1.ã¯ããã«
ã€ã³ã¿ãŒãããã®äžçã§ã¯ããŠã§ããµã€ãã®éå¶ãéçºã«ãããŠãã»ãã¥ãªãã£ãããã©ãŒãã³ã¹ã®åäžãéèŠãªèª²é¡ãšãªã£ãŠããŸãããã®ããããªããŒã¹ãããã·ãšããæè¡ã泚ç®ãéããŠãããå€ãã®ãŠã§ããµã€ãã§æŽ»çšãããŠããŸãããããããªããŒã¹ãããã·ã®æŠå¿µã圹å²ã¯ãäžè¬çãªãŠã§ããµãŒããŒããããã·ãµãŒããŒãšã¯ç°ãªããããç解ãã«ãããšæããæ¹ããããããããŸããã
æ¬èšäºã§ã¯ããªããŒã¹ãããã·ã®åºæ¬æŠå¿µããããã®åœ¹å²ãã¡ãªããããã¡ãªãããŸã§å¹ åºãåãäžããŸããããã«ããªããŒã¹ãããã·ã®å ·äœçãªæŽ»çšæ¹æ³ããé害察çã«ã€ããŠã解説ããŠããŸãããããã®æ å ±ãåŠã¶ããšã§ããªããŒã¹ãããã·ã®æŽ»çšããã身è¿ãªãã®ãšãªãããŠã§ããµã€ãéå¶ãéçºã«ãããŠåœ¹ç«ãŠãããšãã§ããã§ãããã
ããã§ã¯ããªããŒã¹ãããã·ã«ã€ããŠåŠãã§ãããŸããããä»åŸã®ãŠã§ããµã€ãéå¶ãéçºã«ãããŠãæ¬èšäºãçæ§ã«ãšã£ãŠæçãªæ å ±æºãšãªãããšãé¡ã£ãŠããŸãã
2.ãªããŒã¹ãããã·ã®åºæ¬æŠå¿µ
ãªããŒã¹ãããã·ãšã¯ãã€ã³ã¿ãŒãããäžã§ãŠã§ããµã€ããéå¶ããéã«ãã¯ã©ã€ã¢ã³ãïŒãŠãŒã¶ãŒïŒããã®ãªã¯ãšã¹ããåãåããããã¯ãšã³ãã®ãµãŒããŒã«è»¢éãã圹å²ãæãããµãŒããŒã®ããšãæããŸãã
ãªããŒã¹ãããã·ã¯ããŠã§ããµã€ãã®ã»ãã¥ãªãã£ãããã©ãŒãã³ã¹ãåäžãããããã«åºãå©çšãããŠããŸãã
ãªããŒã¹ãããã·ã®æŠå¿µãç解ããããã«ã¯ããŸãããããã·ãµãŒããŒããšããèšèãç¥ãå¿ èŠããããŸãããããã·ãµãŒããŒã¯ãã¯ã©ã€ã¢ã³ããšã€ã³ã¿ãŒãããã®éã«äœçœ®ããã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ãã代çã§ã€ã³ã¿ãŒãããã«éä¿¡ãããµãŒããŒã§ããããã«ãããã€ã³ã¿ãŒããããžã®æ¥ç¶ãå¶åŸ¡ããããã»ãã¥ãªãã£ãåäžãããããšãã§ããŸãã
äžæ¹ããªããŒã¹ãããã·ã¯ããã®ååã瀺ãéãããããã·ãµãŒããŒã®éã®åœ¹å²ãæãããŸãããªããŒã¹ãããã·ã¯ãã€ã³ã¿ãŒããããšããã¯ãšã³ããµãŒããŒã®éã«äœçœ®ããã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããåãåããé©åãªããã¯ãšã³ããµãŒããŒã«è»¢éããŸãããã®ä»çµã¿ã«ããããŠã§ããµã€ãã®ã»ãã¥ãªãã£ãããã©ãŒãã³ã¹ãåäžãããŠãŒã¶ãŒã«å¿«é©ãªé²èŠ§äœéšãæäŸããããšãã§ããŸãã
