<> õ¸®¾È ¸®´ª½º °­Á ³¡À¸·Î, Çà»ç¸¦ À§ÇØ ÁÁÀº Àå¼Ò¸¦ Á¦°øÇÑ <µ¥ÀÌÄÞ(õ¸®¾È)>, "Informix-SE for Linux"¸¦ Á¦°øÇØ ÁØ <Çѱ¹ ÀÎÆ÷¹Í½º>, °­ÀǸ¦ À§ÇÑ ½Ã½ºÅÛÀ» Áö¿øÇØÁØ <¿¡À̽ýº Á¤º¸Åë½Å>, Á¤Ç° ¸®´ª½º CD¸¦ Á¦°øÇØ ÁØ <Áö±×Àç±× ¼ÒÇÁÆ®>, ¸®´ª½º¿ë "Éø±Û/X R4"¸¦ Á¦°øÇØÁØ <¹ÌÁö¸®¼­Ä¡>, º» ±³À縦 ¹ß°£ ÇØÁØ <(ÁÖ) ¿¹Áö°¢>, ±×¸®°í ÀÌ Çà»ç¸¦ ±âȹÇÏ°í ÃÑ ÁøÇàÀ» ¸Ã¾ÆÁØ ÀÇ [°¡¿ì½º] ±è¹Î¼ö´Ô²² °¨»ç¿Í Âù»ç¸¦ ¶ç¿î´Ù. 1998³â 8¿ù 29ÀÏ È£³ªºñ ¾È±æ¼º µå¸² ¸¸µçÀ̵é(õ¸®¾È ID: À̸§ ÀüÀÚ¿ìÆí ÁÖ¼Ò) °¡¿ì½º : ±è¹Î¼ö gauss@smartmate.com °¡À»Çâ±â : Ȳ»óÁø hackers@smartmate.com ³«¿± : ¹Ú»ó¿Ï webadmin@webadmin.net µÕµÕÀÌ : ¹Ú°æÀÎ kyungins@chollian.net ¹«¸ªµµ¿ø : ±è¿ÏÈñ hwinnt@chollian.net ¹Ùº¸¹Ì¿ª : ÃÖ¹ÎÇõ magic23@chollian.net »ç¹Ù¼¼°è : ¹ÚÇý¿¬ ¼±ÀÌ : Á¤¼±ÀÌ jung0911@chollian.net ¿ä¼Á : Á¤ÀçÇü jjh7100@chollian.net Àººû¿¬¾î : Àå´öÈñ sauro@chollian.net À̽ : À̽ lvl@chollian.net ³ª¸¶½ºÄ« : 亴ö dataeng@chollian.net ij¼öÆÛ : ÀÓÅë±Ô casper@smartmate.com ÆĶûÀÌ : Àü¼®º´ zsdeer@chollian.net Ǫ¸¥´Þ : ¹Ú½ÂÈÆ hdb14@chollian.net È£ÁØ : ÀÌÈ£ÁØ nel78@chollian.net < ÙÍ ó­ > ¥±. ¸®´ª½ºÀÇ ±¸Á¶ 1. ¸®´ª½ºÀÇ ±âº»±¸Á¶ 2. ¸®´ª½ºÀÇ Kernel¿¡ °üÇÏ¿© 3. X-Window System¿¡ °üÇÏ¿© ¥². ¸®´ª½ºÀÇ È°¿ë 1. ¸®´ª½º & Networking 2. ¸®´ª½º & Internet Service 3. ¸®´ª½º & Database 4. ¸®´ª½º & Security <ºÎ·Ï> ¡Ü ¸®´ª½º(RedHat 5.1) ¼³Ä¡ÇÏ±â ¡Ü ¸®´ª½º »ó¿¡¼­ÀÇ Çѱ۱¸Çö ¡Ü X-Window ¼³Á¤ÇÏ±â ¡Ü ¸®´ª½º »ó¿¡¼­ÀÇ ÄÄÇ»ÅÍÅë½Å°ú ÀÎÅÍ³Ý »ç¿ëÇÏ±â ¡Ü ¸®´ª½º °ü·Ã Internet Site ¸ðÀ½ ¥±. ¸®´ª½ºÀÇ ±¸Á¶ 1. ¸®´ª½ºÀÇ ±âº»±¸Á¶ [µð·ºÅ丮 ±¸Á¶] /bin : Linux¿¡¼­ »ç¿ëÇÏ´Â ±âº» ¸í·É¾îµéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. /boot : Linux boot¿¡ ÇÊ¿äÇÑ booting Áö¿ø ÆÄÀϵéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. /dev : Linux¿¡¼­ »ç¿ëÇÏ´Â °¢ ÀåÄ¡¿¡ ´ëÇÑ DeviceµéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. ¿ë·®À» Â÷ÁöÇÏÁö ¾Ê´Â °¡»óÀÇ µð·ºÅ丮. /etc : Linux¿¡¼­ »ç¿ëµÇ´Â ¸ðµç ¾îÇø®ÄÉÀÌ¼Ç ¹× Linux ȯ°æ ¼³Á¤¿¡ ÇÊ¿äÇÑ ¼³Á¤ ÆÄÀϵéÀÇ ÃÑ ÁýÇÕü. /home : Linux user µéÀÇ ±âº» µð·ºÅ丮À̸ç, web server ¹× ftp server, Samba server ÀÇ µð·ºÅ丮°¡ À§Ä¡ÇÏ´Â µð·ºÅ丮. /lib : Linux¿¡¼­ »ç¿ëÇÏ´Â ±âº» ¶óÀ̺귯¸®°¡ À§Ä¡ÇÏ´Â µð·ºÅ丮. /mnt : cd-rom ¹× floppy ÀåÄ¡¿¡ ´ëÇÑ mount pointer°¡ À§Ä¡ÇÏ´Â µð·ºÅ丮. /proc : °¡»óÀÇ µð·ºÅ丮·Î Linux kernel¼³Á¤¿¡¼­ ÇÊ¿äÇÑ µð¹ÙÀ̽ºµéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. /root : system userÀÇ È¨µð·ºÅ丮. /sbin : Linux kernel¿¡¼­ ÇÊ¿äÇÑ module¼³Á¤ ÆÄÀÏÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. /tmp : °¢ ÀåÄ¡¿¡ ÇÊ¿äÇÑ socket ¹× log ÆÄÀϵéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮. /usr : Linux¿¡¼­ »ç¿ëÇÏ´Â ¸ðµç ¾îÇø®ÄÉÀÌ¼Ç ¹× ½Ã½ºÅÛ ÆÄÀϵéÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮·Î½á, LibraryÈ­ÀÏ, ½ÇÇàÆÄÀϵéÀÌ µé¾îÀÖ´Ù. [shellÀÇ ±¸Á¶] ¡Ú ½©(shell)À̶õ? »ç¿ëÀÚ¿Í ¸®´ª½º Ä¿³Î »çÀÌÀÇ ÀÎÅÍÆäÀ̽º·Î »ç¿ëµÇ´Â ÇÁ·Î±×·¥À» ÅëĪÇÑ´Ù. Áï, »ç¿ëÀÚ°¡ ÇÁ·ÒÇÁÆ®¿¡¼­ ¾î¶°ÇÑ ÇàÀ§¸¦ ÇÏ¸é ±×°ÍÀÌ ¸®´ª½º Ä¿³Î¿¡ Àü´ÞÀÌ µÇ°í ¸®´ª½º Ä¿³ÎÀº ÀÔ·ÂµÈ ¸í·É¾îµé¿¡ ´ëÇÑ °á°úÄ¡¸¦ Ãâ·ÂÀ» ÇØÁÖ°Ô µÇ´Â ÇüŸ¦ ¸»ÇÑ´Ù. shellÀº ¸í·É¾î º¯È¯±âÀ̸ç ÀڽŠ°íÀ¯ÀÇ ³»ºÎÀûÀÎ shell ¸í·É¾îÀÇ ÁýÇÕÀ» °¡Áö°í ÀÖ´Ù. ÀÌ·¯ÇÑ ¸í·ÉÀ» ¼öÇàÄÉ ÇØÁÖ´Â shell¿¡´Â ´Ù¾çÇÑ ÇüÅ°¡ Àִµ¥, bash, csh, tcsh, ksh, pdksh, zsh µî ´Ù¾çÇÑ Á¾·ùÀÇ shellÀÌ Á¸ÀçÇÑ´Ù. ¸®´ª½º ¸®´ª½º Ä¿³Î »ç¿ëÀÚ ½© 2. ¸®´ª½º Kernel¿¡ °üÇÏ¿© [Ä¿³Î ¼Ò½º µð·ºÅ͸® Áß½ÉÀ¸·Î] ¢Ñ Documentations : Linux kernel¿¡¼­ Áö¿øÇÏ´Â ¸ðµç Çϵå¿þ¾î ¼³Á¤ ¹× Á¤º¸ µî kernelÀ» ¼³Á¤Çϴµ¥ À־ ¸ðµç Á¤º¸¸¦ ´ã°í ÀÖ´Â subdirectory ÀÌ´Ù. ¢Ñ arch Additional platform support ¡æ Linux kernel runs on the following platforms. O alpha O i386 O mips O ppc O sparc O M68K(Amiga) ¢Ñ Include ¡æ Include ¼­ºêµð·ºÅ丮´Â ±âº»ÀûÀÎ Ä¿³Î ÄÚµåÀÇ Çì´õ ÆÄÀϵéÀ» Æ÷ÇÔÇÏ´Â µð·ºÅ丮ÀÌ´Ù. ¡æ Include/ ¹ØÀÇ Linux system¿¡¼­ Áö¿øÇÏ´Â OS(operating system) header file µéÀ» /usr/includeÀ¸·Î soft Link ÁÖ´Â ±¸Á¶¸¦ °¡Áö°í ÀÖ´Ù. ¢Ñ init (system startup and Initialization) ¡æ Intel±â¹ÝÀ¸·Î ÇÏ´Â ½Ã½ºÅÛ ±¸Á¶¿¡¼­, loadlin.exe & LILOÇÁ·Î±×·¥À¸·Î½á system boot ÇÒ ¶§¿¡ arch/i386/kernel/head.SÆÄÀÏÀÌ Ä¿³Î ³»ºÎÀÇ ¸Þ¸ð¸® ¹× ½Ã½ºÅÛ ÄÁÆ®·ÑÀ» ÇÏ´Â ÆÄÀϵéÀÇ ÁýÇÕü. ¡æ Head.S¶õ.? init/main.cÄÚµåÀÇ main()ÇÔ¼öÀÇ ÀÏ·ÃÀÇ ¸í·É±ºÀ» ÅëÁ¦ ¹× Á¦¾î¸¦ Çϴ Ư¼öÇÑ ±¸Á¶¸¦ °¡Á³´Ù. ¢Ñ mm (Memory Management) ¡æ À߸øµÈ ¿¬»êÀ» ¼öÇàÇÏ´Â Äڵ带 Á¦¾îÇÏ´Â memory.c code ¹× ¸Þ¸ð¸® ¸ÅÇÎ ¹× ij½¬¿ªÇÒÀ» ÇÏ´Â filemap.c code, ºÒ¾ÈÁ¤ÇÑ ¹öÆÛ Äڵ带 Á¦¾îÇÏ´Â buffer.c code, swap¸¦ Á¦¾îÇÏ´Â ?swap_state.c, swapfile.c" code·Î ±¸ºÐµÈ´Ù. ¢Ñ Kernel ¡æ The