. Rockwell? And we had no rehearsal, either! Everyone was on time to a fraction of a second. It was two hours before a snake could get through.”

 “Thirteen hundred dollars – there you are, Kelly,” said Anthony, tearing off a check. “Your thousand and the $300 you put in. You don’t hate money, do you, Keely?”

 “Me?” said Kelly. “No, but I’d like to punch the man who invented poverty.”

 Anthony called to Kelly when he was at the door.

 “You didn’t notice,” he said, “anywhere in the traffic jam, a fat boy without any clothes on shooting arrows with a bow, did you?”

 “No,” said Kelly, scratching his head, “I didn’t. Maybe the cops arrested him before I got there.”

 “I didn’t think the little guy would be there,” chuckled Anthony. “Goodbye, Kelly.”

Ehab Elbalawi…… OMG…

Posted on by
Reply

 어느날…무심코 열어본 g-mail 스팸박스.

 한가지 특이한 메일을 발견했다. 그것은 바로 “GREETINGS” 라는 제목의 영문 이메일이었다.

 얼필봐서는 스팸인것처럼 보였지만… 메일 내용의 처음부분으로 보아 단순한 스팸은 아닌것 같았다. 그래서 호기심에 열어보았다. 내용은 다음과 같다.

From:     Ehab Elbalawi <ehab.elbalawi1@live.co.uk>
Reply-To:     ehab.elbalawi@live.co.uk
To:     undisclosed-recipients : ;
Subject:     GREETINGS
Date:     Wed, 16 Sep 2009 22:23:38 +0300 (Thu, 04:23 KST)

Top of the day,

Goodday to you and your family, i am sorry to disturb you but i felt deeply in
my heart that you are that individual that i have been looking for and 
so i can
contact you for a blessing that you are about to receive and also share with
people that need it, my name is Mr. Ehab Elbalawi a merchant in Dubai, in the
U.A.E. I have been diagnosed with esophageal cancer, which was discovered very
late, due to my laxity in caring for my health. This sickness has defiled all
forms of medicine, and right now I have only a few months to live, 
according to
medical experts. I have since lost my power of speech and can only manage to
write now, as that has been the only way I am able to communicate. I have not
particularly lived my life so well, as I never really cared for anyone (not
even myself) but my business. Though I am very rich, I was never Generous, I
was always hostile to people and only focused on my business as that was the
only thing I cared for. But now I regret all this as I now know that there is
more to life than just wanting to have or make all the money in the world. I
believe when i am given a second chance to come to this world I would live my
life a different way from how i have lived it. Now that i have been called, I
have willed and given most of my property and assets to my immediate and
extended family members as well as a few close friends.

I want the almighty to be merciful to me and accept my soul, so i have decided
to give alms to charity organizations, as I want this to be one of the last
good deeds I do on earth. I want to believe that you will be capable of
handling this task for me. I will wait to hear from you to know if you are
capable of doing this favour for me, You will be bless as you have decided to
do this, I will wait for your urgent response to my mail address:
ehab_elbalawi14@yahoo.com , thank you for deciding to actualize this task for
humanity sake.

Regards,
Ehab Elbalawi.

 아니, 이게 무슨 소리인가… 솔직히, 영어라 이해하기 힘든면이 있었지만 겨우겨우 사전을 살펴보며 대충이나마 메일의 내용을 알 수 있었다.

 내용인즉슨… 죽을 병에 걸린 자신이 그동안의 죄를 뉘우치고 자선사업을 하려는데 도움을 달라는 내용이었다.

 오호… 굉장히 중요한 메일인 것이었다. 이런 메일을 내가 그동안 스팸함에 내버려뒀다니… 솔직히 미안했다.

 냉큼 답장을 적어, 건강의 안녕과 자선사업을 하기로 한 결심에 박수를 보낸다는 내용의 답장을 적어 보냈다..

 그랬더니.. 바로 다음날.. 또 한통의 답신 메일을 받았다. 물론, 스팸함에서..