ãªããŒã¹ãããã·ã¯ã以äžã®ãããªç¹åŸŽãæã£ãŠããŸãã
- ã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããäžå çã«ç®¡çããé©åãªããã¯ãšã³ããµãŒããŒã«æ¯ãåããã
- ããã¯ãšã³ããµãŒããŒã®è² è·ãåæ£ããããã©ãŒãã³ã¹ãåäžãããã
- ã¯ã©ã€ã¢ã³ãã«å¯ŸããŠãããã¯ãšã³ããµãŒããŒã®æ å ±ãé èœããã»ãã¥ãªãã£ã匷åããã
ãã®ããã«ããªããŒã¹ãããã·ã¯ãŠã§ããµã€ãéå¶ã«ãããŠéèŠãªåœ¹å²ãæ ã£ãŠãããå€ãã®äŒæ¥ãéçºè ãå©çšããŠããŸãããã®åºæ¬æŠå¿µãç解ããäžã§ã次ã®ã»ã¯ã·ã§ã³ã§ã¯ãªããŒã¹ãããã·ã®å ·äœçãªåœ¹å²ãã¡ãªããããã¡ãªããã«ã€ããŠè©³ãã解説ããŠãããŸãã
3.ãªããŒã¹ãããã·ã®äž»ãªåœ¹å²
ãªããŒã¹ãããã·ã¯ãŠã§ããµã€ãéå¶ã«ãããŠæ§ã ãªåœ¹å²ãæ ã£ãŠããŸããäž»ãªåœ¹å²ã以äžã«ãŸãšããŸããã
- è² è·åæ£ïŒããŒããã©ã³ã·ã³ã°ïŒ
ãªããŒã¹ãããã·ã¯ãè€æ°ã®ããã¯ãšã³ããµãŒããŒãããå Žåã«ãã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããé©åã«æ¯ãåãã圹å²ãæãããŸããããã«ãããåãµãŒããŒãžã®è² è·ãåæ£ãããããã©ãŒãã³ã¹ãåäžããŸããè² è·åæ£ã¯ã倧èŠæš¡ãªãŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã§ç¹ã«éèŠãªæ©èœã§ãã
- ã»ãã¥ãªãã£ã®åŒ·å
ãªããŒã¹ãããã·ã¯ãã¯ã©ã€ã¢ã³ããšããã¯ãšã³ããµãŒããŒã®éã«äœçœ®ããããšã§ãããã¯ãšã³ããµãŒããŒã®æ å ±ãé èœããã»ãã¥ãªãã£ã匷åããŸãããŸãããªããŒã¹ãããã·ã¯äžæ£ãªã¢ã¯ã»ã¹ãæ»æãæ€åºã»é²åŸ¡ããæ©èœãæã£ãŠããããŠã§ããµã€ãå šäœã®ã»ãã¥ãªãã£ãé«ãã圹å²ãæãããŸãã
- ãã£ãã·ã¥æ©èœ
ãªããŒã¹ãããã·ã¯ãããã¯ãšã³ããµãŒããŒããååŸããéçã³ã³ãã³ãïŒç»åãCSSãJavaScriptãªã©ïŒããã£ãã·ã¥ïŒäžæä¿åïŒããããšãã§ããŸããããã«ãããåãã³ã³ãã³ããžã®ãªã¯ãšã¹ãããã£ãéã«ãããã¯ãšã³ããµãŒããŒã«å床åãåãããããšãªãããã£ãã·ã¥ãããã³ã³ãã³ããè¿ãããšãã§ããŸããçµæãšããŠããŠã§ããµã€ãã®ã¬ã¹ãã³ã¹é床ãåäžãããŠãŒã¶ãŒäœéšãæ¹åãããŸãã
- SSL/TLSã®çµç«¯åŠç
ãªããŒã¹ãããã·ã¯ãã¯ã©ã€ã¢ã³ããšã®éã§SSL/TLSïŒã»ãã¥ã¢ãªéä¿¡ãããã³ã«ïŒãçµç«¯ããããã®åŸã®éä¿¡ãããã¯ãšã³ããµãŒããŒã«è»¢éãã圹å²ãæ ããŸããããã«ãããããã¯ãšã³ããµãŒããŒãžã®è² è·ã軜æžããã»ãã¥ãªãã£ã®äžè²«æ§ãç¶æã§ããŸãã
- ã³ã³ãã³ãã®å§çž®
ãªããŒã¹ãããã·ã¯ãããã¯ãšã³ããµãŒããŒããåãåã£ãã³ã³ãã³ããå§çž®ããã¯ã©ã€ã¢ã³ãã«éä¿¡ããããšãã§ããŸããããã«ãããéä¿¡éãåæžããããŠã§ããµã€ãã®èªã¿èŸŒã¿é床ãåäžããŸããç¹ã«ã¢ãã€ã«ãããã¯ãŒã¯ãäœéãªã€ã³ã¿ãŒãããç°å¢ã§ã¢ã¯ã»ã¹ãããŠãŒã¶ãŒã«å¯ŸããŠãå¹æãé¡èã«çŸããŸãã
- URLãªã©ã€ã
ãªããŒã¹ãããã·ã¯ãã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããåãåã£ãéã«ããã®URLãæžãæããŠããã¯ãšã³ããµãŒããŒã«éä¿¡ããããšãã§ããŸããããã«ãããå€éšããèŠããURLãšå éšã§äœ¿çšãããŠããURLãç°ãªããã®ã«ããããšãã§ããŸãããã®æ©èœã¯ããŠã§ãã¢ããªã±ãŒã·ã§ã³ã®æ§é å€æŽããªãã€ã¬ã¯ãã®å®è£ ã容æã«ããããã«å©çšãããŸãã
- ããããŒã®æäœ
ãªããŒã¹ãããã·ã¯ãã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããããã¯ãšã³ããµãŒããŒããã®ã¬ã¹ãã³ã¹ã®ããããŒãæäœããããšãã§ããŸããäŸãã°ãã¯ã©ã€ã¢ã³ãã®IPã¢ãã¬ã¹ãããã¯ãšã³ããµãŒããŒã«äŒããããã®ããããŒãä»äžããããã»ãã¥ãªãã£ãåäžãããããã®ããããŒãè¿œå ã»åé€ããããšãã§ããŸãã
以äžã®ããã«ããªããŒã¹ãããã·ã¯ãŠã§ããµã€ãéå¶ã«ãããŠå€æ§ãªåœ¹å²ãæãããŠããŸããé©åã«èšå®ããããªããŒã¹ãããã·ã¯ããŠã§ããµã€ãã®ããã©ãŒãã³ã¹åäžãã»ãã¥ãªãã£åŒ·åãéçšå¹çã®æ¹åã«å¯äžããŸãããã®èšäºã§ã¯ããããã®åœ¹å²ããªããŒã¹ãããã·ã®æŠå¿µã倧åŠçã«ããããããã«èª¬æããŠããããšã§ãç解ãæ·±ããããšãã§ããã§ãããã
4.ãªããŒã¹ãããã·ã®ã¡ãªãããšå®äŸ
ãªããŒã¹ãããã·ã®ã¡ãªãã
ãªããŒã¹ãããã·ã«ã¯å€ãã®ã¡ãªããããããŸãããããã§ã¯ãã®äžã§ãç¹ã«éèŠãªãã®ãããã€ã玹ä»ããŸãã
- a. ã»ãã¥ãªãã£ã®åŒ·å
ãªããŒã¹ãããã·ãå°å ¥ããããšã§ãã€ã³ã¿ãŒãããããçŽæ¥ããã¯ãšã³ããµãŒããŒã«ã¢ã¯ã»ã¹ãããããšãé²ãããšãã§ããŸããããã«ãããäžæ£ã¢ã¯ã»ã¹ãæ»æããããã¯ãšã³ããµãŒããŒãä¿è·ããããšãã§ããŸãã