Scheduler is in kernel/sched.c and the fork code is in kernel/fork.c. ¡æ The bottom half handling code is in include/linux/interrupt.h. ¡æ The task_struct data structure can be found in include/linux/sched.h. ¢Ñ IPC (Interprocess Communication) ¡æ ipc_perm µ¥ÀÌÅÍ ±¸Á¶ ¹× include/linux/ipc.h Çì´õ ÆÄÀϵéÀ» ÀÌ¿ëÇÏ¿© ¸ðµç System V IPC ¿ÀºêÁ§Æ®¸¦ Æ÷ÇÔÇÑ Çì´õ ¹× ¼Ò½º Äڵ带 Æ÷ÇÔÇÑ´Ù. ¢Ñ fs (File Systems) ¡æ Linux¿¡¼­ »ç¿ëÇÏ´Â ext2ÆÄÀÏ ½Ã½ºÅÛÀÇ ¸ðµç Çì´õÆÄÀÏ ¹× ¼Ò½ºÄڵ带 ³»Æ÷ ÇÏ°í, include/linux/ext2_fs.h, ext2_fs_i.h, ext2_fs_sb.hÇì´õÆÄÀÏÀ» ³»Æ÷Çϸç ext2ÆÄÀÏ ½Ã½ºÅÛÀÇ µ¥ÀÌÅÍ ±¸Á¶¸¦ Á¤ÀÇÇÏ´Â µð·ºÅ丮ÀÌ´Ù. ¢Ñ net (Network) ¡æ Linux networking¿¡ ÇÊ¿äÇÑ include/netÇì´õ ÆÄÀÏ ¹× ¼Ò½º Äڵ带 Æ÷ÇÔÇϸç, BSD ¼ÒÄÏÀ» Áö¿øÇÏ´Â net/socket.c, IPV4 ¼ÒÄÏ Äڵ带 Áö¿øÇÏ´Â net/ipv4/af_inet.c ¹× ³×Æ®¿÷ µð¹ÙÀ̽º µå¶óÀ̺긦 Æ÷ÇÔÇÏ°í ÀÖ´Ù. ¡æ The network devices drivers are in drivers/net. ¢Ñ modules ¡æ Linux kernel¿¡¼­ÀÇ ¸ðµâ ±â´ÉÀ» ±¸ÇöÇÏ´Â µð·ºÅ丮. ¡æ Linux kernel¿¡¼­ ¸ðµâ ±â´ÉÀ» ÄÄÆÄÀÏ Çϸé Á¤ÀûÀ¸·Î ¸µÅ©¸¦ ½ÃÄÑÁÖ´Â µð·ºÅ丮. ¢Ñ lib (kernel Library) ¡æ Ä¿³Î ¼³Á¤¿¡ ÇÊ¿äÇÑ ¶óÀ̺귯¸® Äڵ带 ³»Æ÷ÇÏ´Â µð·ºÅ丮. ¢Ñ Scripts ¡æ Ä¿³ÎÀ» ¼³Á¤Çϴµ¥ À־, make xconfig ¹× make menuconfig¿¡ ÇÊ¿äÇÑ awk ¹× tk½ºÅ©¸³Æ®¸¦ Æ÷ÇÔÇÏ°í ÀÖ´Â µð·ºÅ丮. ¢Ñ Drivers ¡æ Linux System's ¿¡ ÇÊ¿äÇÑ µð¹ÙÀ̽º µå¶óÀ̹ö¸¦ Æ÷ÇÔÇÏ´Â µð·ºÅ丮. 3. X-Window System¿¡ °üÇÏ¿©) http://kldp.linux-kr.org/ Âü°í [¿ª»ç] À¯´Ð½º¿ë GUI interface¶ó°í ÇÒ ¼ö ÀÖ´Â X-windows´Â MIT¿Í DEC»ç¿¡ ÀÇÇÑ Athena ÇÁ·ÎÁ§Æ®¿¡ ÀÇÇØ Ã³À½À¸·Î °³¹ßµÇ¾ú´Ù. X-windows¶ó´Â À̸§Àº ½ºÅÄÆ÷µå ´ëÇп¡¼­ °³¹ßÇÑ W À©µµ¿ì ½Ã½ºÅÛÀ» µû¶ó ±× ´ÙÀ½ ¾ËÆĺªÀÎ X¸¦ »ç¿ëÇÑ °ÍÀ̶ó°í ÇÑ´Ù. X-windows´Â 1985³â MITÀÇ ¶óÀ̼¾½º Æ÷±â ÀÌÈÄ ¸¹ÀÌ º¸±ÞµÇ¾ú´Ù. ÇöÀç´Â À¯´Ð½º µîÀÇ ¿î¿µÃ¼Á¦¿¡ ±âº»ÀûÀÎ ½Ã½ºÅÛÀ¸·Î µµÀԵǾîÀÖ´Ù. ¶ÇÇÑ MITÀÇ XFree86 ÇÁ·ÎÁ§Æ®´Â ÀÏ¹Ý °³ÀÎ¿ë ¿î¿µÃ¼Á¦¿¡¼­µµ µ¹¾Æ°¥ ¼ö ÀÖµµ·Ï ÇÏ¿´´Ù. X-windowsÀÇ X11 Revision 6´Â 1994³â 4¿ù¿¡ ¹ßÇ¥µÇ¾ú°í, Áö±ÝÀº À¯´Ð½º°è¿¡¼­´Â °ÅÀÇ Ç¥ÁØÀ¸·Î ÀÚ¸®Àâ¾Ò´Ù. ÇöÀç´Â ÄÄÇ»ÅÍ È¸»çµé·Î °á¼ºµÈ XÄÁ¼Ò½Ã¾ö¿¡¼­ °³¹ßÀ» ¸Ã°í ÀÖ´Ù. X-windows´Â ÀÚÀ¯·Ó°Ô ¹èÆ÷µÉ ¼ö ÀÖ´Â ¶óÀ̼¾½º¸¦ °®°í ÀÖ´Ù. ¸®´ª½º¿¡¼­ÀÇ X-windowsµµ ±× Áß¿¡ ÇϳªÀÌ´Ù. ¸®´ª½º°¡ »ç¿ëÇÏ´Â °ÍÀÇ Á¤È®ÇÑ À̸§Àº XFree86ÀÌ´Ù. ÀÌ°ÍÀº MITÀÇ X386¼­¹ö·ÎºÎÅÍ ¹ßÀüÇÑ °ÍÀÌ´Ù. [±¸Á¶] X-windows°¡ À¯´Ð½º¿ë GUIÀ̹ǷΠ³×Æ®¿öÅ© ½Ã½ºÅÛ¿¡ ¾Ë¸Â°Ô µÇ¾îÀÖ¾î¾ß ÇÑ´Ù. Áï, ¿©·¯ °¡Áö ´Ù¸¥ ½Ã½ºÅÛÀ» ÇϳªÀÇ ¹æ½ÄÀ¸·Î ¹­¾î °ü¸®ÇÒ ¼ö ÀÖµµ·Ï ÇÒ ÇÊ¿ä°¡ ÀÖ¾ú´Ù. ±×·¡¼­ ¼­¹ö¿Í Ŭ¶óÀ̾ðÆ® °³³äÀ» µµÀÔÇß°í, ÀÌ¿¡µû¶ó ÇÁ·Î±×·¥ °³¹ßÀÚ´Â °¢°¢ÀÇ ¾ÆÅ°ÅØÃĸ¦ ½Å°æ¾²Áö ¾Ê°íµµ °³¹ßÀ» ÇÒ ¼ö ÀÖÀ¸¸ç °¢°¢ÀÇ ¾ÆÅ°ÅØÃÄ¿¡ ¸Âµµ·Ï ¿î¿ëµÇ¹Ç·Î ±× ½Ã½ºÅÛ ³ª¸§ÀÇ ÀåÁ¡À» È°¿ëÇÒ ¼ö ÀÖ´Ù. ÀÌ°ÍÀÌ ¹Ù·Î ÇÁ·Î±×·¥¿¡ ³ôÀº À̽ļºÀ» ºÎ¿©ÇÏ´Â ¿øÀÎÀÌ µÈ´Ù. X-windows ½Ã½ºÅÛÀ» ÀÌ·ç´Â °ÍÀ» ´ÙÀ½ 4°¡Áö·Î ³ª´­ ¼ö ÀÖ´Ù. >> X ¼­¹ö >> X Ŭ¶óÀ̾ðÆ® >> X ÇÁ·ÎÅäÄÝ >> X ¶óÀ̺귯¸® Server-Client : ±âº»ÀûÀ¸·Î, Ŭ¶óÀ̾ðÆ®´Â ÀÀ¿ëÇÁ·Î±×·¥À» ¸»ÇÑ´Ù. X À©µµ¿ì Ŭ¶óÀ̾ðÆ®´Â Á÷Á¢ÀûÀ¸·Î »ç¿ëÀÚ¿Í Åë½ÅÇÒ ¼ö ¾ø´Ù. Ŭ¶óÀ̾ðÆ®´Â ¼­¹ö·ÎºÎÅÍ Å°º¸µå ´©¸§À̳ª ¸¶¿ì½º ¹öÆ°ÀÇ ´©¸§°°Àº »ç¿ëÀÚÀÇ ÀÔ·ÂÀ» ¾òÀ» ¼ö ÀÖ´Ù. Ŭ¶óÀ̾ðÆ®´Â ¼­¹ö°¡ ±×¸²À» ±×¸®µµ·Ï ¿ä±¸ÇÏ´Â X À©µµ¿ì ¸í·ÉÀ» ½ÇÇàÇÑ´Ù. X ¼­¹ö¶õ ¾ÖÇø®ÄÉÀÌ¼Ç »ç¿ëÀÚÀÇ ÄÄÇ»ÅÍ¿¡¼­ ÀÛµ¿ÇÏ¸ç ±×·¡ÇÈ µð½ºÇ÷¹ÀÌ Çϵå¿þ¾î¸¦ Á¦¾îÇÏ°í ÀÔÃâ·ÂÀ» ´ã´çÇÑ´Ù. X ¼­¹ö´Â X Ŭ¶óÀ̾ðÆ® ¾ÖÇø®ÄÉÀ̼ÇÀÌ ½ºÅ©¸°¿¡ ¹«¾ùÀΰ¡¸¦ ±×¸®°Å³ª Å°º¸µå¿Í ¸¶¿ì½º·ÎºÎÅÍ ÀÔ·ÂÀ» ¹ÞÀ¸¶ó´Â ¿äûÀ» ¹Þ¾Æ ó¸®ÇÑ´Ù. ¸¶¿ì½º À̵¿°ú ¹öÆ° ´­¸² °°Àº ÀÔ·Â ½ÅÈ£¸¦ Ŭ¶óÀ̾ðÆ® ÇÁ·Î±×·¥¿¡ Àü´Þµµ ÇÑ´Ù. ¶ÇÇÑ º¹ÀâÇÑ µ¥ÀÌŸ ±¸Á¶Ã¼µéÀ» °ü¸®ÇÑ´Ù. ¼­¹öÀÇ ÀÌµé ±¸Á¶Ã¼ °ü¸®´Â Ŭ¶óÀ̾ðÆ®ÀÇ ÀúÀå ÀåÄ¡¿Í ÇÁ·Î¼¼½ÌÀ» °¨¼Ò½ÃŲ´Ù. ÀÌ°ÍÀº ³×Æ®¿÷À» ÅëÇÑ µ¥ÀÌŸÀÇ Àü¼Û·®À» ÁÙÀ̱â À§ÇØ ÇÊ¿äÇÏ´Ù. Çϵå¿þ¾î¿Í ¹ÐÁ¢ÇÑ X ¼­¹ö´Â °¢°¢ÀÇ Çϵå¿þ¾î¸¶´Ù ´Ù¸¥ ¼­¹ö°¡ Á¸ÀçÇÑ´Ù. X protocol : X Window¿¡¼­ °¢Á¾ 󸮴 Ŭ¶óÀ̾ðÆ®¿Í ¼­¹ö¶ó´Â µÎ°¡Áö ÇÁ·Î±×·¥ÀÌ ³ª´©¾î¼­ ÇÏ°í ÀÖ´Ù. Áï Ŭ¶óÀ̾ðÆ®´Â IPC¸¦ ÀÌ¿ëÇÏ¿© ¼­¹öÀÇ ÀåÄ¡ ÀÔÃâ·ÂÀ» Á¦¾îÇÑ´Ù. ÀÌ·¯ÇÑ X ¼­¹ö¿Í X Ŭ¶óÀ̾ðÆ®ÀÇ »óÈ£ ÀÛ¿ëÀº ¸Þ¼¼Áö ±³È¯À» ÅëÇØ ÀÌ·ç¾îÁö´Âµ¥, ¸Þ¼¼Áö ÇüÅÂ¿Í »ç¿ë¹ýÀ» X ÇÁ·ÎÅäÄÝÀ̶ó ÇÑ´Ù. X-windowsÀÇ Áß¿äÇÑ Æ¯Â¡ Áß Çϳª°¡ ÀÌ·¯ÇÑ ¸Þ¼¼Áö ±³È¯ÀÌ °°Àº ÄÄÇ»ÅÍ »ÓÀÌ ¾Æ´Ñ ³×Æ®¿öÅ©¸¦ ÅëÇؼ­µµ ÀÌ·ç¾îÁú ¼ö ÀÖ´Ù´Â °ÍÀÌ´Ù. ±×·¸±â¿¡, ½Ã½ºÅÛ »ç¾çÀÌ ³·Àº ÄÄÇ»ÅÍ »ç¿ëÀÚµµ ³×Æ®¿öÅ© ÄÄÇ»ÅÍ¿¡ Á¸ÀçÇÏ´Â X Ŭ¶óÀ̾ðÆ® ÇÁ·Î±×·¥À» ÀÚ½ÅÀÇ È­¸é¿¡ Ç¥½ÃÇÏ¿© ½ÇÇà½ÃÅ°´Â °ÍÀÌ °¡´ÉÇÑ °ÍÀÌ´Ù. X protocolÀº ¼­¹ö¿Í Ŭ¶óÀ̾ðÆ® »çÀÌ¿¡¼­ Åë½ÅµÇ´Â Request, Reply, Event, Error ÀÇ ±âº» ¸Þ½ÃÁöÀÌ´Ù. Ŭ¶óÀ̾ðÆ®°¡ À©µµ¿ì¸¦ »ý¼ºÇØ´Þ¶ó°Å³ª µµÇüÀ» Ãâ·ÂÇØ´Þ¶ó´Â ¿ä±¸¸¦ request queue¿¡ ³Ö¾î ¼­¹ö¿¡°Ô º¸³»¸é, ¼­¹ö´Â Çϵå¿þ¾î¸¦ Á¦¾î, È­¸é¿¡ µð½ºÇ÷¹ÀÌÇÑ ÈÄ ´ä½ÅÀ» º¸³½´Ù. ¶ÇÇÑ ¼­¹ö´Â Çϵå¿þ¾î·ÎºÎÅÍ µé¾î¿À´Â ÀÔ·Â(¿¹¸¦ µé¾î, ¸¶¿ì½º³ª Å°º¸µåÀÇ ÀÔ·Â)À» ¹Þ¾Æµé¿© event queue¿¡ ³Ö¾î Ŭ¶óÀ̾ðÆ®¿¡ º¸³»¸é Ŭ¶óÀ̾ðÆ®°¡ ±×¿¡ µû¸¥ 󸮸¦ ÇÑ´Ù. ¸®´ª½º IPC(Inter-process communication)Àº ¿©·¯ ÇÁ·Î¼¼½ºµéÀÌ ´Ù¸¥ ÇÁ·Î¼¼½º¿Í Åë½ÅÇÒ ¼ö ÀÖ´Â ¹æ¹ýÀ» Á¦°øÇÑ´Ù. ¸®´ª½º C ÇÁ·Î±×·¡¸ÓµéÀÌ ÀÌ¿ëÇÒ ¼ö ÀÖ´Â IPC ¹æ¹ý¿¡´Â ¾Æ·¡¿Í °°Àº ¸î°¡Áö°¡ ÀÖ´Ù. ¹ÝÀÌÁß À¯´Ð½º ÆÄÀÌÇÁ (Half-duplex UNIX pipes) FIFOs (named pipes) SysV ½ºÅ¸ÀÏ ¸Þ¼¼Áö Å¥ (SysV style message queues) SysV ½ºÅ¸ÀÏ ¼¼¸¶ÆÛ ÁýÇÕ (SysV style semaphore sets) SysV ½ºÅ¸ÀÏ °øÀ¯¸Þ¸ð¸® ¼¼±×¸àÆ® (SysV style shared memory segments) ³×Æ®¿öÅ· ¼ÒÄÏ (¹öŬ¸® ½ºÅ¸ÀÏ) (Networking sockets (Berkeley style)) ÀüÀÌÁß ÆÄÀÌÇÁ (Full-duplex pipes (STREAMS pipes) ÀÌ·¯ÇÑ ¹æ¹ýµéÀÌ È¿°úÀûÀ¸·Î »ç¿ëµÉ ¶§, ¸®´ª½º¸¦ Æ÷ÇÔÇÑ ¸ðµç À¯´Ð½º ½Ã½ºÅÛ¿¡¼­ÀÇ Å¬¶óÀ̾ðÆ®/¼­¹ö °³¹ßÀ» À§ÇÑ °ß°íÇÑ ÇÁ·¹ÀÓ¿÷Å©(framework)¸¦ Á¦°øÇÑ´Ù. Xlib, X toolkit : X¿¡¼­ÀÇ ÇÁ·Î±×·¥ °³¹ßÀº ½Ã½ºÅÛÀÇ OS³ª Çϵå¿þ¾î¿¡ ÀÇÁ¸ÀûÀÎ Á¶ÀÛÀ» ó¸®ÇØÁÖ´Â ¼­¹ö¿Í ´ëÈ­ÇÒ ¼ö ÀÖµµ·Ï X protocolÀ» ÀÌÇØÇØ¾ß ÇÑ´Ù. ±×·±µ¥ ÀÌ X protocolÀº Xlib¶ó´Â ¶óÀ̺귯¸® ·çƾÀ¸·ÎºÎÅÍ ¹ß»ý½ÃŲ´Ù. ±×·¯³ª XlibÀÇ ±â´ÉÀº ±×´ÙÁö ¸¹Áö ¾Ê´Ù. È­¸é¿¡ ±×¸²À» ±×¸®°í ¸¶¿ì½º¿¡ ¹ÝÀÀÇÏ´Â µîÀÇ ±â´É¸¸À» °®°í ÀÖ´Ù. Áï, Àú¼öÁØ ÀÎÅÍÆäÀ̽ºÀÌ´Ù. ±×·¡¼­ À̰ͺ¸´Ù »óÀ§ ¶óÀ̺귯¸®ÀÎ X toolkitÀ» »ç¿ëÇÑ´Ù. Xt Intrinsics, Xaw, XView, Motif, Qt, GTK µîÀÌ ±×°ÍÀÌ´Ù. [X ½ÇÇà¼ø¼­] ¿ì¸®´Â X-windows¸¦ ±¸µ¿Çϱâ À§ÇØ startx¶ó´Â ¸í·É¾î¸¦ »ç¿ëÇÑ´Ù. ±×·±µ¥, ÀÌ startx ¸í·ÉÀº ¹ÙÀ̳ʸ®·Î µÈ ÆÄÀÏÀÌ ¾Æ´Ï¶ó ½ºÅ©¸³Æ® ÆÄÀÏÀÌ´Ù. Áï ÆíÁý±â·Î ºÒ·¯¼­ ÆíÁýÀ» ÇÒ ¼ö ÀÖ´Ù. ÀÌ ÆÄÀÏÀº xinitÀ» ½ÇÇà½ÃŲ´Ù. ±×·¯¸é xinitÇÁ·Î¼¼½º´Â xinitrcÀÇ ¼³Á¤À» ÂüÁ¶ÇÏ¿© X ¼­¹ö¸¦ ±¸µ¿½ÃŲ´Ù. [È°¿ë] µð·ºÅ丮 ±¸Á¶¿Í ÆÄÀÏÀÇ ¿ªÇÒ ¨ç µð·ºÅ丮 [½ÇÇà ÆÄÀÏ µð·ºÅ丮 : /usr/X11R6/bin] : ±âº»ÀûÀ¸·Î X À©µµ¿ì ¼­¹ö¿Í ±âº»ÀûÀÎ ¹ÙÀ̳ʸ® ÆÄÀÏÀÌ ÀúÀåµÇ¾îÀÖ´Ù. [Çì´õ ÆÄÀÏ°ú ¶óÀ̺귯¸® : /usr/X11R6/include, /usr/X11R6/lib] : X À©µµ¿ì ÇÁ·Î±×·¡¹ÖÀ» À§ÇÑ ±âº» ¶óÀ̺귯¸® XLIB, X11, Xt intrinsics,Xaw(3d) °¡ Á¸ÀçÇÑ´Ù. ±×¸®°í Motif±îÁö ¼³Ä¡Çß´Ù¸é Xm Çì´õ ÆÄÀÏ ¹× ¶óÀ̺귯¸® ÆÄÀÏÀÌ Á¸ÀçÇÑ´Ù. [¸®¼Ò½º¿Í ¼³Á¤ ÆÄÀÏ : /usr/X11R6/lib/X11, /var/X11R6/lib] : µÎ °³ÀÇ µð·ºÅ丮´Â ¸µÅ©·Î ¿¬°áµÇ¾îÀÖ´Ù. ÀÌ ¾È¿¡´Â ¿©·¯°³ÀÇ µð·ºÅ丮°¡ Àִµ¥, ±×Áß app-defaults¶ó´Â µð·ºÅ丮°¡ ¿©·¯ °¡Áö ÇÁ·Î±×·¥ÀÇ ¸®¼Ò½º ÆÄÀÏÀÌ µé¾îÀÖ´Â µð·ºÅ丮ÀÌ´Ù. xinitµð·ºÅ丮¿¡´Â X À©µµ¿ì¸¦ ±¸µ¿ÇÒ ¶§ ÇÊ¿äÇÑ ±âº» ¼³Á¤ ÆÄÀϵéÀÌ ÀúÀåµÇ¾îÀÖ´Ù. ¶ÇÇÑ À©µµ¿ì ¸Å´ÏÁ® ¼³Á¤ ÆÄÀÏ, Áö¿ªÈ­¿Í ±¹Á¦È­¸¦ À§ÇÑ locale µ¥ÀÌÅ͵µ ÀúÀåµÇ¾îÀÖ´Ù. [±Û²Ã µð·ºÅ丮 : /usr/X11R6/lib/fonts] : X À©µµ¿ì¿Í ÇÁ·Î±×·¥µé¿¡ ÇÊ¿äÇÑ ±Û²ÃµéÀÌ ÀúÀåµÇ¾îÀÖ´Ù. [¸Þ´º¾ó ÆäÀÌÁö: /usr/X11R6/man] : X À©µµ¿ì¿¡ ÇÊ¿äÇÑ man ÆäÀÌÁö(µµ¿ò¸»)°¡ ÀúÀåµÇ¾îÀÖ´Ù. ¨è ÆÄÀϵéÀÇ ¿ªÇÒ XF86Config (/etc/X11/XF86Config, /usr/X11R6/lib/X11/XF86Config) : X¸¦ ¼³Ä¡ÇÏ°í xf86config¸¦ ½ÇÇà½ÃÅ°¸é »ý¼ºµÇ´Â ÆÄÀÏ·Î XFree86ÀÇ ¼³Á¤ÆÄÀÏÀÌ´Ù. ÆùÆ®ÀÇ °æ·Î, ¸¶¿ì½º, ºñµð¿ÀÄ«µå, ¸ð´ÏÅÍ Å¬·°, ÇØ»óµµ °°Àº °ÍÀ» ¼³Á¤ÇÑ´Ù. xinitrc (/etc/X11/xinit/xinitrc, $HOME/.xinitrc) : X ¼­¹ö¸¦ ¶ç¿ï ¶§ ÂüÁ¶ÇÏ´Â ¼³Á¤ÆÄÀÏÀÌ´Ù. Ȩµð·ºÅ丮ÀÇ .xinitrcÆÄÀÏÀ» ¿ì¼±ÀûÀ¸·Î Àû¿ëÇÏ°í, ±× ÆÄÀÏÀÌ ¾øÀ¸¸é /etc/X11/xinit/xinitrcÀ» ÂüÁ¶ÇÑ´Ù. ÀÌ ÆÄÀÏ¿¡´Â »ç¿ëÀÚ Á¤ÀÇ ÆÄÀÏÀÎ Xresources ÆÄÀÏ Á¤ÀÇ¿Í »ç¿ëÇÒ À©µµ¿ì ¸Å´ÏÀú, ÀÀ¿ë ÇÁ·Î±×·¥À» Àû¾îµÐ´Ù. Xdefaults ($HOME/.Xdefaults) : Xdefaults ÆÄÀÏÀº Ȩ µð·ºÅ丮¿¡ ÀÖ¾î¾ßÇϸç, ƯÁ¤ ÇÁ·Î±×·¥ÀÌ ¿ä±¸Çϴ ȯ°æ º¯¼ö¸¦ ÁöÁ¤ÇÑ´Ù. Xmodemap ($HOME/.Xmodmap) : Å°º¸µå¸¦ Á¤ÀÇÇÏ´Â ÆÄÀÏ·Î Å° Äڵ带 Ascii ÄÚµå·Î ¹Ù²Û´Ù. ÀÌ¿Ü¿¡µµ °¢°¢ÀÇ Å¬¶óÀ̾ðÆ®´Â /usr/lib/X11/app-defaults¶ó´Â µð·ºÅ丮¿¡ °¢°¢ÀÇ ¸®¼Ò½º ÆÄÀÏÀ» °¡Áö°í ÀÖ´Ù. [À©µµ¿ì ¸Þ´ÏÀú¿¡ ´ëÇÏ¿©] À©µµ¿ì ¸Þ´ÏÁ®´Â X À©µµ¿ì ½Ã½ºÅÛÀÇ ¿ÜÇüÀ» °áÁ¤Áþ´Â ÇÁ·Î±×·¥ÀÌ´Ù. À©µµ¿ì ¸Þ´ºÀÇ ±¸¼º, ¸¶¿ì½º ¹öÆ°ÀÇ µ¿ÀÛ, ½ºÅ©·Ñ¹Ù, ¾ÆÀÌÄÜ µîÀ» ÀÌ À©µµ¿ì ¸Þ´ÏÁ®°¡ °áÁ¤ÇÏ´Â °ÍÀÌ´Ù. ShellÀÇ Á¾·ù°¡ ¿©·¯ °¡Áö°¡ ÀÖ°í, MS-Windows¿¡¼­µµ ÇÁ·Î±×·¥ ¸Å´ÏÀú ¿Ü¿¡ ´Ù¸¥ ÇÁ·Î±×·¥µéÀ» shell·Î »ç¿ëÇÒ¼ö ÀÖµíÀÌ XFree86¿¡¼­µµ »ç¿ëÇÏ´Â À©µµ¿ì ¸Þ´ÏÀú°¡ ¿©·¯ °¡Áö°¡ ÀÖ´Ù. ¸¹ÀÌ »ç¿ëµÇ´Â °ÍÀ¸·Î twm, fvwm(°¡Àå ³Î¸® »ç¿ëµÊ), olvwm(Xview[TM] package·ÎºÎÅÍ »ç¿ë), mwm(Motif[TM]ÀÇ ºÎºÐ), WindowMaker, AfterStep, NeXTSTEP µîÀÌ ÀÖ´Ù. À©µµ¿ì ¸Þ´ÏÀú¸¶´Ù ¸ð¾ç°ú ±â´ÉÀÇ Â÷ÀÌ°¡ ÀÖ°í, ¸¶¿ì½º ¹öÆ°À» »ç¿ëÇÏ´Â °Íµµ Â÷ÀÌ°¡ ÀÖ´Ù. XFree86ÀÌ ½ÇÇàµÇ¸é À§ÀÇ À©µµ¿ì ¸Å´ÏÀú Áß Çϳª·Î, ȤÀº 2°³ ÀÌ»óÀÇ ¸Å´ÏÀú·Î ½ÇÇàµÈ´Ù. °¢°¢ÀÇ ¸Å´ÏÀúº°·Î ¾à°£ÀÇ ±¸¼º°ú ¸¶¿ì½º Å°, ¸Þ´º µî¿¡ Â÷ÀÌ°¡ ÀÖ´Ù. ¸¸¾à, ÀÌ ¸Å´ÏÀú Áß ¾Æ¹«°Íµµ ½ÇÇàÀÌ ¾ÈµÈ´Ù¸é À©µµ¿ì °°Àº °ÍÀÌ ¶ßÁö¸¸ ÇÑ ÂÊ ±¸¼®¿¡ single tasking ¸ðµâÀÇ È­¸é Çϳª°¡ ³ª¿Ã »ÓÀÌ´Ù. ÀÌ »óÅ¿¡¼­´Â ´ÜÁö ÇϳªÀÇ ÄÜ¼Ö »óÅÂ¿Í ºñ½ÁÇÑ »óȲÀε¥, ¿©±â¿¡¼­ 