 내용은 다음과 같았다…

 

보낸사람 Ehab Elbalawi <ehab_elbalawi14@yahoo.com>
받는사람
날짜 2009년 10월 1일오전 12:23
제목 Thanks/Contact My Lawyer
보낸사람 yahoo.com
인증기관 yahoo.com
세부정보 숨기기 0:23 (15시간 전)
Thank
you very much for your mail and your wiliness to help a dying man and
humanity, and i know God has a hand in this, because reading your mail,
it gave me a very big relief, knowing that i have found the right
person that i can Trust to carry out my wishes, and i Pray that God
should give you the strength to carry out this work.
 
My close
family members are however not happy with the way I have disbursed
everything of mine to the motherless babies and the less
privileged.That was why they failed to help me actualize my dream of
supporting charity.  They held for themselves the funds I made
available for charity and went as far as even trying to terminate my
life when the hour (though very short) has not come. All relationship
with me has been severed, and they are of the opinion that the last of
my fortune has been spent.
 
Incidentally, the sum of $10,000,000,00 ten million dollars (United States) lies in a security company in Europe,
and well packaged in a consignment, that is the last I have here on
earth after my medical bills have been estimated and all expenses paid
pending when I shall be no more. These funds I wish to entrust to you,
to help propagate the works of charity where ever your location is. By
so doing, I would need your utmost sincerity and honesty to carry the
venture along successfully.
I need you to get in contact with both my lawyer and the security company in London, and please you must understand that the security company does not know the actual content of the consignment,
which i deposited with them, all they were told is that it contains personal belongings, please take note.
 
I
am sending you their contact details to enable you establish
communication with them, i would also like to inform you of the need to
send the following information’s to my lawyer to enable him prepare the
necessary document; A scanned copy of either your driver’s license or
the first page of your International Passport, Your Full Names, Mailing Address, And Your Full Contact Details:
 
         LAWYER DETAILS:
         Bar. Johnson Watson(Esq.)
         Email:jwatson45_esq@yahoo.co.uk
         esq_watsonj@uk2.net
 
 
              SECURITY COMPANY DETAILS:
              ACCESS SECURITY VAULTS AND SERVICES
              Tel; +447035971580
  Email:access_seccs_vaults@yahoo.co.uk
               access_secc_vaults@yahoo.com
               Contact person: Dr. Cletus Williams (PhD)
               Director of Operations (D.O.P)
               14 York Road, Ilford Essex,
               IG1 3AD London, England.
 
Please
see that you contact them as the beneficiary ASAP, and let them know
that you are the beneficiary of the consignments that is under their
custody and that was deposited with them by Mr Ehab Elbalawi and also
they should let you know what will be required of you in order to
secure the consignments/Funds or get it delivered to you at your
hometown.
 
I
really do not have a long time to stay, as my doctors have notified me,
that i only have a few mouth to spend here on earth, and it will be my
greatest joy to see you make great progress with the security company,
and i also need to release the Unlock Codes to you, in order for you to
be able to gain access to the boxes.
 
Please get back asap.
 
Regards,
Ehab Elbalawi.

 와우!!! 세상에나..!!! 나에게 천만 달러를? 이런 행운이?? 가능한 빨리 변호사와 비밀 회사에 연락을 주라고?? 운전 면허증이나 여권의 첫장만 복사를 하면 되는 것인가..? 헐…천만 달러…라.. 그걸로 뭘하지??? >>ㅑ!!

 ………….. 솔직히…5초쯤 행복했다.;; 5초가 지난뒤에는…에효.. 낚였구나 싶었다.

 너무나 급한 진전… 답장 메일을 보낼때는 정말로 순수한 마음이었는데, 한순간에 뭉개졌다. 돈얘기와 변호사, 보안 회사 얘기만 없었더라면… 끝까지 좋게 생각했을텐데.

 구글에다가 보낸이의 이름을 검색도 안해봤을텐데…에휴..

 짓밟힌 나의 순수함을 돌려줘….T^T

 

4. 어플리케이션 계층 공격과 방어

Posted on by
Reply

 * iptables를 이용한 애플리케이션 계층 문자열 매칭

 모든 IDS가 가지는 가장 중요한 기능 중 하나는 애플리케이션 계층 데이터에서 악의적인 바이트를 암시라는 바이트 나열을 검색하는 것이다. 그러나 일반적으로 애플리케이션의 구조는 네트워크나 전송 계층 프로토콜보다 훨씬 덜 엄격하게 정의되기 때문에 침입 탐지 시스템은 애플리케이션 계층 데이터를 조사할 때 융통성을 가져야 한다.