- b. è² è·åæ£
è€æ°ã®ããã¯ãšã³ããµãŒããŒãæã€å ŽåããªããŒã¹ãããã·ã¯ãªã¯ãšã¹ããé©åã«åæ£ãããããšãã§ããŸããããã«ããããŠã§ããµã€ãã®ã¬ã¹ãã³ã¹é床ãåäžãããµãŒããŒã®ããŠã³ã¿ã€ã ãæžããããšãã§ããŸãã
- c. ãã£ãã·ã¥æ©èœ
ãªããŒã¹ãããã·ã¯éçã³ã³ãã³ãããã£ãã·ã¥ããããšãã§ããŸããããã«ãããããã¯ãšã³ããµãŒããŒãžã®ã¢ã¯ã»ã¹ãæžããã¬ã¹ãã³ã¹é床ãåäžããŸãã
ãªããŒã¹ãããã·ã®å®äŸ
ãªããŒã¹ãããã·ã®å®éã®äœ¿çšäŸãããã€ã玹ä»ããŸãã
- a. ã¯ã©ãŠããã¬ã¢ (Cloudflare)
ã¯ã©ãŠããã¬ã¢ã¯ãäžçäžã®ãŠã§ããµã€ãã«ãªããŒã¹ãããã·ãµãŒãã¹ãæäŸããŠããäŒæ¥ã§ããã¯ã©ãŠããã¬ã¢ã®ãªããŒã¹ãããã·ã¯ãDDoSæ»æ察çããã£ãã·ã¥æ©èœãåããŠããããŠã§ããµã€ãã®ã»ãã¥ãªãã£ãšããã©ãŒãã³ã¹ãåäžãããããšãã§ããŸãã
- b. AWS Elastic Load Balancing (ELB)
AWSã®Elastic Load Balancing (ELB) ã¯ãAmazon Web Services (AWS) ãæäŸãããªããŒã¹ãããã·ãµãŒãã¹ã§ãã
ELBã¯ããªã¯ãšã¹ããè€æ°ã®ããã¯ãšã³ããµãŒããŒã«åæ£ãããããšã§ãè² è·åæ£ãå®çŸããŠããŸãã
- c. Nginx
Nginxã¯ããªãŒãã³ãœãŒã¹ã®WebãµãŒããŒããã³ãªããŒã¹ãããã·ãµãŒããŒã§ããNginxã¯é«ãããã©ãŒãã³ã¹ãšå®å®æ§ãæã£ãŠãããå€ãã®äŒæ¥ã§ãªããŒã¹ãããã·ãšããŠå©çšãããŠããŸãã
以äžã®ããã«ããªããŒã¹ãããã·ã¯å€ãã®ã¡ãªããããããæ§ã ãªå®äŸã§ãã®å¹æãå®èšŒãããŠããŸãã
ã»ãã¥ãªãã£ã®åŒ·åãè² è·åæ£ããã£ãã·ã¥æ©èœã®åäžãªã©ããªããŒã¹ãããã·ã掻çšããããšã§ãŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã®ããã©ãŒãã³ã¹ãšå®å
šæ§ãé«ããããšãã§ããŸãã
ãŸããã¯ã©ãŠããã¬ã¢ãAWS Elastic Load Balancing (ELB)ãNginxãªã©ãããŸããŸãªãªããŒã¹ãããã·ãµãŒãã¹ãããŒã«ãæäŸãããŠãããããèªåã®ããŒãºã«åã£ããã®ãéžæããããšãã§ããŸãã