'fvwm&'À̶ó°í Ä¡¸é ¸Å´ÏÀú°¡ ½ÇÇàµÈ´Ù. ¨ç fvwm °¡Àå ¸¹ÀÌ »ç¿ëµÇ´Â À©µµ¿ì ¸Å´ÏÀú·Î 'startx'·Î XÀ©µµ¿ì¸¦ ±¸µ¿ÇÏ¸é ³ªÅ¸³ª´Â À©µµ¿ì ¸Å´ÏÀúÀÌ´Ù. ¸¶¿ì½º ¹öÆ° 3°³¸¦ ¸ðµÎ »ç¿ëÇÑ´Ù. # ¿ÞÂÊ ¹öÆ° : À©µµ¿ìÀÇ ¹é±×¶ó¿îµå¿¡¼­ X¿ë ÇÁ·Î±×·¥ ¸Þ´º¸¦ ºÎ¸¥´Ù. # °¡¿îµ¥ ¹öÆ° : À©µµ¿ì ¸Þ´º¸¦ È£ÃâÇÑ´Ù. ¹é±×¶ó¿îµå¿¡¼­ ºÎ¸¦ ¼ö ÀÖ°í, À©µµ¿ìÀÇ Å¸ÀÌƲ ¹Ù¿¡¼­ À©µµ¿ì ¸Þ´º¸¦ È£ÃâÇÒ¼ö ÀÖ´Ù. ¹é±×¶ó¿îµå¿¡¼­ À©µµ¿ì ¸Þ´º¸¦ È£ÃâÇÏ¸é ¼±ÅÃµÈ °ÍÀº ¾î´À À©µµ¿ì¿¡ ÁöÁ¤ÇÒ ¼ö ÀÖ°í, ŸÀÌƲ ¹Ù¿¡¼­´Â ±× À©µµ¿ì¿¡ ÇÑÁ¤µÈ´Ù. °¡¿îµ¥ ¹öÆ°ÀÌ ¾ø´Â ¸¶¿ì½º´Â µÎ °³ÀÇ ¹öÆ°À» µ¿½Ã¿¡ ´©¸£¸é µÈ´Ù. # ¿À¸¥ÂÊ ¹öÆ° : ÇöÀç ½ÇÇàµÇ°í ÀÖ´Â À©µµ¿ìÀÇ ¸®½ºÆ®¸¦ º¸¿©ÁØ´Ù. MS-WindowsÀÇ ÀÛ¾÷°ü¸®ÀÚ¿Í °°Àº ¿ªÇÒÀÌ´Ù. ¨è olvwm, olwm olvwmÀº openwinÀ¸·Î À©µµ¿ì¸¦ ½ÇÇàÇßÀ» ¶§ »ç¿ëµÇ´Â À©µµ¿ì ¸Å´ÏÀúÀÌ´Ù. ÀÌ°ÍÀº ½ã ½ºÆŽºÅ×À̼ÇÀÇ OpenWindow¿Í ºñ½ÁÇÑ ÀÎÅÍÆäÀ̽ºÀÌ´Ù. È­¸éÀÌ ´Ü¼øÇÏ°í È­·ÁÇÏÁö ¾Ê´Ù. ¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°À¸·Î ÇÁ·Î±×·¥À» È£ÃâÇÑ´Ù. olvwmÀº olwm¿¡ °¡»ó È­¸éÀ» »ç¿ëÇϵµ·Ï ±â´ÉÀ» Ãß°¡ÇÑ °ÍÀÌ´Ù. ¸¶¿ì½ºÀÇ ¿À¸¥ÂÊ ¹öÆ°À¸·Î ÇÁ·Î±×·¥À» È£ÃâÇÑ´Ù. ¿©±â¿¡ µî·ÏµÈ ¸Þ´º·Î °ÅÀÇ ¸ðµç ¾îÇø®ÄÉÀ̼ÇÀ» ½ÇÇàÇÒ ¼ö ÀÖ´Ù. ¨é mwm mwmÀº MotifÀÇ À©µµ¿ì¸Å´ÏÀú·Î ¸®´ª½º¿¡ ±âº»ÀûÀ¸·Î µé¾î ÀÖ´Â °ÍÀº ¾Æ´Ï´Ù. Motif´Â »ó¿ëÀ̸ç XÀ©µµ¿ìÀÇ ÇϳªÀÇ Ç¥ÁØÀÌ´Ù. Moif¿ëÀ¸·Î °³¹ßµÈ ÇÁ·Î±×·¥Àº ÄÄÇ»ÅÍÀÇ ±âÁ¾¿¡ »ó°ü¾øÀÌ ¼Ò½º¸¦ °¡Á®¿Í ÄÄÆÄÀÏÇÏ´Â °Í¸¸À¸·Î ´Ù¸¥ ±âÁ¾ÀÇ ÄÄÇ»ÅÍ¿¡ À̽ÄÇÒ ¼ö ÀÖ´Ù´Â ÀåÁ¡ÀÌ ÀÖ´Ù. mwmÀº fvwm°ú ºñ½ÁÇÏ°Ô ¿À¸¥ÂÊ ¸¶¿ì½º ¹öÆ°À¸·Î ÇÁ·Î±×·¥ ¸Å´ÏÀú¸¦ ´ë½Å ÇÏÁö¸¸ fvwm¿¡ ºñÇØ ±â´ÉÀÌ ÇöÀúÈ÷ Àû´Ù. ÇÁ·Î±×·¥À» ½ÇÇàÇϱâ À§Çؼ­´Â xtermÀ» Çϳª ½ÇÇàÇÒ ¼ö ÇÁ·ÒÇÁÆ® »óÅ¿¡¼­ ÀÔ·ÂÇϰųª ÆÄÀÏ ¸Å´ÏÀú¿¡¼­ ½ÇÇàÇØ¾ß ÇÑ´Ù. ¨ê WindowMaker WindowMaker´Â ÃÖ±Ù¿¡ ³ª¿Â À©µµ¿ì ¸Å´ÏÀúÀÌ´Ù. NeXTSTEPÀÇ ¸ð½À°ú ºñ½ÁÇÑ À©µµ¿ì ¸Å´ÏÀúÀ̱⵵ ÇÏ´Ù. ¼³Ä¡¿Í ¼³Á¤ÀÌ °£´ÜÇÏ°í ¸Þ´ºÆíÁýÀ̳ª ¿©·¯°¡Áö ¸é¿¡¼­ °£´ÜÇÏ°í ½¬¿ì¸ç ¶Ç ¸ÚÁø È­¸éÀ» ±¸¼ºÇÒ ¼ö ÀÖ´Ù. ¼³Á¤ÆÄÀÏÀº ¼³Ä¡ÇÏ°í ³­ ÈÄ È¨µð·ºÅ丮¿¡¼­ wmaker.inst¸¦ ½ÇÇàÇÏ¸é »ý±â´Â GNUstep µð·ºÅ丮¿¡ ¸ð¿©ÀÖ´Ù. $HOME/GNUstep/Defaults/ ¾È¿¡ ÀÖ´Â ³× °³ÀÇ ÆÄÀÏ(WMRootMenu,WMState, WMWindowAttributes,WindowMaker)°ú $HOME/GNUstep/Library/WindowMaker¾È¿¡ ÀÖ´Â menuÆÄÀÏÀÌ ±×°ÍÀÌ´Ù. [XDM(X Display Manager)] LoginÇÏ°í ³ª¼­ ÀÚµ¿ÀûÀ¸·Î X¸¦ ½ÇÇà½ÃÅ°·Á¸é »ç¿ëÇÏ´Â ½©¿¡ µû¶ó, .profileÀ̳ª .login°°Àº ÆÄÀÏ¿¡ startx ¸í·É¾î¸¦ Àû¾îµÎ¸é µÇÁö¸¸, ¾Æ¿¹ óÀ½ºÎÅÍ X Å͹̳Îó·³, ºÎÆÃÇÏÀÚ¸¶ÀÚ X·Î ·Î±×ÀÎÇÏ·Á¸é xdmÀ» ÀÌ¿ëÇÏ¸é µÈ´Ù. /etc/inittab ÆÄÀÏ¿¡¼­ # Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) id:3:initdefault: ¶ó´Â ÁÙÀÌ Àִµ¥, º¸½Ã´Ù½ÃÇÇ 5¹ø ·¹º§ÀÌ X Àü¿ë¸ðµåÀÌ´Ù. µû¶ó¼­ ÀÌ°ÍÀ» id:5:initdefault:·Î ¹Ù²ãÁÖ°í ¸®ºÎÆýÃÅ°¸é, X°¡ ½ÇÇàµÇ¸é¼­ ·Î±×ÀÎ È­¸éÀÌ ³ª¿Â´Ù. xdmÀ» »ç¿ëÇÒ¶§¿¡´Â »ç¿ëÇÏ·Á´Â À©µµ¿ì ¸Å´ÏÀú µîÀÇ ¼³Á¤À» /usr/lib/X11/xdm µð·ºÅ丮ÀÇ Xsession ÆÄÀÏÀ̳ª Ȩµð·ºÅ丮ÀÇ .Xsession ÆÄÀÏ¿¡ ÀûÀ¸¸é µÈ´Ù. ´Ü, Ȩµð·ºÅ丮ÀÇ .XsessionÆÄÀÏÀ» »ç¿ëÇÒ¶§¿¡´Â ½ÇÇàÆ۹̼ÇÀÌ ÁÖ¾îÁ®ÀÖ´ÂÁö º¸¾Æ¾ß ÇÑ´Ù. ½ÇÇàÆ۹̼ÇÀÌ ¾øÀ¸¸é µ¿ÀÛÇÏÁö ¾Ê´Â´Ù. [°³¹ß ȯ°æ(GUI library)] ¿¹Àü¿¡´Â GUIȯ°æÀÌ Áß¿ä½ÃµÇÁö ¾Ê¾ÒÀ¸³ª ½Ã°£ÀÌ Áö³ª¸é¼­ À©µµ¿ì°¡ »ý±â°í, ´õ¿í ÆíÇÑ ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÑ »ç¿ëÀÚÀÇ ¿ä±¸°¡ ´Ã¾î³²¿¡ µû¶ó GUI¸¦ À§ÇÑ ¶óÀ̺귯¸®°¡ ÇÊ¿äÇØÁ³´Ù. ¸ðƼÇÁ°¡ ³ª¿À¸é¼­ À¯´Ð½º°è¿¡¼­´Â ¸ðƼÇÁ¸¦ ¸¹ÀÌ »ç¿ëÇÏ¿´°í, ±×·¯ÇÑ Ãß¼¼´Â ÇöÀç±îÁö À̾îÁø´Ù. ±×·¯³ª ¸®´ª½º¿¡¼­´Â ¸ðƼÇÁ°¡ »ó¿ëÀ̾ ³Î¸® ¾²ÀÌÁö ¸øÇÏ°í Xlib, Xt, Xaw, XViewµîÀ» »ç¿ëÇϰųª ¸ðƼÇÁ Ŭ·ÐÀÎ lesstif¸¦ »ç¿ëÇÏ¿´´Ù. ÇÏÁö¸¸ ¸ðƼÇÁ ½ºÅ¸Àϵµ ¼¼·ÃµÇÁö ¸øÇÑ ÀÎÅÍÆäÀ̽º·Î »õ·Î¿î ¶óÀ̺귯¸® °³¹ßÀÌ ¿ä±¸µÇ¸ç ÀÌ¹Ì È°¹ßÈ÷ ÁøÇàµÇ°í ÀÖ´Ù. ¶ÇÇÑ ¶óÀ̺귯¸®¿Í À©µµ¿ì ¸Å´ÏÀú, À̸¦ µÞ¹ÞħÇÏ´Â ¾îÇø®ÄÉÀÌ¼Ç ÁýÇÕÀ¸·Î ±¸¼ºµÈ µ¥½ºÅ©Å¾ ÇÁ·ÎÁ§Æ®ÀÇ °³¹ßÀÌ È°¹ßÇÏ´Ù. Qt-KDE, GTK-GNOME µîÀÌ ±× ¿¹ÀÌ´Ù. ¥². ¸®´ª½ºÀÇ È°¿ë 1. ¸®´ª½º & Networking ÀϹÝÀûÀ¸·Î ³×Æ®¿öÅ© ¼³Á¤Àº Äֻܼ󿡼­ °¡´ÉÇÏÁö¸¸ ·¹µåÇÞÀÇ netcfgÅø(XÀ©µµ¿ì ȯ°æ)À» »ç¿ëÇÏ¸é ¼³Á¤Çϱ⠽±´Ù. À̸¦ ¾Ë¾Æº¸ÀÚ. ¼³¸í¿¡ ¾Õ¼­ Ä¿³Î³»¿¡¼­ ³×Æ®¿öÅ©Ä«µå(ÀϹÝÀûÀ¸·Î ¸»ÇÏ´Â ·£Ä«µå)¼³Á¤Àº µÇ¾î ÀÖ´Â °É·Î ÇÑ´Ù. ¿ì¼± À§ÀÇ ±×¸²À» Âü°í·Î ¼³¸íÀ» Çغ¸ÀÚ ÀÌ ºÎºÐ¿¡¼­ ¼³Á¤ÇÏ´Â °ÍÀº ÄÄÇ»ÅÍÀÇ Hostname, Domain°ú Search domain name ±×¸®°í Áß¿äÇÑ Nameserver ¼³Á¤ºÎºÐÀÌ´Ù. Hostname ÀÌ ºÎºÐÀº ³×Æ®¿öÅ©¿¡ ¹°¸° ÄÄÇ»ÅÍÀÇ ³×ÀÓ¼³Á¤ ÅÇÀÌ´Ù. ÀÌ ºÎºÐ¿¡ ÀÚ½ÅÀÇ È£½ºÆ® ³×ÀÓÀ» ½áÁÖÀÚ. ¿¹) host.yourname.com Domain µµ¸ÞÀÎ ³×ÀÓ ¼³Á¤ ºÎºÐÀÌ´Ù. ÇÒ´çµÈ µµ¸ÞÀκκÐÀÇ µµ¸ÞÀθ¸ ÀûÀ¸¸é µÈ´Ù. À§¿¡ È£½ºÆ® ³×ÀÓÀÇ µÞºÎºÐÀ» Àû¾îÁÖ¸é µÇ´Â °ÍÀÌ´Ù. ¿¹) yourname.com Search for hostnames in additional domains ÀϹÝÀûÀ¸·Î ³×Æ®¿öÅ©¿¡ ¹°¸° ÄÄÇ»ÅÍ´Â °¢ÀÚ µµ¸ÞÀÎ ³×ÀÓÀ» ¹ÞÀ»¼ö ÀÖ´Ù. ÀÌ·² ¶§ È£½ºÆ®³×ÀÓ¸¸À» ÃÄÁֱ⸸ Çصµ ±× ÄÄÇ»Å͸¦ ³×Æ®¿öÅ© ¾ï¼¼½º