 네트워크 트래픽에서 애플리케이션 부분 전체에 대해 문자열 매칭을 수행하는 것은 좋은 출발점이며, iptables 의 문자열 매칭 확장이 이를 제공한다.

 – 문자열 매칭 확장의 동작
 다음의 규칙은 TCP 포트 5001에서 대기 중인 Netcat 서버로 문자열 “tester”가 전송될 때 syslog 메시지를 생성하기 위해 iptables LOG 타겟을 사용한다

 #iptables -I INPUT 1 -p tcp –dport 5001 -m string –string “tester” –algo bm -m state –state ESTABLISHED -j LOG –log-prefix “tester”

 # iptables -I INPUT 2 -p tcp –dport 5001 -j ACCEPT

  명령어의 –algo bm 인자에 주목하자. 문자열 매칭 확장은 리눅스 커널의 텍스트 검색 기능 위에서 구현된다. 리눅스 커널의 텍스트 검색 기능은 보이어-무어 문자열 검색 알고리즘(위의 bm)과 크누스-모리스-프랫 문자열 검색 알고리즘(kmp) 등과 같이 다양한 알고리즘을 지원한다.

 * 애플리케이션 계층 공격 정의
 
 애플리케이션 계층 공격은 애플리케이션, 애플리케이션 사용자, 애플리케이션이 관리하는 데이터를 애플리케이션 소유자나 관리자가 허용하는 것 이외의 목적으로 전복하려는 시도로 정의한다.

 애플리케이션 계층 공격은 다음의 세 가지로 분류할 수 있다.

 — 프로그래밍 버그에 대한 공격 : 애플리케이션 개발은 복잡한 과정이며 프로그래밍 오류는 반드시 존재한다. 어떤 경우에는 이런 버그가 네트워크를 통해 원격으로 접근 가능한 심각한 취약점을 유발할 수 있다. 좋은 예로 안전하지 않은 C 라이브러리 함수의 사용으로부터 야기되는 버퍼 오버플로우 취약점, 부적절한 질의를 제대로 제거하지 않고 후단 데이터베이스로 넘기거나(SQL 인젝션 공격으로 이어질 수 있다), 사용자가 입력한 필터링되지 않은 내용을 사이트에 세재하는(크로스 사이트 스크립팅이나 XSS 공격을 야기할 수 있다) 웹서버와 같이 웹 중심 취약점이 있다.

 — 신뢰 관계에 대한 공격 : 어떤 공격은 애플리케이션 프로그래밍 버그 대신 신뢰 관계를 공격한다. 이러한 공격은 애플리케이션 그 자체와의 연동만 고려하면 완전하게 정당한 것처럼 보인다. 하지만 공격은 해당 애플리케이션의 사용자들이 가지는 신뢰를 대상으로 삼는다. 피싱 공격이 대표적이다. 피싱의 목표는 웹 애플리케이션이나 메일 서버가 아니라 피싱 웹사이트나 메일 메시지를 해석하는 사람이다.

 — 자원 소진 : 네트워크나 전송 계층 DoS 공격과 같이 애플리케이션도 때때로 다량의 데이터 입력을 받을 수 있다. 이러한 공격은 모든 사용자가 애플리케이션을 사용할 수 없게 한다.

 * 애플리케이션 계층 악용

 일반적인 네트워크와 전송 계층 프로토콜의 구현이 RFC에 정의된 사항을 거의 따르는 반면 특정 CGI 애플리케이션이 웹서버를 통해 사용자 입력을 처리하는 방법을 제어하거나 애플리케이션이 자동 경계 검사나 메모리 관리를 수행하지 않는 프로그래밍 언어(C 등)로 작성됐는지 제어하는 표준은 없다.

