From owner-FreeBSD-users-jp@jp.freebsd.org  Fri Aug 18 13:30:58 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id NAA45309;
	Fri, 18 Aug 2000 13:30:58 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from peanuts.li ([133.6.129.94])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id NAA45298
	for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 18 Aug 2000 13:30:58 +0900 (JST)
	(envelope-from nosuzuki@e-mail.ne.jp)
Received: (qmail 33859 invoked from network); 18 Aug 2000 04:30:57 -0000
Received: from localhost (127.0.0.1)
  by localhost with SMTP; 18 Aug 2000 04:30:57 -0000
Date: Fri, 18 Aug 2000 13:30:56 +0900 (JST)
Message-Id: <20000818.133056.74720036.nosuzuki@localhost.peanuts.li>
To: FreeBSD-users-jp@jp.freebsd.org
From: nosuzuki@e-mail.ne.jp (Norio Suzuki)
In-Reply-To: <200008180042.JAA00777@mail.allnet.ne.jp>
References: <200008180042.JAA00777@mail.allnet.ne.jp>
X-Mailer: Mew version 1.95b43 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 54245
Subject: [FreeBSD-users-jp 54245] Re: =?ISO-2022-JP?B?GyRCPVA9ahsoQg==?=
 =?ISO-2022-JP?B?GyRCSVRMQCROGyhC?= udp
 =?ISO-2022-JP?B?GyRCJVElMSVDJUgbKEI=?= (d.o.s.?)
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: nosuzuki@e-mail.ne.jp

$B$3$s$K$A$O!#NkLZ65O:$G$9!#(B

> From: Shigeru Mabuchi <mab@allnet.ne.jp>
> Date: Fri, 18 Aug 2000 09:42:19 +0900 (JST)
>> Message-ID: <200008180042.JAA00777@mail.allnet.ne.jp>

> OS $B$O(B FreeBSD 3.1 Release $B$G$9$,!"$=$N$H$-$N(B netstat $B$r(B
> $B$_$k$H!"<!$N$h$&$KI,$:BgNL$N(B udp $B%Q%1%C%H$,<u?.$5$l$^$9!#(B

$B$3$NLdBj$,(B DoS $B967b$K$h$k$b$N$+$I$&$+$O!"J,$+$j$^$;$s!#$?$@!"(Bnetstat 
$B$N=PNO$r$_$k$H(B DNS(Domain Name Server) $B$K4X78$,$"$k$N$G$J$$$+$H;W$$$^(B
$B$9!#(B

> Active Internet connections
> Proto Recv-Q Send-Q  Local Address          Foreign Address   (state)
> tcp        0      0  localhost.domain       *.*                LISTEN
> tcp        0      0  ns.domain              *.*                LISTEN
> udp    41496      0  localhost.domain       *.*  <--- $B$3$3(B
> udp        0      0  ns.domain              *.*

TCP $B$H(B UDP $B$N(B domain port $B$K8}$r3+$1$F$$$k$H$3$m$+$iH=CG$7$^$7$?!#(B

$B$b$7(B DNS $B$,F0$$$F$$$k$N$G$"$l$P!"$3$N%5!<%P$,Aw$i$l$F$-$?(B UDP $B$r=hM}$G(B
$B$-$:!"$=$N$?$a(B queue $B$,$$$C$Q$$$K$J$k$N$@$H;W$$$^$9!#(B

$B$?$@!"(BUDP $B$,Ht$s$G$/$k$N$O4V0c$$$J$$$N$G!"$=$l$O!"(Btcpdump $B$r;H$C$FD4$Y(B
$B$i$l$k$H;W$$$^$9!#%3%^%s%I$NNc$O!"(B

tcpdump -i interface_name -q -l dst port domain

$B$+$J!#$3$l$G!"$I$3$+$i(B UDP $B$,Ht$s$G$/$k$N$+J,$+$j$^$9!#(B

> $B$^$?!"(Budp $B%Q%1%C%H$r40A4$K5qH]$9$kJ}K!$r65$($F$$$?$@$1$k$H(B
> $B4r$7$$$G$9!#(B

$B$3$NJU$O!"NI$/J,$+$j$^$;$s!#(B
-- 
$BNkLZ65O:(B
E-Mail: nosuzuki@e-mail.ne.jp