æåŸã«ããªããŒã¹ãããã·ã®å°å ¥ã«éããŠã¯ãèªåã®ãŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã®èŠä»¶ãããŒãºãååã«ç解ããé©åãªãªããŒã¹ãããã·ãµãŒãã¹ãããŒã«ãéžæããããšãéèŠã§ããæé©ãªãªããŒã¹ãããã·ãå°å ¥ããããšã§ããŠã§ããµãŒãã¹ã®ã»ãã¥ãªãã£ãããã©ãŒãã³ã¹ããããŠSEOæé©åã«å€§ããè²¢ç®ããããšãã§ããã§ãããã
5.ãªããŒã¹ãããã·ã®ãã¡ãªãããšå¯Ÿç
ãªããŒã¹ãããã·ã¯ããŠã§ããµãŒãã¹ã«å€ãã®ã¡ãªãããããããäžæ¹ã§ãããã€ãã®ãã¡ãªãããååšããŸãããã®ã»ã¯ã·ã§ã³ã§ã¯ããªããŒã¹ãããã·ã®ãã¡ãªãããšããã«å¯ŸåŠããæ¹æ³ã«ã€ããŠè§£èª¬ããŸãã
- ã·ã³ã°ã«ãã€ã³ããªããã§ã€ã«ã¢(SPOF)ã®ãªã¹ã¯
ãªããŒã¹ãããã·ã¯ããã¹ãŠã®ã¯ã©ã€ã¢ã³ããªã¯ãšã¹ããäžç®æã§åŠçããããããã®ç¹ãé害çºçæã®åœ±é¿ãåãããããªããŸããããã«ããããªããŒã¹ãããã·èªäœãããŠã³ãããšãå šäœã®ãµãŒãã¹ãåæ¢ãããªã¹ã¯ããããŸãã
察ç: ãªããŒã¹ãããã·ãµãŒããŒã®åé·åãè² è·åæ£ãå®çŸããããšã§ãSPOFã®ãªã¹ã¯ã軜æžããããšãã§ããŸãã
- ããã©ãŒãã³ã¹ãžã®åœ±é¿
ãªããŒã¹ãããã·ãå°å ¥ããããšã§ãéåžžã¯ããã©ãŒãã³ã¹ãåäžããŸãããèšå®ãé©åã§ãªãå ŽåãããªãœãŒã¹ãäžè¶³ããŠããå Žåã¯éã«ããã©ãŒãã³ã¹ãäœäžããããšããããŸãã
察ç: ãªããŒã¹ãããã·ã®èšå®ãé©åã«è¡ããå¿ èŠã«å¿ããŠãªãœãŒã¹ã®è¿œå ã調æŽãè¡ã£ãŠãã ããã
- SL/TLSã®è€éã
ãªããŒã¹ãããã·ã¯ãã¯ã©ã€ã¢ã³ããšãµãŒããŒéã®éä¿¡ãäžç¶ãããããSSL/TLSã®èšå®ãè€éã«ãªãããšããããŸãããŸãããªããŒã¹ãããã·ãæå·åãããéä¿¡ã埩å·åããããšã§ãäžéè æ»æïŒMan-in-the-Middleæ»æïŒã®ãªã¹ã¯ãé«ãŸãå ŽåããããŸãã
察ç: SSL/TLS蚌ææžãæ£ç¢ºã«èšå®ãããªããŒã¹ãããã·ã®ã»ãã¥ãªãã£ã匷åããŠãã ããã
- ãã£ãã·ã¥ã®ç®¡ç
ãªããŒã¹ãããã·ã¯ãã³ã³ãã³ãããã£ãã·ã¥ããããšã§ãŠã§ããµã€ãã®èªã¿èŸŒã¿é床ãåäžãããŸããããã£ãã·ã¥ã®ç®¡çãé©åã§ãªããšå€ãã³ã³ãã³ãã衚瀺ãããããšããããŸãã
察ç: ãã£ãã·ã¥ã®æŽæ°é »åºŠãæéãé©åã«èšå®ããææ°ã®ã³ã³ãã³ãã衚瀺ãããããã«ããŠãã ããã
- èšå®ãã¡ã³ããã³ã¹ã®èšå®ãã¡ã³ããã³ã¹ã®æé