 – 스노트 서명
 애플리케이션 계층 공격을 이해하는 가장 좋은 방법의 하나는 스노트 서명 집합을 살펴보는 것이다. 최근의 스노트 서명은 스노트 소스 코드와 함께 배포되지 않지만 블리딩 스노트(Bleeding Snort) 프로젝트에서 최신 공격에 대한 서명을 스노트 형식으로 생성하고 있다(http://www.bleedingsnort.com 참조)

 – 버퍼 오버플로우 공격
 버퍼 오버플로우 공격은 애플리케이션 소스 코드에서 버퍼에 복사되는 데이터의 양을 충당하기에 버퍼의 크기가 충분하지 않은 부분에서 발생하는 프로그래밍 오류를 이용하는 공격이다. 그러므로 오버플로우라는 용어는 인접한 메모리 위치가 덮어쓰일 때 사용된다. 스택 기반 버퍼 오버플로우의 경우 성공적인 공격은 함수의 복귀 주소(스택에 존재)가 공격자의 코드를 가리키게 덮어 쓴다. 이를 통해 공격자는 그때부터 쭉 프로세스의 실행을 제어할 수 있다. 또 다른 분류의 버퍼 오버플로우 공격은 힙으로부터 동적으로 할당되는 메모리 영역에 적용된다.

 – SQL 인젝션 공격
 SQL 인젝션 공격은 사용자 입력이 데이터베이스 질의에 포함되기 전에 이것이 올바른지 확인하거나 필터링하지 않는 애플리케이션을 공격한다. 영악한 공격자는 새로운 질의를 생성해서 잠재적으로 데이터베이스의 정보를 수정하거나 추출하기 위해 SQL 언어의 충첩(nesting) 기능을 사용할 수 있다. SQL 인젝션 공격의 일반적인 목표는 웹서버를 통해 실행되며, 후단 데이터베이스로의 인터페이스를 제공하는 CGI 애플리케이션이다.

 – 그레이 매터 해킹(Gray Metter Hacking)
 오늘날 인터넷에서 가장 문제가 되는 공격의 일부는 직접 사람들이 사용하는 애플리케이션을 통해서 사람들을 목표로 하는 공격이다. 강력한 시스템, 애플리케이션, 암호화 기법의 취약점을 찾는 것보다 사람을 공격하는 것이 때로는 쉽다.

 — 피싱(Phishing)
 피싱(Phishing)은 사용자가 은행과 같은 온라인 계좌에 대한 인증 정보를 신뢰할 수 없는 곳에 제공하게 속이는 공격이다. 이 공격은 주로 공식적인 것처럼 보이는 메일을 사용자게 전송해서 이뤄지는데, 메일의 내용은 사용자가 온라인 계좌에 접속해서 보안상 “긴급한” 작업(예를 들어 암호 변경)을 수행해야 한다는 것이다. 정상적인 것처럼 보이는 웹 링크가 제공되지만 이는 원래의 웹사이트를 비슷하게 흉내낸 공격자 제어하의 웹사이트로 사용자를 유도하는 교묘한 링크다. 일단 피싱 공격을 당하는 사용자가 사이트에 방문해서 자신의 계정 정보를 입력하는 공격자는 재빨리 계정 정보를 가로챈다.

 — 백도어와 키보드 입력 로깅
 백도어(backdoor)란 공격자는 사용할 수 있지만 정당한 사용자는 사용할 수 없는 기능을 포함하는 실행 파일이다.  예를 들어 Sdbot 트로이목마는 공격자의 명령어 전송을 기자리는 IRC 채널로 연결하기 위해 특정 IRC 클라이언트를 사용해서 백도어를 연다. 하지만 백도어는 어떤 동작도 취하기 전에 공격자가 유효한 암호를 입력하게 만든 프로그램이다. 이는 백도어 통신의 인증 수준을 높여주며, 시스템에 성공적으로 침투한 공격자만이 그 시스템을 제어할 수 있게 해준다.