ÇÒ ¼ö Àִµ¥ ÀÌ°ÍÀº ÀÌ ¼³Á¤ºÎºÐ¿¡ µµ¸ÞÀÎ ³×ÀÓ µÞºÎºÐ¿¡ ºÙÀ» µµ¸ÞÀÎÀ» Àû¾îÁÜÀ¸·Î½á °¡´ÉÇÏ´Ù. ¼øÂ÷ÀûÀ¸·Î °Ë»öÀ» ÇÑ´Ù. ¿¹) clug.net domain.net À̶ó°í ¼³Á¤µÇ¾î ÀÖ°í ÀÚ½ÅÀÇ ÄÄÇ»ÅÍÀÇ È£½ºÆ®³×ÀÓÀ» hostnameÀ̶ó°í ÇÒ ¶§, # telnet hostname À̶ó°í Ä£´Ù¸é ¿ì¼± clug.netÀ» ºÙ¿©¼­ °Ë»öÀ» ÇÑ´Ù. hostname.clug.netÀÌ ¾×¼¼½ºÇÏ°íÀÚ ÇÏ´Â µµ¸ÞÀÎ ³×ÀÓÀÌ µÇ´Â °ÍÀÌ´Ù. ¸¸ÀÏ hostname.clug.netÀÌ °Ë»ö´ë»ó¿¡ ¾ø´Ù¸é hostname.domain.netÀ» ã°Ô µÈ´Ù. ÀÌ·±½ÄÀ¸·Î ÇÏ¸é »ç¿ëÀÚ°¡ µµ¸ÞÀÎ ¼­ºê¿¡ ¹°¸° »óÅ¿¡¼­ ÀÏÀÏÀÌ µµ¸ÞÀÎÀ» ´Ù Ä¥ ÇÊ¿ä¾øÀÌ È£½ºÆ®³×ÀÓ¸¸À» ÃÄÁÜÀ¸·Î½á ¾×¼¼½º °¡´ÉÇÏ´Ù. µû¶ó¼­ ¼³Á¤À» ¾ÈÇÏ¿©µµ »ó°üÀº ¾ø´Ù´Â °ÍÀÌ´Ù. Nameservers À̺κÐÀº À§ÀÇ µµ¸ÞÀγ×ÀÓÀ» °Ë»öÇÏ´Â ³×ÀÓ¼­¹ö¸¦ ÁöÁ¤ÇÏ´Â °ÍÀÌ´Ù. °£´ÜÇÏ°Ô µµ¸ÞÀÎ ³×ÀÓÀÌ µî·ÏµÇ¾î ÀÖ´Â ¼­¹ö¸¦ ÁöÁ¤ÇÏ¿©µµ ÁÁ°í Á»´õ ºü¸¥ µµ¸ÞÀÎ ¼­¹ö°¡ ÀÖ´Ù¸é Ãß°¡ÇÏ¿©µµ ¹«¹æÇÏ´Ù. ÀÌ°÷¿¡´Â ´ç¿¬È÷ ip¸¦ Àû¾îÁÖ¾î¾ß ÇÑ´Ù. ÀÌ È­¸éÀº ·ÎÄà ÄÄÇ»Åͳ»¿¡ ip¿Í ´Ð³×ÀÓÀ» Àû¾îÁÙ¼ö ÀÖ´Ù. aliasÀ̶ó°í »ý°¢ÇÏ¿©µµ ¹«¹æÇÏ´Ù. ¿¹¸¦ µé¾î ip:200.200.200.200 Name:moon Nicknames: dall À̾úÀ» °æ¿ì ipºÎºÐÀ» ³×ÀÓ ¼­¹ö¿¡¼­ ã±âÀü¿¡ ¿ì¼± ÀÌ ¼³Á¤ ºÎºÐÀ» ¸ÕÀú °Ë»öÇÏ°Ô µÇ¾î¼­ # telnet moon À̶ó°í ¸í·ÉÀ» ÁÖ¾úÀ» °æ¿ì ip¸¦ ¹Ù·Î ã°Ô µÇ´Â °ÍÀÌ´Ù. °£´ÜÇÏ°Ô ¸»ÇÏ¸é ·ÎÄà ³×ÀÓ ¼­¹öÀÇ ±â´ÉÀ̶ó°í º¼ ¼öµµ ÀÖÀ» °ÍÀÌ´Ù. À̺κÐÀº /etc/hostsÆÄÀÏ¿¡ ÀúÀåµÈ´Ù. ÀÌ È­¸éÀº ³×Æ®¿öÅ©°¡ ³ª°¡´Â interface¸¦ ¼³Á¤ÇÏ°Ô µÇ¾î ÀÖ´Ù. Áï ÄÄÇ»ÅÍ¿¡ ²ÅÈù Ä«µå¸¦ ¾×¼¼½º ÇÒ ¼ö ÀÖ´Â ºÎºÐÀ» ¼³Á¤ÇÏ°Ô µÇ¾î ÀÖ´Ù. ÀϹÝÀûÀ¸·Î ·£Ä«µå°¡ ¾ø´Ù¸é loºÎºÐ(localhost)ºÎºÐ¸¸ÀÌ ¼³Á¤µÇ¾î ÀÖ´Ù. ·ÎÄóݸ¸À» Á¢¼ÓÇÏ·Á¸é ÀÌ°ÍÀ» ½áµµ ¹«¹æÇÏ´Ù. °¡»ó ·£Ä«µåÀÇ ¿ªÇÒÀ» Çϱ⠶§¹®ÀÌ´Ù. ¸¸ÀÏ ·£Ä«µå°¡ Ä¿³Î³»¿¡ ÀâÇôÀÖ´Ù¸é À̸¦ ³×Æ®¿öÅ© ÀÎÅÍÆäÀ̽º ¼³Á¤À¸·Î ¾ï¼¼½ºÇÒ¼ö ÀÖ°Ô ÇؾßÇÑ´Ù. ±×·¯±â À§Çؼ­ Ãß°¡¸¦ ÇÏ·Á¸é addÅÇÀ» ´©¸£°í ethernetºÎºÐ ÅÇÀ» ¼±ÅÃ(ppp¿Í ±âŸ ŸÀÔÀ» ¼³Á¤ÇÏ´Â ºÎºÐ)Çϸé eth*À̸§À¸·Î ³ª¿À°Ô µÇ¾î ÀÖ´Ù. ù ¹ø° Ä«µå¶ó¸é eth0°¡ µÉ °ÍÀÌ´Ù. µÎ ¹ø° Ä«µå¶ó¸é eth1 ÀÌ·±½ÄÀ¸·Î À̸§ÀÌ »ý¼ºµÈ´Ù. ÀÌ ºÎºÐ¿¡¼­ ¼³Á¤ÇÒ °ÍÀ» Á¤¸®Çغ¸¸é ip: ÄÄÇ»ÅÍ¿¡ ÇÒ´çµÈ ip¸¦ Àû´Â´Ù. netmask: ³×Æ®¿öÅ© ¾ï¼¼½º ´ë¿ªÀ» ¼³Á¤ÇÏ´Â °ÍÀ¸·Î ÀϹÝÀûÀ¸·Î 255.255.255.0À¸·Î ¼³Á¤ÇÏ¸é µÉ °ÍÀÌ´Ù. ±× ´ÙÀ½¿¡ ºÎÆÃÇÒ ¶§¸¶´Ù ÀÌ ÀÎÅÍÆäÀ̽º¸¦ ÀÚµ¿À¸·Î È°¼ºÈ­½ÃÅ°±â À§ÇÏ¿© Activate¸¦ üũÇØÁØ´Ù. ÀϹݻç¿ëÀÚ°¡ ÀÎÅÍÆäÀ̽º¸¦ (ºñ)È°¼ºÈ­ ½Ãų ¼ö ÀÖ´Â ¿É¼ÇÀ» ¼³Á¤(¾ÈÇÏ´Â °ÍÀÌ ÁÁÀ»µí)ÇÒ ¼ö ÀÖ´Ù. protocol: configurationÇÏ´Â protocolÀ» ¼³Á¤ÇÏ´Â °ÍÀ¸·Î º¸ÅëÀº noneÀ¸·Î ÇÏÁö¸¸ dhcp³ªbootp¸¦ ¼³Á¤ÇÒ ¼ö ÀÖ´Ù. ¾Æ·¡È­¸éÀº gateway µð¹ÙÀ̽º¿Í ip¸¦ ¼³Á¤ÇÒ ¼ö ÀÖ´Ù. Network Packet Forwarding(IPv4): Packet ForwardingÀÇ À¯¹«¸¦ üũ, ÀϹÝÀûÀ¸·Î No Default Gateway: ½ÇÁ¦ °ÔÀÌÆ®¿þÀÌ ip¸¦ ¼³Á¤ÇÑ´Ù. ÀϹÝÀûÀ¸·Î AAA.BBB.CCC.1 Default Gateway Device: °ÔÀÌÆ®¿þÀÌ·Î ³ª°¡´Â µð¹ÙÀ̽º ¼³Á¤ eth*½ÄÀ¸·Î ÇÏ¸é µÈ´Ù. Ãß°¡ÀûÀ¸·Î ¼³Á¤ÇÏ·Á¸é Add¹öÆ°À» ´©¸£°í Ãß°¡ÇÏ¸é µÈ´Ù. Save·Î ÀúÀåÇÑ´Ù. ¸¸ÀÏ netcfg¸¦ ¾²Áö ¾Ê°í ¼³Á¤À» ÇÏ·Á¸é(¼öÁ¤À» °¡Çϱâ À§Çؼ­) ´ÙÀ½ ÆÄÀÏÀ» ÂüÁ¶Ç϶ó. /etc/hosts, /etc/sysconfig/network, /etc/sysconfig/network-scripts/ifcfg-eth* 2. ¸®´ª½º & Internet Service o apache ¼³Á¤Çϱâ. --> httpd.conf ¼³Á¤. ¼­¹ö À¯Çü(ServerType)Àº inetd ¶Ç´Â standalone µÑ ÁßÀÇ ÇϳªÀÔ´Ï´Ù. Ưº°ÇÑ ÀÌÀ¯°¡ ¾ø´Â ÇÑ standalone Áï µ¶¸³ÇüÀ¸·Î ½ÇÇàÇÕ´Ï´Ù. ServerType standalone ¸¸¾à ¼öÆÛ ¼­¹öÀÎ inetd ·ÎºÎÅÍ ½ÇÇàÇÏ´Â °ÍÀ̶ó¸é "ServerAdmin" À» Âü°íÇÑ´Ù. Port: standalone ¸ðµåÀÎ °æ¿ì °æûÇÏ´Â Æ÷Æ®¸¦ °¡¸®Åµ´Ï´Ù. 1023 ÀÌÇÏÀÇ Æ÷Æ®¸¦ »ç¿ëÇÏ·Á¸é Ãʱ⿡ httpd ¸¦ ·çÆ®·Î ½ÇÇàÇؾ߸¸ ÇÕ´Ï´Ù. Port 80 È£½ºÆ® À̸§ Á¶È¸(HostnameLookups): Ŭ¶óÀ̾ðÆ®ÀÇ À̸§ ¶Ç´Â IP ÁÖ¼Ò Áß ¾î¶² °ÍÀ» ±â·ÏÇÒ °ÍÀΰ¡ °áÁ¤ÇÕ´Ï´Ù. ¿¹) www.apache.org (on) ¶Ç´Â 204.62.129.132 (off) ±â·Ï ÆÄÀÏÀÇ Á¤º¸¸¦ ½ÇÁ¦·Î »ç¿ëÇϰųª CGI ¿ëµµ·Î »ç¿ëÇϱâ À§Çؼ­´Â off·Î Çصξî¾ß ÁÁ½À´Ï´Ù. on À̶ó°í ÇØµÎ¸é ¿©·¯ºÐÀÇ »çÀÌÆ®·Î Á¢±ÙÇÏ´Â ¼Óµµ¸¦ ´À¸®°Ô ¸¸µå´Â ´ÜÁ¡ÀÌ ÀÖ½À´Ï´Ù. HostnameLookups off httpd °¡ ´Ù¸¥ »ç¿ëÀÚ, ´Ù¸¥ ±×·ìÀ¸·Î ½ÇÇàµÇ±æ ¿øÇÑ´Ù¸é ÀÏ´Ü httpd¸¦ ·çÆ® ±ÇÇÑÀ¸·Î ½ÇÇàÇÑ ÈÄ ÁÖ¾îÁø »ç¿ëÀÚ, ±×·ìÀ¸·Î ÀüȯÇØ¾ß ÇÕ´Ï´Ù. »ç¿ëÀÚ/±×·ì(User/Group): httpd °¡ ½ÇÇàµÉ ¶§ ÇÁ·Î¼¼½ºÀÇ ¼ÒÀ¯ ±ÇÇÑÀ» °®´Â »ç¿ëÀÚ/±×·ì¿¡ ´ëÇÑ À̸§À» Á¤ÇÕ´Ï´Ù. HostnameLookups off httpd °¡ ´Ù¸¥ »ç¿ëÀÚ, ´Ù¸¥ ±×·ìÀ¸·Î ½ÇÇàµÇ±æ ¿øÇÑ´Ù¸é ÀÏ´Ü httpd¸¦ ·çÆ® ±ÇÇÑÀ¸·Î ½ÇÇàÇÑ ÈÄ ÁÖ¾îÁø »ç¿ëÀÚ, ±×·ìÀ¸·Î ÀüȯÇØ¾ß ÇÕ´Ï´Ù. »ç¿ëÀÚ/±×·ì(User/Group): httpd °¡ ½ÇÇàµÉ ¶§ ÇÁ·Î¼¼½ºÀÇ ¼ÒÀ¯ ±ÇÇÑÀ» °®´Â »ç¿ëÀÚ/±×·ì¿¡ ´ëÇÑ À̸§À» Á¤ÇÕ´Ï´Ù. User nobody Group nobody ´ÙÀ½ Áö½ÃÀÚ(directive)µéÀº ½ºÇªÇÎÀ» ÇÏ´Â ³×½ºÄÉÀÌÇÁ 2.x ¿Í ±âŸ ºê¶ó¿ìÁ®µé¿¡ ´ëÇÏ¿© keepalive¿Í Çì´õ Ç÷¯½¬¸¦ ²ôµµ·Ï ÇÕ´Ï´Ù. BrowserMatch Mozilla/2 nokeepalive BrowserMatch Java1.0 force-response-1.0 BrowserMatch JDK/1.0 