ãªããŒã¹ãããã·ãå°å ¥ããããšã§ãã·ã¹ãã ã®è€éæ§ãå¢ããããèšå®ãã¡ã³ããã³ã¹ã«æéããããããšããããŸããç¹ã«ãåå¿è ã«ãšã£ãŠã¯ãªããŒã¹ãããã·ã®èšå®ãé£ããæããå ŽåããããŸãã
察ç: å°é家ã«çžè«ããããé©åãªããã¥ã¡ã³ããåç §ããªããèšå®ãè¡ã£ãŠãã ããããŸãããªããŒã¹ãããã·ã®èšå®ãèªååããããŒã«ããããŒãžããµãŒãã¹ãå©çšããããšã§ãæéã軜æžã§ããŸãã
- ãã©ã€ãã·ãŒã®æžå¿µ
ãªããŒã¹ãããã·ã¯ãéä¿¡ãäžç¶ãããããã¯ã©ã€ã¢ã³ããšãµãŒããŒéã®ãã©ã€ãã·ãŒã«åœ±é¿ãäžããå¯èœæ§ããããŸããç¹ã«ããªããŒã¹ãããã·ãæå·åãããéä¿¡ã埩å·åããããšã§ããã©ã€ãã·ãŒã䟵害ããããªã¹ã¯ãé«ãŸãå ŽåããããŸãã
察ç: ã»ãã¥ãªãã£å¯Ÿçã匷åãããã©ã€ãã·ãŒã«é æ ®ãããªããŒã¹ãããã·ã®èšå®ãè¡ã£ãŠãã ããããŸããé©åãªã¢ã¯ã»ã¹å¶åŸ¡ãç£æ»æ©èœãå°å ¥ããããšã§ããã©ã€ãã·ãŒãä¿è·ããããšãã§ããŸãã
ãã¡ãªãããšå¯Ÿçã®ãŸãšã
ãªããŒã¹ãããã·ã¯ããŠã§ããµãŒãã¹ã«ãããŠå€ãã®ã¡ãªãããããããäžæ¹ã§ãããã€ãã®ãã¡ãªãããååšããŸãããã¡ãªããã«å¯ŸåŠããããšã§ããªããŒã¹ãããã·ãããå¹æçã«æŽ»çšããããšãã§ããŸããé©åãªèšå®ããªãœãŒã¹ç®¡çãã»ãã¥ãªãã£å¯Ÿçãè¡ãããšã§ããªããŒã¹ãããã·ã®ãã¡ãªãããæå°éã«æããããšãã§ããŸãã
6.ãªããŒã¹ãããã·ã®å°å ¥ãšèšå®
ãªããŒã¹ãããã·ã®å°å ¥ãšèšå®ã¯ãåå¿è ã«ãšã£ãŠãç°¡åã«è¡ããæ¹æ³ãããã€ããããŸãããã®ã»ã¯ã·ã§ã³ã§ã¯ããªããŒã¹ãããã·ã®å°å ¥æ¹æ³ãšäžè¬çãªèšå®æé ã«ã€ããŠèª¬æããŸãã
äžè¬çãªãªããŒã¹ãããã·ãœãããŠã§ã¢ã®éžæ
ãªããŒã¹ãããã·ãå°å ¥ããéã«ã¯ããŸã䜿çšãããœãããŠã§ã¢ãéžæããå¿ èŠããããŸãã以äžã¯ãäžè¬çãªãªããŒã¹ãããã·ãœãããŠã§ã¢ã§ãã
- Nginx
- Apache HTTP Server
- HAProxy
- Microsoft IIS
ãããã®ãœãããŠã§ã¢ã«ã¯ããããç¹åŸŽããããŸãããã©ããé«ãããã©ãŒãã³ã¹ãšå®å®æ§ãæåŸ ã§ããŸãã
ãœãããŠã§ã¢ã®ã€ã³ã¹ããŒã«
éžæãããªããŒã¹ãããã·ãœãããŠã§ã¢ãã€ã³ã¹ããŒã«ããŸããã»ãšãã©ã®ãœãããŠã§ã¢ã¯ãå ¬åŒãµã€ãããããŠã³ããŒãããŠã€ã³ã¹ããŒã«ã§ããŸãããŸããLinuxãã£ã¹ããªãã¥ãŒã·ã§ã³ã«ãã£ãŠã¯ãããã±ãŒãžãããŒãžã£ã䜿ã£ãŠç°¡åã«ã€ã³ã¹ããŒã«ã§ããå ŽåããããŸãã