 * 암호호와 애플리케이션 인코딩

 애플리케이션 계층 공격을 탐지하기 어렵게 만드는 요소로 암호화와 애플리케이션 인코딩 기법의 두 가지를 곱을 수 있다. 암호화는 암호 키가 없는 한 암호를 평문화하는 것이 현실적으로 불가능하게 설계되며, 보통의 IDS, IPS 방화벽 장치는 이러한 키에 접근할 수 없기 때문에 특히 문제가 된다.

 그러나 일부 애플리케이션 계층 공격의 경우에는 성공을 위해 암호화가 필요가 없다. 예를 들어 SSH 서버에 대한 특정 공격을 탐지하는 스노트 서명(“평문 상태”에서 동작해야 함)이 있다. 이러한 서명이 사용되면 스노트는 SSH 암호화 키에 접근하지 않고 페이로드 데이터를 검색한다. 이러한 서명의 존재는 암호화만으로는 완벽한 방어를 할 수 없다는 것을 의미하며, 때때로 공격자는 통상적으로 요구되는 암호화 계층이 어떤 차이도 만들어내지 못하는 애플리케이션 취약점을 공격할 수 있다. 즉, 암호화되지 않은 수단을 통해 접근 가능한 함수 내부에 취약점이 존재할 수도 있다.

 인코딩 기술 역시 IDS가 다루기 어려울 수 있다. 예를 들어 보통 느린 네트워크로 압축하지 않은 데이터를 전송하는 것보다 빠른 CPU로 데이터를 압축하거나 압축 해제하는 것이 빠르기 때문에 많은 웹 브라우저가 네트워크를 통해 전송되는 데이터의 크기를 줄이기 위해 gzip 인코딩을 지원한다. 공격자가 약간의 무작위 데이터를 섞은 후 gzip으로 압축하면 IDS는 공격을 탐지하기 위해 이 데이터가 네트워크로 전송될 때 해당 데이터의 압축을 해제해야 한다. 무작위 데이터는 압축된 공격이 매번 달라 보이게 한다. 이러한 무작위화를 거치지 않으면 IDS는 공격을 식별하기 위해 압축 문자열 자체를 검색할 수 있다. 분주한 네트워크에는 악의적이지 않은 대용량 압축 파일을 다운로드 하는 웹 세션이 매우 많기 때문에 모든 웹 세션을 시시간으로 압축 해제하는 것은 계산상 비현실적이다.

 – IDS가 모든 애플리케이션 인코딩을 디코딩할 수 없는 것은 아니다. 예를 들어 웹 세션에서 URL 인코딩된 데이터는 스노트 서명 언어의 uricontent 키워드를 이용해서 스노트 HTTP 전처리기에 의해 실시간으로 디코딩된다. 이는 URL 인코딩이 16진수 코드와 % 기호를 사용하는 단순한 치환 연산을 통해 수행되기 때문에 가능하다. 예를 들어 A는 %41이 되며, 이는 동일한 방식으로 쉽게 복원할 수 있다. 이러한 인코딩 기법은 많은 계산을 필요로 하지 않는다.

 * 애플리케이션 계층 응답

 기술적으로 애플리케이션 계층 공격에 대한 순수한 애플리케이션 계층 응답은 애플리케이션 계층에 존재하는 구성소만을 포함해야 한다. 예를 들어 사용자가 애플리케이션을 악용하고 있다면 단순히 해당 계정을 비활성해야 되며, 공격자가 웹서버에서 실행되는 CGI 애플리케이션을 통해 SQL 인젝션을 시도한다면 질의를 무시하고 클라이언트로 HTTP 오류 코드를 반환해야 한다. 이러한 응답은 애플리케이션 계층 아래에 존재하는 패킷 헤더 정보의 변경을 필요로 하지 않는다.

 그러나 엄격한 애플리케이션 계층 응답은 방화벽과 네트워크 침입 방지 시스템에 적합하지 않다. 이는 방화벽과 네트워크 침입 방지 시스템이 보통 애플리케이션 자체와 긴밀히 통합돼 있지 않기 때문이다. 더욱이(양방향 통신을 필요로 하는) TCP 세션상에서 특정 IP 주소로부터 매우 악의적인 공격이 발견됐다면 그때부터는 공격자 IP 주소로부터의 모든 통신을 차단하는 것이 좀 더 유용할 수 있다. 이는 애플리케이션 계층 공격에 대한 네트워크 계층 응답이다.