force-response-1.0 ¼­¹ö°ü¸®ÀÚ(ServerAdmin): ¼­¹ö¿¡ ¹®Á¦°¡ ¹ß»ýÇßÀ» ¶§ ¿¬¶ôÀ» ÃëÇÒ ¸ÞÀÏ ÁÖ¼Ò¸¦ Á¤ÇÕ´Ï´Ù. ServerAdmin root@localhost ¼­¹ö·çÆ®(ServerRoot): ¼­¹öÀÇ ¼³Á¤, ¿¡·¯, ·Î±× ÆÄÀÏ µîÀÌ ³õÀÏ ±âº» »óÀ§ µð·ºÅ丮ÀÌ´Ù. ServerRoot /etc/httpd °áÇÕÁÖ¼Ò(BindAddress): ÀÌ ¿É¼ÇÀ» °¡Áö°í °¡»ó È£½ºÆ®¸¦ Áö¿øÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ ¿É¼ÇÀº ¼­¹ö°¡ ¾î´À IP ÁÖ¼Ò¿¡ ±Í±â¿ïÀÏ °ÍÀÎÁö Å뺸ÇÒ ¶§ »ç¿ëÇÕ´Ï´Ù. "*" À̰ųª ¶Ç´Â IP ÁÖ¼Ò ±×¸®°í ¿ÏÀüÇÑ Çü½ÄÀÇ µµ¸ÞÀÎ À̸§À» »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. VirtualHost Áö½ÃÀÚµµ ÇÔ²² Âü°íÇϽñ⠹ٶø´Ï´Ù. #BindAddress * ¿¡·¯±â·Ï(ErrorLog): ¿¡·¯ ±â·Ï ÆÄÀÏÀÇ À§Ä¡. / ·Î ½ÃÀÛÇÏÁö ¾ÊÀ¸¸é ServerRoot °¡ °æ·Î¸í ¾Õ¿¡ ºÙ½À´Ï´Ù. ErrorLog /var/log/httpd/error_log Àü¼Û±â·Ï(TransferLog): Àü¼Û ±â·Ï ÆÄÀÏÀÇ À§Ä¡. / ·Î ½ÃÀÛÇÏÁö ¾ÊÀ¸¸é ServerRoot °¡ °æ·Î¸í ¾Õ¿¡ ºÙ½À´Ï´Ù. TransferLog /var/log/httpd/access_log PID ÆÄÀÏ(PidFile): ¼­¹ö°¡ ÀÚ½ÅÀÇ PID¸¦ ±â·ÏÇØ µÑ ÆÄÀÏ PidFile /var/run/httpd.pid ScoreBoardFile: ¼­¹öÀÇ ³»ºÎ ó¸® Á¤º¸¸¦ ±â·ÏÇØ µÑ ÆÄÀÏ. ¸ðµç ¾ÆÅ°ÅØÃÄ¿¡¼­ À̸¦ ÇÊ¿ä·Î ÇÏÁö´Â ¾Ê½À´Ï´Ù. ¸¸¾à ÇÊ¿äÇÏ´Ù¸é (ÀÌ ÆÄÀÏÀ» ¾ÆÆÄÄ¡°¡ ½ÇÇàµÇ¸é »ý¼ºµÈ´Ù´Â °ÍÀ» ¾Ë°Ô µÉ °Ì´Ï´Ù.) ÀÌ Á¡Àº Àß ¾Ë¾ÆµÎ¾î¾ß ÇÕ´Ï´Ù. ¾ÆÆÄÄ¡¸¦ ¿©·¯ °³ ½ÇÇà½ÃÅ°´Â °æ¿ì¿¡´Â ÀÌ ÆÄÀÏÀÌ Áߺ¹ »ç¿ëµÇÁö ¾Êµµ·Ï À¯ÀÇÇØ¾ß ÇÕ´Ï´Ù. ScoreBoardFile /var/run/apache_status ¼­¹öÀ̸§(ServerName)Àº ÇÁ·Î±×·¥ÀÌ ¹Þ°Ô µÇ´Â È£½ºÆ® À̸§°ú ´Ù¸¥ ¼­¹ö À̸§À» Ŭ¶óÀ̾ðÆ®¿¡°Ô º¸³»·Á ÇÒ ¶§ ¼³Á¤ÇÕ´Ï´Ù. ¿©±â¼­ Á¤ÀÇÇÏ´Â À̸§Àº ¿©·¯ºÐÀÇ È£½ºÆ®¿¡ ´ëÇÏ¿© Á¤È®È÷ ¼³Á¤µÇ¾î ÀÖ´Â DNS À̸§À̾î¾ß ÇÕ´Ï´Ù. #ServerName new.host.name CacheNegotiatedDocs: ±âº»ÀûÀ¸·Î ¾ÆÆÄÄ¡´Â ³»¿ëÀ» ±âÁØÀ¸·Î ÇÏ¿© Çù»óÇÑ ¹®¼­¿¡ ´ëÇؼ­´Â Pragma: no-cache ¸¦ °¢ ¹®¼­¸¶´Ù º¸³À´Ï´Ù. ÀÌ ¸Þ½ÃÁö´Â ÇÁ·Ï½Ã ¼­¹ö·Î ÇÏ¿©±Ý ¹®¼­¸¦ ij½¬ÇÏÁö ¾Êµµ·Ï ¿äûÇÕ´Ï´Ù. ´ÙÀ½ ÇàÀÇ ÁÖ¼®À» Ç®¸é ÀÌ ±â´ÉÀ» ÇØÁ¦ÇÏ°í ÇÁ·Ï½Ã ¼­¹ö°¡ ¹®¼­¸¦ ij½¬ÇÒ ¼ö ÀÖµµ·Ï Çã¿ëÇÕ´Ï´Ù. #CacheNegotiatedDocs Timeout: ¹Þ°í º¸³»´Âµ¥ ŸÀÓ ¾Æ¿ôÀÌ °É¸®µµ·Ï ÇÏ´Â ½Ã°£ (ÃÊ) Timeout 300 KeepAlive: Áö¼ÓÀûÀÎ Á¢¼ÓÀ» Çã¿ëÇÒ °ÍÀÎÁö ¸» °ÍÀΰ¡ °áÁ¤ÇÏ´Â ºÎºÐÀÌ´Ù. "Off"·Î Çϸé ÀÌ ±â´ÉÀ» Á¤Áö½Ãŵ´Ï´Ù. KeepAlive On MaxKeepAliveRequests: Áö¼ÓÀûÀÎ Á¢¼Ó µ¿¾È Çã¿ëÇÒ ÃÖ´ë ¿äû ¼ö ÀÌ °ªÀ» 0 À¸·Î Çϸé Á¦ÇÑÀ» µÎÁö ¾Ê½À´Ï´Ù. ÃÖ´ë È¿À²À» À§Çؼ­´Â ÀÌ °ªÀ» °¡´ÉÇÑ ³ô°Ô µÎ±æ ±ÇÀåÇÕ´Ï´Ù. MaxKeepAliveRequests 100 # KeepAliveTimeout: ´ÙÀ½ ¹ø ¿äûÀ» ±â´Ù¸®´Ù ŸÀÓ ¾Æ¿ôÀÌ °É¸®°Ô ÇÏ´Â ½Ã°£(ÃÊ) KeepAliveTimeout 15 ¼­¹ö-Ç® Å©±â Á¶Á¤. ¸î °³ÀÇ ¼­¹ö ÇÁ·Î¼¼½º°¡ ÇÊ¿äÇÑÁö °è»êÇÒ ÇÊ¿ä¾øÀÌ ¾ÆÆÄÄ¡´Â ÀÚµ¿À¸·Î ºÎÇÏ·®¿¡ µû¶ó ÀûÀÀÇÕ´Ï´Ù. ÇöÀçÀÇ ºÎÇÏ »óŸ¦ ó¸®ÇÒ ¼ö ÀÖÀ» Á¤µµÀÇ ÃæºÐÇÑ ¼­¹ö ÇÁ·Î¼¼½º¸¦ À¯ÁöÇϸç ÀϽÃÀûÀ¸·Î Ä¡¼Ú´Â ºÎÇϸ¦ ¿¹»óÇÏ¿© ¿©ºÐÀÇ ÇÁ·Î¼¼½º¸¦ ¸¸µé¾îµÓ´Ï´Ù. ¾ÆÆÄÄ¡´Â Á¤±âÀûÀ¸·Î ¾ó¸¶³ª ¸¹Àº ¼­¹ö°¡ ¿äûÀ» ±â´Ù¸®°í ÀÖ´ÂÁö Á¡°ËÇÕ´Ï´Ù. ¸¸¾à MinSpareServers º¸´Ù ÀÛÀ¸¸é ¿©ºÐÀÇ ¼­¹ö¸¦ ¸¸µé¾î µÓ´Ï´Ù. MaxSpareServers º¸´Ù ¸¹À¸¸é ³ª¸ÓÁö ¼­¹ö¸¦ Á¾·á½Ãŵ´Ï´Ù. ´ëºÎºÐÀÇ »çÀÌÆ®¿¡ ´ëÇÏ¿© ´ÙÀ½ °ªÀ̸é ÃæºÐÇÏ´Ù°í º¾´Ï´Ù. MinSpareServers 8 MaxSpareServers 20 # ½ÃÀÛÇÒ ¶§ÀÇ ¼­¹ö °¹¼ö - ÀûÀýÇÑ °ªÀ¸·Î ¾î¸²Àâ¾Æ °è»êÇÕ´Ï´Ù. StartServers 10 ¼­¹ö ½ÇÇà ÃÑ °¹¼ö¸¦ Á¦ÇÑÇÕ´Ï´Ù. Áï Ŭ¶óÀ̾ðÆ®µéÀÌ µ¿½Ã¿¡ Á¢¼ÓÇÒ ¼ö ÀÖ´Â ¼ö¸¦ Á¦ÇÑÇÕ´Ï´Ù. ÀÌ °ª¿¡ µµ´ÞÇÏ°Ô µÇ¸é Ŭ¶óÀ̾ðÆ®µéÀº ¹«ÀÛÁ¤ ±â´Ù¸®´Â »óÅ·ΠºüÁö¹Ç·Î ³Ê¹« ³·°Ô Ã¥Á¤Çؼ­´Â ¾ÈµË´Ï´Ù. ±Þ°ÝÇÏ°Ô ºÎÇÏ°¡ ¸¹¾ÆÁüÀ¸·Î½á À¥ ¼­¹ö°¡ À¯´Ð½º¿Í ÇÔ²² ³ª¶ô¿¡ ºüÁöÁö ¾Êµµ·Ï ºê·¹ÀÌÅ©¸¦ °É¾îµÎ±â À§ÇÑ ¿ëµµ·Î »ç¿ëµÈ´Ù. MaxClients 150 ÀڽĴç ÃÖ´ë ¿äû¼ö(MaxRequestsPerChild): ÀÚ½Ä ÇÁ·Î¼¼½º°¡ Á×±â Àü¿¡ ó¸®ÇÒ ÃÖ´ë ¿äûÀÇ °³¼ö ¾ÆÆÄÄ¡(¶Ç´Â ¾ÆÆÄÄ¡°¡ »ç¿ëÇÏ´Â ¶óÀ̺귯¸®)¸¦ Àå½Ã°£ »ç¿ëÇÔÀ¸·Î½á »ý±â´Â ¹®Á¦µéÀ» ¸·±â À§ÇØ ÀÚ½Ä ÇÁ·Î¼¼½º°¡ Á¾·áÇÕ´Ï´Ù. ´ëºÎºÐÀÇ ½Ã½ºÅÛ¿¡¼­´Â ÀÌ°ÍÀÌ ÇÊ¿äÄ¡ ¾ÊÁö¸¸ ¸î¸î(¿¹¸¦ µé¾î Solaris) ½Ã½ºÅÛ ÀÇ °æ¿ì ¶óÀ̺귯¸®·ÎºÎÅÍ ¹ß»ýÇÏ´Â ¸Þ¸ð¸® À¯ÃâÀÌ ³ô±â ¶§¹®¿¡ ÇÊ¿äÇÕ´Ï´Ù. MaxRequestsPerChild 100 ÇÁ·Ï½Ã ¼­¹ö Áö½ÃÀÚ. ÇÁ·Ï½Ã ¼­¹ö ±â´ÉÀ» ÀÛµ¿½ÃÅ°½Ã·Á¸é ´ÙÀ½ ÇàÀÇ ÁÖ¼®À» Ç®¾îÁֽʽÿÀ. #ProxyRequests On ij½¬ ±â´ÉÀ» ÀÛµ¿½ÃÅ°·Á¸é ´ÙÀ½ ÇàµéÀÇ ÁÖ¼®À» Ç®°í ÀûÀýÇÏ°Ô ÆíÁýÇϽʽÿÀ. #CacheRoot /var/httpd/proxy #CacheSize 5 #CacheGcInterval 4 #CacheMaxExpire 24 #CacheLastModifiedFactor 0.1 #CacheDefaultExpire 1 #NoCache a_domain.com another_domain.edu joes.garage_sale.com Listen: ¾ÆÆÄÄ¡¸¦ ±âº»°ª¿¡ Ãß°¡ÇÏ¿© ƯÁ¤ IP ÁÖ¼Òµé ¶Ç´Â Æ÷Æ®¿Í °áÇÕ(bind) ½ÃÅ°·Á ÇÒ ¶§ »ç¿ëÇÕ´Ï´Ù. VirtualHost ¸í·É ¶ÇÇÑ Âü°íÇϽʽÿÀ. #Listen 3000 #Listen 12.34.56.78:80 °¡»óÈ£½ºÆ®(VirtualHost): ¼­¹ö ¸Ó½ÅÀÌ ¿©·¯ ÁÖ¼Ò¿¡ ´ëÇÏ¿© IP ÆÐŶÀ» ¹ÞÀ» ¼ö ÀÖµµ·Ï ¼³Á¤ÇÑ »óÅ¿¡¼­ ¾ÆÆÄÄ¡ µ¥¸óÀÌ ÇϳªÀÇ ÀÌ»óÀÇ ¼­¹ö ÁÖ¼Ò¿¡ ´ëÇÏ¿© ¿äûÀ» ó¸®ÇÒ ¼ö