èšå®ãã¡ã€ã«ã®ç·šé
ã€ã³ã¹ããŒã«ãå®äºãããããªããŒã¹ãããã·ã®èšå®ãã¡ã€ã«ãç·šéããŸããèšå®ãã¡ã€ã«ã¯ããœãããŠã§ã¢ã«ãã£ãŠç°ãªãå Žæã«é 眮ãããŠããããšããããŸãããäžè¬çã«ã¯ä»¥äžã®ãã£ã¬ã¯ããªã«ååšããŸãã
Nginx: /etc/nginx/
Apache HTTP Server: /etc/httpd/ ãŸã㯠/etc/apache2/
HAProxy: /etc/haproxy/
Microsoft IIS: %SystemRoot%\System32\inetsrv\config
èšå®ãã¡ã€ã«ãç·šéããéã«ã¯ããªããŒã¹ãããã·ã®ããŒãçªå·ãããã¯ãšã³ããµãŒããŒã®ã¢ãã¬ã¹ãšããŒãçªå·ãããŒããã©ã³ã·ã³ã°ã®èšå®ãSSL/TLSã®èšå®ãªã©ãè¡ããŸãã
ãªããŒã¹ãããã·ã®èµ·åãšãã¹ã
èšå®ãã¡ã€ã«ã®ç·šéãå®äºãããããªããŒã¹ãããã·ãèµ·åããŸããLinuxã§ã¯ãsystemctlã³ãã³ãã䜿ã£ãŠãµãŒãã¹ãèµ·åã»åèµ·åã»åæ¢ããããšãã§ããŸããWindowsã®å Žåã¯ãIISãããŒãžã£ãŒã䜿çšããŠãµãŒãã¹ã管çããŸãã
èµ·åãå®äºãããããªããŒã¹ãããã·ãæ£åžžã«æ©èœããŠãããããã¹ãããŸãããã©ãŠã¶ã§ãªããŒã¹ãããã·ã®ã¢ãã¬ã¹ã«ã¢ã¯ã»ã¹ããããã¯ãšã³ããµãŒããŒãæäŸããã³ã³ãã³ããæ£åžžã«è¡šç€ºãããããšã確èªããŸãããŸããããŒããã©ã³ã·ã³ã°ãSSL/TLSãæ£ããæ©èœããŠãããããã¹ãããŠãã ããã
ããã©ãŒãã³ã¹ãã¥ãŒãã³ã°ãšã»ãã¥ãªãã£å¯Ÿç
ãªããŒã¹ãããã·ã®åºæ¬èšå®ãå®äºããããããã©ãŒãã³ã¹ãã¥ãŒãã³ã°ãã»ãã¥ãªãã£å¯Ÿçãè¡ããŸãããã以äžã¯ãäžè¬çãªãã¥ãŒãã³ã°ãšã»ãã¥ãªãã£å¯Ÿçã®äŸã§ãã
- ãã£ãã·ã¥èšå®: éçãã¡ã€ã«ã®ãã£ãã·ã¥ãæå¹åããŠããªã¯ãšã¹ãåŠçé床ãåäžãããŸãã
- ã¿ã€ã ã¢ãŠãèšå®: ãªããŒã¹ãããã·ãšããã¯ãšã³ããµãŒããŒéã®ã¿ã€ã ã¢ãŠããèšå®ããé©åãªã¿ã€ã ã¢ãŠãæéãèšå®ããŸãã
- SSL/TLSèšå®: SSL/TLSã®èšå®ãæé©åããã»ãã¥ãªãã£ãåäžãããŸããããšãã°ãTLS 1.2ã1.3ã®ã¿ãèš±å¯ããå€ãæå·ã¹ã€ãŒããç¡å¹åããŸãã
- IPã¢ãã¬ã¹å¶é: äžæ£ã¢ã¯ã»ã¹ãé²ããããç¹å®ã®IPã¢ãã¬ã¹ããã®ã¢ã¯ã»ã¹ã®ã¿ãèš±å¯ããèšå®ãè¡ããŸãã
- ãªã¯ãšã¹ãå¶é: DoSæ»æãé²ãããã«ãäžå®æéå ã®ãªã¯ãšã¹ãæ°ãå¶éããŸãã