After Twenty Years

Posted on by
Reply

 It was nearly 10 o’clock at night when the policeman strolled up the avenue. Chilly gusts of wind and showers of rain had emptied the streets.

 He made sure that doors were locked, and swung his club as he walked along. Now and then he turned to look down side streets with his watchful eyes. With his powerful build he was a fine protector of the peace. The area was one that closed early. Only a couple of cigar stores and all-night restaurants were open. Most of the doors belonged to business places and had closed long ago.

 Halfway down one of the blocks, the policeman slowed his walk. Inn the doorway of a darkened clothes shop he saw a man. The man leaned against the door with an unlit cigar in his mouth. As the policeman walked up to him the man spoke quickly.

 “It’s all right officer,” he said, “I’m just waiting for a friend. It’s an appointment we made twenty years ago. That sounds a little funny to you, doesn’t it? Well, Id like to explain everything. About twenty years ago this clothes shop used to be a restaurant – ‘Big Joe’ Brady’s restaurant.”

 “It was until five years ago,” said the policeman.

 The man in the doorway struck a match and lit his cigar. The light showed a pale, square-jawed face, with intense eyes. He had a little white scar near his right eyebrow. His tie clip was a large diamond.

 “Twenty years ago tonight,” said the man, “I dined here at ‘Big Joe’ Brady’s with Jimmy Wells, my best friend, and the finest man in the world. We both grew up here in New York, and we were like brothers. I was eighteen and Jimmy was twenty. The next morning I was going out West to make my fortune. But Jimmy wouldn’t come. He thought New York was the only place in the world. Well, we agreed that night to meet here again in exactly twenty years, no matter what we were doing, or how far we had to come. We thought that in twenty years each of us would have chosen our way in life, and made our fortunes, whatever they would be.”

 “It sounds pretty interesting,” said the policeman. “But it seems too long between meetings to me. Haven’t you contacted your friend since you left?”

 “Well, yes, we wrote letters for a while. But after a year or two we lost contact. You see, the West is a big place, and I moved around a lot. But I know Jimmy will meet me here if he’s alive. He was always the most honest and loyal guy in the world. He’ll never forget. I came a thousand miles to stand here tonight. And it will be worth it if Jimmy turns up.”

 The waiting man looked at his watch. It was set with small diamonds.

 “Three minutes to ten,” he said. “It was exactly ten o’clock when we parted at the restaurant door.”

 “You made a lot of money in the West, didn’t you?” said the policeman.

 “Absolutely! I’ll be happy if Jimmy has done half as well as me. He was a great guy, but a little bit slow and careful. I had to compete with the toughest people to make my fortune. A man gets in a routine in New York. If Jimmy had come out West with me he would have learnt a lot.”

 The policeman swung his club around and started to walk away.

 “Gook luck. How long will you wait?”

 “I’ll wait half an hour at least. If Jimmy’s alive on earth he’ll be here. Goodbye, officer.”

 “Goodnight, sir,” said the policeman, continuing his patrol, checking doors as he walked.

 There was now steady, cold drizzle falling. The wind was blowing harder. The few people our walking hurried past silently, with their coat collars turned up, and their hands in their pockets. And in the darkened door of the clothes shop the man who had come a thousand miles to keep a twenty year appointment, smoked a cigar and waited.

 For about twenty minutes he waited. And then a tall man in an overcoat, with the collar turned up to his ears, hurried across the road. He went straight to the waiting man.

 “Is that you, Bob?” he asked, uncertainly.

 “Is that you, Jimmy Wells?” cried the man in the door.

 “My god!” exclaimed the new arrival, taking both the other’s hands in his. “It’s you, Bob! I knew I’d find you here. Well, well, well! Twenty years! It’s a long time, the restaurant’s gone, Bob. I wish we could have had another meal there. What happened to you in the West?”

 “It was great. I got everything I wanted. You’ve changed, Jimmy. You’ve got taller.”

 “Oh! I kept growing after I was twenty.”

 “Are you doing well in New York, Jimmy?”