ÀÖµµ·Ï ÇØÁÝ´Ï´Ù. ifconfig alias Ç÷¡±× ¶Ç´Â VIF ¿Í °°Àº Ä¿³Î ÆÐÄ¡¸¦ ÅëÇØ ÇÒ ¼ö ÀÖ½À´Ï´Ù. ¸ðµç httpd.conf, srm.conf Áö½ÃÀÚ¸¦ VirtualHost ¸í·É ¾È¿¡ ÀûÀ» ¼ö ÀÖ½À´Ï´Ù. BindAddress Ç׸ñ ¶ÇÇÑ Âü°íÇϽñ⠹ٶø´Ï´Ù. # #ServerAdmin webmaster@host.some_domain.com #DocumentRoot /www/docs/host.some_domain.com #ServerName host.some_domain.com #ErrorLog logs/host.some_domain.com-error_log #TransferLog logs/host.some_domain.com-access_log # --> srm.conf ¼³Á¤. DocumentRoot: ¿©·¯ºÐÀÇ ¹®¼­¸¦ Á¦°øÇÒ µð·ºÅ丮 ±âº»ÀûÀ¸·Î ¸ðµç ¿äûÀº ÀÌ µð·ºÅ丮·ÎºÎÅÍ Á¦°øµË´Ï´Ù. ÇÏÁö¸¸ ½Éº¼¸¯ ¸µÅ©³ª alias¸¦ »ç¿ëÇÏ¿© ´Ù¸¥ À§Ä¡¸¦ °¡¸®Å³ ¼ö ½À´Ï´Ù. DocumentRoot /home/httpd/html »ç¿ëÀÚ µð·ºÅ丮(UserDir): ~user ¿äûÀ» ¹Þ¾ÒÀ» ´ë »ç¿ëÀÚÀÇ È¨ µð·ºÅ丮 µÚ¿¡ ºÙÀÏ µð·ºÅ丮ÀÇ À̸§ UserDir public_html µð·ºÅ丮 À妽º(DirectoryIndex): ¾à¼ÓµÈ HTML µð·ºÅ丮 À妽º·Î »ç¿ëÇÒ ÆÄÀÏÀÇ À̸§ÀÌ´Ù. ¿©·¯ °³¸¦ ÀûÀ» ¶§´Â ½ºÆäÀ̽º·Î ±¸ºÐÇÕ´Ï´Ù. DirectoryIndex index.html index.htm index.shtml index.cgi FancyIndexing Ç׸ñÀº µð·ºÅ丮¸¦ ¿¹»Ú°Ô À妽ºÇؼ­ º¸¿© ÁÙ °ÍÀÎÁö ¾Æ´Ï¸é ±âº»ÀûÀÎ Çü½ÄÀ¸·Î¸¸ º¸¿© ÁÙ °ÍÀÎÁö °áÁ¤ÇÕ´Ï´Ù. FancyIndexing on AddIcon Áö½ÃÀÚ´Â ¼­·Î ´Ù¸¥ ÆÄÀÏ, ÆÄÀÏ È®ÀåÀÚ¿¡ ´ëÇÏ¿© ¾î¶² ¾ÆÀÌÄÜÀ» »ç¿ëÇÒ °ÍÀÎÁö °áÁ¤ÇÕ´Ï´Ù. AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIconÀº À§¿¡¼­ ¸í½ÃÀûÀ¸·Î ¼³Á¤µÇ¾î ÀÖÁö ¾ÊÀº ÆÄÀÏ¿¡ ´ëÇÏ¿© »ç¿ëÇÏ´Â ¾ÆÀÌÄÜÀÔ´Ï´Ù. DefaultIcon /icons/unknown.gif AddDescription Àº ¼­¹ö°¡ »ý¼ºÇÑ À妽º ÆÄÀÏ µÚ¿¡ °£´ÜÇÑ ¼³¸íÀ» Ãß°¡ÇÏ°íÀÚ ÇÒ ¶§ »ç¿ëÇÕ´Ï´Ù. ReadmeName Àº ¼­¹ö°¡ ±âº»ÀûÀ¸·Î ã´Â README ÆÄÀÏÀÇ À̸§À» ³ªÅ¸³À´Ï´Ù. HeaderName Àº µð·ºÅ丮 À妽º ¾Õ¿¡ ºÙ´Â ÆÄÀÏÀÇ À̸§À» ³ªÅ¸³À´Ï´Ù. ReadmeName README HeaderName HEADER IndexIgnore ´Â µð·ºÅ丮 À妽º¿¡¼­ Á¦¿ÜµÉ ÆÄÀÏ À̸§À» Á¤ÇÕ´Ï´Ù. Çü½Ä: IndexIgnore name1 name2... IndexIgnore */.??* *~ *# */HEADER* */README* */RCS AccessFileName: Á¢±Ù Á¦¾î Á¤º¸¸¦ °ü¸®Çϱâ À§ÇØ °¢ µð·ºÅ丮¿¡¼­ ã¾Æ º¼ ÆÄÀÏ À̸§À» Á¤ÇÕ´Ï´Ù. AccessFileName .htaccess DefaultType Àº ¼­¹ö°¡ ÆÄÀϸí È®ÀåÀڷκÎÅÍ ÆÄÀÏ À¯ÇüÀ» ÆÇ´ÜÇÒ ¼ö ¾øÀ» ¶§ ¹®¼­¿¡ ´ëÇÏ¿© °¡Á¤ÇÒ ±âº» MIME À¯ÇüÀÔ´Ï´Ù. DefaultType text/plain AddEncoding Àº ¸î¸î ºê¶ó¿ìÀú(Mosaic/X 2.1+)°¡ Àü¼Û¹ÞÀ¸¸é¼­ ³»¿ëÀÇ ¾ÐÃàÀ» Ç® ¼ö ÀÖµµ·Ï Çã¿ëÇÒ ¶§ ¾¹´Ï´Ù. AddEncoding x-compress Z AddEncoding x-gzip gz AddLanguage ´Â ¹®¼­ÀÇ ¾ð¾î¸¦ ¸í½ÃÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù. ÀÌ ±â´ÉÀ» »ç¿ëÇÏ¸é ºê¶ó¿ìÁ®°¡ ÀÌÇØÇÒ ¼ö ÀÖ´Â ¾ð¾î·Î µÈ ÆÄÀÏ ³»¿ë¿¡ ´ëÇÑ Çù»óÀ» ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÆÄÀÏÁ¢¹Ì»ç°¡ ¾ð¾î Å°¿öµå¿Í ¶È°°À» ÇÊ¿ä´Â ¾ø½À´Ï´Ù. AddLanguage ko .ko AddLanguage en .en AddLanguage fr .fr AddLanguage de .de AddLanguage da .da AddLanguage el .el AddLanguage it .it ¾ð¾î¿ì¼±±Ç(LanguagePriority)Àº ³»¿ë Çù»ó Áß µ¿·üÀ» Â÷ÁöÇÏ´Â °æ¿ì ¾ð¾îÀÇ ¿ì¼±±ÇÀ» Á¤ÇÕ´Ï´Ù. ¿ì¼±±ÇÀÌ ¸ÕÀúÀÎ °ÍÀ» ¸ÕÀú Àû½À´Ï´Ù. LanguagePriority ko en fr de Redirect ¸¦ »ç¿ëÇϸé Ŭ¶óÀ̾ðÆ®¿¡°Ô ¿¹Àü¿¡´Â ÀÖ¾ú´ø ¹®¼­°¡ Áö±ÝÀº Á¸ÀçÇÏÁö ¾Ê´Â´Ù°í Å뺸ÇÒ ¼ö ÀÖ½À´Ï´Ù. Ŭ¶óÀ̾ðÆ®·Î ÇÏ¿©±Ý ´Ù¸¥ À§Ä¡¿¡¼­ ¹®¼­¸¦ ãµµ·Ï ¸»ÇØÁÙ ¶§ »ç¿ëÇÕ´Ï´Ù. Çü½Ä: Redirect fakename url Aliases: ÇÊ¿äÇÑ ¸¸Å­ º°¸íÀ» ¸¸µé¾î »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.(Á¦ÇÑ ¾øÀ½) ±âº» Çü½ÄÀº ´ÙÀ½°ú °°½À´Ï´Ù. Alias fakename realname ¸¸¾à fakename ´ÙÀ½¿¡ / ÀÌ ºÙ¾î ÀÖ´Ù¸é ¼­¹ö´Â ±× fakename ÀÌ URL ¾È¿¡ Á¸ÀçÇØ¾ß ÇÑ´Ù°í °£ÁÖÇÕ´Ï´Ù. µû¶ó¼­ ´ÙÀ½ ¿¹¿¡¼­ "/icons"´Â º°¸íÈ­µÇÁö ¾Ê½À´Ï´Ù. Alias /icons/ /home/httpd/icons/ ScriptAlias: ¼­¹ö ½ºÅ©¸³Æ®¸¦ Æ÷ÇÔÇÑ µð·ºÅ丮¸¦ Á¦¾îÇÕ´Ï´Ù. Çü½Ä: ScriptAlias fakename realname ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ AddTypeÀº mime.types ÆÄÀÏÀ» ¼öÁ¤ÇÏÁö ¾Ê°íµµ ¿øÇÏ´Â ÀÛ¾÷À» ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù. ¶Ç´Â ¾î¶² ƯÁ¤ ÆÄÀÏÀ» ƯÁ¤ À¯ÇüÀÌ µÇµµ·Ï ÇÒ ¼ö ÀÖ½À´Ï´Ù. Çü½Ä: AddType type/subtype ext1 AddHandler´Â ƯÁ¤ ÆÄÀÏ È®ÀåÀÚ¿¡ ´ëÇÏ¿© È­ÀÏ À¯Çü°ú´Â ¿¬°üµÇ¾î ÀÖÁö ¾ÊÀº 󸮰¡ ÀÌ·ïÁöµµ·Ï "󸮱â(handler)"¸¦ °áÇÕ½Ãų ¼ö ÀÖµµ·Ï ÇØÁÝ´Ï´Ù. ¼­¹ö ¾È¿¡ ³»ÀåÇϰųª ¶Ç´Â Action ¸í·ÉÀ» ÅëÇØ Ãß°¡ÇÒ ¼ö ÀÖ½À´Ï´Ù. Çü½Ä: AddHandler action-name ext1 ´ÙÀ½À» Ç®¾îÁÖ¸é /cgi-bin/ ÀÌ¿ÜÀÇ ¸ðµç µð·ºÅ丮¿¡¼­µµ .cgi ·Î ³¡³ª±â¸¸ Çϸé CGI ·Î °£ÁÖÇÏ¿© ½ÇÇà°¡´ÉÄÉ ÇϹǷΠº¸¾È »ó ÁÁÁö ¾Ê½À´Ï´Ù. #AddHandler cgi-script .cgi ¼­¹ö ó¸® HTML ÆÄÀÏÀ» »ç¿ëÇϱâ À§Çؼ­. #AddType text/html .shtml #AddHandler server-parsed .shtml ¾ÆÆÄÄ¡ÀÇ send-asis HTTP ÆÄÀÏ ±â´ÉÀ» »ç¿ëÇÏ·Á¸é ´ÙÀ½ ÇàÀÇ ÁÖ¼®À» DZ´Ï´Ù. #AddHandler send-as-is asis ¼­¹ö Çؼ® À̹ÌÁö¸Ê ÆÄÀÏÀ» »ç¿ëÇÏ·Á¸é. AddHandler imap-file map À¯Çü Áöµµ(type maps)À» »ç¿ëÇÏ·Á¸é. #AddHandler type-map