ãããã®èšå®ãè¡ãããšã§ããªããŒã¹ãããã·ã®ããã©ãŒãã³ã¹ãšã»ãã¥ãªãã£ãåäžããŸããããããèšå®ã®å€æŽã«ã¯æ³šæãå¿ èŠã§ããé©åãªèšå®ãè¡ããªããšãéã«ããã©ãŒãã³ã¹ãäœäžããããã»ãã¥ãªãã£ãªã¹ã¯ãé«ãŸãããšããããŸããèšå®ã®å€æŽã¯ãååãªç解ãšæ éããæ±ããããŸãã
以äžã§ããªããŒã¹ãããã·ã®å°å ¥ãšèšå®ã®åºæ¬çãªæé ã説æããŸããããªããŒã¹ãããã·ã¯ããŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã®ããã©ãŒãã³ã¹ãšã»ãã¥ãªãã£ãåäžããã匷åãªããŒã«ã§ããé©åãªèšå®ãšéçšãè¡ãããšã§ããŠã§ããµãŒãã¹ã®å質ãå€§å¹ ã«åäžãããããšãã§ããŸãã
7.ãŸãšã
æ¬èšäºã§ã¯ããªããŒã¹ãããã·ã®åºæ¬æŠå¿µããããã®äž»ãªåœ¹å²ãã¡ãªãããšãã¡ãªãããå®äŸãå°å ¥ãšèšå®æ¹æ³ã«ã€ããŠã解説ããŸããã
ãªããŒã¹ãããã·ã¯ãã€ã³ã¿ãŒãããäžã®ãŠã§ããµãŒãã¹ãæäŸããéã«ãããã©ãŒãã³ã¹ã®åäžãã»ãã¥ãªãã£ã®åŒ·åã«åœ¹ç«ã€éèŠãªæè¡ã§ãã
ãªããŒã¹ãããã·ã®äž»ãªåœ¹å²ã¯ãã¯ã©ã€ã¢ã³ãããã®ãªã¯ãšã¹ããé©åãªããã¯ãšã³ããµãŒããŒã«è»¢éãããã®ã¬ã¹ãã³ã¹ãã¯ã©ã€ã¢ã³ãã«è¿ãããšã§ããããã«ãããããŒããã©ã³ã·ã³ã°ããã£ãã·ã¥æ©èœãSSL/TLSã®çµ±åãã»ãã¥ãªãã£å¯Ÿçãªã©ãå®çŸãããŸãã
ãªããŒã¹ãããã·ã®å°å
¥ã«ã¯æ§ã
ãªã¡ãªããããããŸããããã¡ãªããã泚æç¹ãååšããŸãã
é©åãªèšå®ãéçšãè¡ãããªãå Žåãããã©ãŒãã³ã¹ãäœäžããããã»ãã¥ãªãã£ãªã¹ã¯ãé«ãŸãããšããããŸãããã®ããããªããŒã¹ãããã·ã®èšå®ã管çã«ã¯ååãªæ³šæãå¿
èŠã§ãã
å°å ¥ãšèšå®ã«ã€ããŠã¯ããªããŒã¹ãããã·ãœãããŠã§ã¢ãéžæããé©åãªèšå®ãè¡ããåäœç¢ºèªãè¡ãããšãéèŠã§ããããã«ãããã©ãŒãã³ã¹ãã¥ãŒãã³ã°ãã»ãã¥ãªãã£å¯Ÿçãæœãããšã§ããŠã§ããµãŒãã¹ã®å質ãåäžãããããšãã§ããŸãã
æåŸã«ããªããŒã¹ãããã·ã®é©åãªå©çšã¯ããŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã®ããã©ãŒãã³ã¹ãšã»ãã¥ãªãã£ãå€§å¹ ã«åäžãããããšãã§ããŸãããã®èšäºãåèã«ããªããŒã¹ãããã·ã®ç¥èãæ·±ããå®è·µã«åœ¹ç«ãŠãŠããã ããã°å¹žãã§ãã