 “I’m doing pretty well. I have a position in a city department. Come on, Bob, we’ll go to a place I know, and have a good long talk.”

 The two men walked up the street, arm in arm. The man from the West started to tell his story. The other, hidden in his overcoat and hat, listened with interest.

 At the corner stood a cigar shop, bright with electric lights. They both turned to look at the other’s face.

 The man from the West stopped suddenly, and pulled away his arm.

 “You’re not Jimmy Wells,” he said. “Twenty years is a long time, but it doesn’t change a man’s eye color.”

 “It sometimes changes a good man into a bad one,” said the tall man. “You’re under arrest, ‘Silky’ Bob. The Chicago department warned us that you might be coming here. Now, before we go to the station here’s a note I was asked to had you. You may read it here, in the light. It’s from Officer Wells.”

 The man from the West unfolded the little piece of paper. His hand was steady when he began to read, but it trembled a little when he finished. The note was very short.

 Bob: I was there right on time. When you struck the match to light your cigar I saw it was the face of the man wanted in Chicago. Somehow I couldn’t arrest you. So I got someone else to do the job.

 Jimmy.

The Gift of the Magi

Posted on by
Reply

 One dollar and eighty-seven cents. That was all. And sixty cents of it was in pennies. Pennies were saved one and two at a time by bargaining hard with the butcher and the vegetable man. Three times Della counted it. One dollar and eighty-seven cents. And the next day was Christmas.

 There was nothing to do but lie down ot the little old couch and cry. So Della did it. It seems that life is made up of sobs, sniffles and smiles – but mainly sniffles.

 While Della was moving from sobs to sniffles, take a look at the home. A furnished flat that cost $8 a week. It was cheap and it looked cheap.

 In the entrance way below was a broken letter-box, and an electric bell which didn’t work. On the letter-box was a card with the name “Mr.James Dillingham Young.”

 The “Dillingham” had been added to the card when its owner was being paid $30 per week. Now, when the income had decreased to $20, the “Dillingham” looked too fancy, as if it should decrease to a more modest “D.” But whenever Mr James Dillingham Young came home and reached his flat above he was called “Jim” and greatly hugged by his wife, Della. Which is all very good.

 Della finished crying and dried her cheeks. She stood by the window and looked out at a gray cat walking on a gray fence in a gray backyard. Tomorrow would be Christmas Day, and she only had $1.87 with which to buy Jim a present. She had been saving every penny she could for months. Jims salary wasn’t much. And expenses had been greater than she expected. They always are. Only $1.87 to buy a presnt for Jim. Her Jim. She had spent many happy hours planning something nice for him. Something fine and rare and expensive – something that was good enough to be owned by Jim.

 Then Della saw her reflection in the mirror. Her eyes shone, but her face lost all its color. She quickly removed her hair clips and let her hair fall down to its full length.

 Now, there were two things Mr. and Mrs. Young had of which they were both very proud. One was Jims’s gold watch that had been his father’s and his grandfather’s. The other was Della’s hair. So now Della’s beautiful hair hung down, shining. It reached down below her knees and was almost like a coat for her. And then she did it up again nervously and quickly. She paused for a moment and two tears fell on the worn red carpet.

 Then she put one her old brown jacket and her old brown hat, and ran out the door to the street.

 She stopped at a sign that read: “Madam Sofronie. Hair goods of all kinds.” Della ran up the stairs, and stod paning in the shop.

 “Will you buy my hair?” she asked.
 
 “I buy hair,” said Madam. she was large, very white, and unfriendly. “Take your hat off and let me see it.”

 Down came the shining waterfall.

 “Twenty dollars,” said Madam, lifting the heavy hair with her hand.

 “Give it to me quick,” said Della.

 The next two hours flew by as Della happily shopped for Jim’s present. She found it at last. It must have been made for Jim and no one else. There was nothing else like it in any of the stores. It was a platinum watch chain, simple and classic in design. It was worthy of The Watch. As soon as she saw it she knew that it must be Jim’s. It was like him. Quietness and value – the description fitted them both. It coast twenty-one dollars. She hurried home with 87 cents. With that chain on his watch Jim could now look at the time when he was with wealthy people. As grand as the watch was, he sometimes had to secretly look at it because he was embarrassed of the old leather strap he used instead of a chain.

 When Della reached home her happiness gave way a little to caution and reason. She worried about what Jim would think when he saw her hair was gone. She got out her curling irons and began to repair the damage. Within forty minutes her head was covered with tiny curls which made her look like a school girl. She looked at her reflection in the mirror for a long time.

 “I don’t think Jim will kill me,” she said to herself, “but what could I do? Oh! What could I do with a dollar and eighty-seven cents?”

 At 7 o’clock the coffee was made and the frying pan was on the back of the stove hot and ready to cook the sausages.

 Jim was never late. Della held the watch chain in her hand and sat waiting for him. Then she heard him coming up the stairs, and she turned white for a moment. She whispered a little prayer, “Please, God, make him think I am still pretty.”

 The door opened and Jim stepped in and closed it He looked thin and very serious. Poor man, he was only twenty-two – and he had a wife to look after. He needed a new overcoat and was without gloves.

 Jim stopped like a statue. His eyes were fixed on Della. He stared at her. She could not understand his expression, and it terrified her.

 She jumped up and went over to him.

 “Jim, darling,” she cried, “don’t look at me that way. I had my hair cut off and sold it because I couldn’t have lived through Christmas without giving you a present. It’ll grow back. You don’t mind, do you? I just had to do it. My hair grows very fast. Say ‘Merry Christmas!’ Jim, and let’s be happy. You don’t know what a nice – what a beautiful, nice gift I’ve got for you.”

 “You’ve cut off your hair?” Jim asked slowly, as if he couldn’t understand.

 “Cut it off and sold it,” said Della. “Don’t you like me anyway? I’m still me without my hair.”

 Jim looked around the room curiously.

 “You say your hair is gone?” he said, like a small child.

 “You won’t find it here,” said Della. “It’s sold, I tell you. Sold and gone. It’s Christmas Eve, be good to me. I sold it for you. Maybe the hairs on my head were numbered,” she wnet on with a sudden, serious sweetness, “but nobody could erver count my love for you. Shall I put the sausages on, Jim?”

 Jim seemd to wake up. He hugged Della for ten seconds, then he took a package from his overcoat pocket and put it on the table.

 “Don’t worry about me, Dell,” he said. “No haircut, shave or shampoo could ever make me dislike you. But if you’ll unwrap that package you may see why I was shocked for a while.”

 Della opened the package and gave a scream of joy. A seond later she burst into tears, and Jim had to use all his power to comfort her.

 For there lay The Combs – the set of combs that Della had worshipped for months in a big store window. Beautiful combs, pure tortoise shell, with jewelled edges – the perfect color to wear in her beautiful vanished hair. They were expensive combs, she knew. Her heart had desperately wanted them without any hope of having them. And now, they were hers. Bur her hair was gone.

 But she hugged them tightly to her chest. After a while, she looked up with teary eyes and a smile, and said, “My hair grows so fast, Jim!”

 And then Della leapt up like a little burnt cat and cried, “Oh, oh!”

 Jim had not yet seen his beautiful present. She held it out to him. The precious metal seemed to flash with a reflection inviof her bright and passion-ate spirit.

 “Isn’t it lovely, Jim? I hunted all over town to find it. You’ll have to check the time a hundred times a day now. Give me your watch. I want to see how it looks on it.”

 But Jim dropped down on the couch, put his hands behind his head, and smiled.

 “Dell,” he said. “Let’s put our Chistmas presents away for a while. They’re too nice to use right now. I sold the watch to get the money to buy your combs. Now, Let’s have those sausages.”

 The Magi, as you know, were wise men – wonderfully wise men – who brought figts to the Bebe in the manger. They invented the art of giving Christmas presents. Being wise, their gifts must also have been wise. They were expensive and probably came with a recipt, so that the gifts could be exchanged at the market. And here I have told you a story, not very well, about two foolish children in a flat who most unwisely sacrified their most treasured possessions.

 But of all those people who give gifts, these two were the wisest. People like these are the wisest. The are the Magi.