var ÆÞ ¸ðµâÀ» »ç¿ëÇÏ·Á¸é ´ÙÀ½ ¼½¼ÇÀÇ #¸¦ Á¦°ÅÇÕ´Ï´Ù. #Alias /perl/ /home/httpsd/perl/ # #SetHandler perl-script #PerlHandler Apache::Registry #Options +ExecCGI # php ¸ðµâÀ» ÀÛµ¿½ÃÅ°±â À§Çؼ­ AddType application/x-httpd-php .phtml Action Àº ¸ÅÄ¡µÇ´Â ÆÄÀÏÀÌ ÀÐÇôÁú ¶§¸¶´Ù ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÏ°Ô ÇÒ MIME ŸÀÔÀ» Á¤ÀÇÇÕ´Ï´Ù. ƯÁ¤ MIME ŸÀÔ¿¡ ´ëÇÑ ¿äûÀÌ ÀÖÀ» ¶§¸¶´Ù CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇà½ÃÅ°µµ·Ï Àüó¸® ¿ëµµ·Î ¸Å¹ø ¶È°°Àº URL Àº ¹Ýº¹ÇÏ´Â °ÍÀ» ´ú¾îÁÝ´Ï´Ù. Çü½Ä: Action media/type /cgi-script/location Çü½Ä: Action handler-name /cgi-script/location MetaDir: ¾ÆÆÄÄ¡°¡ ¸ÞŸ Á¤º¸ ÆÄÀÏÀ» ãÀ» µð·ºÅ丮 À̸§À» Á¤ÇÕ´Ï´Ù. ¹®¼­¸¦ º¸³¾ ¶§ HTTP Çì´õ¿¡ Æ÷ÇÔÇÒ Ãß°¡ Á¤º¸¸¦ °¡Áö°í ÀÖ½À´Ï´Ù. #MetaDir .web ¸ÞŸÁ¢¹Ì»ç(MetaSuffix): ¸ÞŸ Á¤º¸¸¦ Æ÷ÇÔÇÏ°í ÀÖ´Â ÆÄÀÏ¿¡ ´ëÇÑ Á¢¹Ì»ç¸¦ ¸í½ÃÇÕ´Ï´Ù. #MetaSuffix .meta o. Æò¹üÇÑ ÅؽºÆ® ÆÄÀÏ #ErrorDocument 500 "The server made a boo boo. ÁÖÀÇ(n.b.) (") Ç¥½Ã´Â ÅؽºÆ®ÀÓÀ» Ç¥½ÃÇϸç Ãâ·ÂµÇÁö ¾Ê½À´Ï´Ù. o. Áö¿ªÀûÀÎ ¹æÇâÀüȯ #ErrorDocument 404 /missing.html Áö¿ª URL /missing.html ·Î Àüȯ #ErrorDocument 404 /cgi-bin/missing_handler.pl ÁÖÀÇ: ½ºÅ©¸³Æ® ¶Ç´Â ¼­¹ö Ãø Æ÷ÇÔÀ» »ç¿ëÇÑ ¹®¼­·Î ÀüȯÇÒ ¼ö ÀÖ½À´Ï´Ù. o. ¿ÜºÎ ¹æÇâÀüȯ #ErrorDocument 402 http://some.other_server.com/subscription_info.html --> access.conf ¼³Á¤. Options Indexes IncludesNOEXEC AllowOverride None ´ÙÀ½ ¼³Á¤Àº ¿©·¯ºÐÀÌ DocumentRoot ·Î ¼³Á¤ÇÑ µð·ºÅ丮·Î Á¶Á¤ÇØ¾ß ÇÕ´Ï´Ù. "None", "All", ¶Ç´Â "Indexes", "Includes", "FollowSymLinks", "ExecCGI", "MultiViews"ÀÇ ÀÚÀ¯·Î¿î Á¶ÇÕÀÌ °¡´ÉÇÕ´Ï´Ù. "MultiViews"´Â ¸í½ÃÀûÀ¸·Î Àû¾î¾ß¸¸ ÀÛµ¿ÇÕ´Ï´Ù. "Options All"À̶ó ÇÒ Áö¶óµµ "MultiViews"´Â ÇöÀç·Î¼­´Â ÀÚµ¿ ¼³Á¤µÇÁö ¾Êµµ·Ï µÇ¾î ÀÖ½À´Ï´Ù. Options Indexes Includes ExecCGI FollowSymLinks ´ÙÀ½Àº °¢ µð·ºÅ丮¿¡ ³õ¿© ÀÖ´Â .htaccess ÆÄÀÏ¿¡¼­ ¾î¶² ¿É¼Ç¿¡ ´ëÇÏ¿© Àç¼³Á¤ÇÒ ¼ö ÀÖ´ÂÁö Çã°¡ÇØÁÝ´Ï´Ù. "All", ¶Ç´Â "Options", "FileInfo", "AuthConfig", "Limit" ÀÇ ÀÚÀ¯·Î¿î Á¶ÇÕÀÌ °¡´ÉÇÕ´Ï´Ù. AllowOverride None ¼­¹ö·ÎºÎÅÍ Á¤º¸¸¦ ÃëÇÒ ¼ö ÀÖ´Â À§Ä¡¸¦ Á¦¾îÇÕ´Ï´Ù. order allow,deny allow from all ¿©±â¼­ /home/httpd/cgi-bin Àº ScriptAlias ·Î ¼³Á¤ÇÑ CGI µð·ºÅ丮°¡ ÀÖ´Â °æ¿ì ¾Ë¸Â°Ô ¼³Á¤Çϱ⠹ٶø´Ï´Ù. /cgi-bin/ ÀÇ ½ºÅ©¸³Æ®°¡ Á¦´ë·Î ÀÛµ¿ÇÏ·Á¸é ExecCGI ¿É¼ÇÀÌ ÇÊ¿äÇÕ´Ï´Ù. AllowOverride None Options ExecCGI http://servername/server-status À» ¿­¸é ¼­¹öÀÇ »óŸ¦ º¸¿©ÁÖµµ·Ï ÇÕ´Ï´Ù. .your_domain.com À» ½ÇÁ¦ ¿©·¯ºÐÀÌ ¼ÓÇÑ µµ¸ÞÀÎÀ¸·Î º¯°æÇϽñ⠹ٶø´Ï´Ù. # #SetHandler server-status #order deny,allow #deny from all #allow from .your_domain.com # 1.1 ÀÌÀüÀÇ ¹öÀü¿¡ ÀÖ´ø ¹ö±×¸¦ ¾Ç¿ëÇÏ´Â »ç¶÷µéÀÌ ÀÖ½À´Ï´Ù. ÀÌ ¹ö±×´Â ¾ÆÆÄÄ¡¿Í ÇÔ²² ¹èÆ÷µÇ¾ú´ø CGI ½ºÅ©¸³Æ®¿Í °ü·ÃµÈ ¹ö±×ÀÔ´Ï´Ù. ´ÙÀ½ ÇàµéÀÇ ÁÖ¼® 󸮸¦ Ç®¾îÁÖ¸é ÀÌ ¹ö±×¿¡ ´ëÇÑ °ø°Ý ¹æÇâÀ» phf.apache.org ÀÇ ±â·Ï ½ºÅ©¸³Æ®·Î ¹æÇâÀüȯ ½Ãų ¼ö ÀÖ½À´Ï´Ù. ¶Ç´Â support/phf_abuse_log.cgi ¸¦ »ç¿ëÇÏ¿© ¿©·¯ºÐ ½º½º·Î ±â·ÏÇØ µÑ ¼öµµ ÀÖ½À´Ï´Ù. deny from all ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi O. ftp ¼³Á¤Çϱâ. Linux»ó¿¡¼­ ftp ¼­ºñ½º¸¦ ÇÏ·Á¸é, wu-ftp ÇÁ·Î±×·¥À» ¼³Ä¡Çϰųª ¾Æ´Ï¸é, ´ÙÀ½°ú °°Àº °°Àº ¹æ¹ýÀ¸·Î ¼³Á¤À» ÇÒ¼ö°¡ ÀÖ´Ù. ¸ÕÀú, /home ¹Ø¿¡ ftp ¶ó´Â µð·ºÅ丮¸¦ »ý¼ºÇÑ´Ù. # mkdir /home/ftp ´ÙÀ½¿¡ ftp ¿¡ ÇÊ¿äÇÑ µð·ºÅ丮¸¦ ¸¸µç´Ù. # mkdir /home/ftp/bin # mkdir /home/ftp/lib # mkdir /home/ftp/etc # mkdir /home/ftp/pub ´Ù ¸¸µé¾úÀ¸¸é ÀÚ½ÅÀÇ Linux ¿¡ ÀÖ´Â /bin µð·ºÅ丮ÇÏÀÇ compress, cpio, gzip, ls, sh, tar ¸¦ /home/ftp/bin À¸·Î Ä«ÇǸ¦ ÇÑ´Ù. # cd /bin # cp compress cpio gzip ls sh tar /home/ftp/bin ´ÙÀ½À¸·Î /etc/ µð·ºÅ丮ÇÏÀÇ group, ld.so.cache, passwd ÆÄÀÏÀ» /home/ftp/etc·Î º¹»ç¸¦ ÇÑ´Ù. # cd /etc # cp group ld.so.cache passwd /home/ftp/etc/ library ÆÄÀϵ鵵 º¹»ç¸¦ ÇÑ´Ù. # cd /lib ±âº»ÀûÀ¸·Î ÇÊ¿äÇÑ ld ¶óÀ̺귯¸® ¹× libc, libnsl, libnss ¶óÀ̺귯¸®¸¦ ¸ðµÎ º¹»çÇÑ´Ù. ³ª¸ÓÁö ÇÊ¿äÇÑ ºÎºÐÀº ftp »ç¿ëÀÚ¸¦ ¸¸µç´Ù. # adduser ftp Æнº¿öµå´Â * ·Î ÄÚ¸àÆ®ÇÑ´Ù. # chown -R root.ftp /home/ftp ÇÏ¿© ftp »ç¿ëÀÚ¿¡°Ô ¿¢¼¼½º ±ÇÇÑÀ» ºÎ¿©ÇÑ´Ù. --> ftp »ç¿ëÀÚ ¿¢¼¼½º Á¦ÇÑ. class anony real.anonymous * (ÃÖ´ë Á¢¼÷ÀÚ¼ö) limit anony 1 Any /etc/msgs/msg.toomany (Ŭ·¡½º¸í) (¾ðÁ¦³ª Çã¿ë) (Á¢¼Ó Çã¿ëÀÚ¼ö°¡ ³Ñ¾úÀ»°æ¿ì º¸¿©ÁÖ´Â ¸Þ¼¼Áö) email hackers@smartmate.com --> ftp admin À̸ÞÀÏ ÁÖ¼Ò loginfails 1 readme README* login readme README* cwd=* message /welcome.msg login (·Î±äÀ» ÇÏ¿´À»°æ¿ì º¸¿©ÁÖ´Â ¸Þ¼¼Áö) message .message cwd=* compress yes all tar yes all chmod no guest,anonymous delete no guest,anonymous overwrite no guest,anonymous rename no guest,anonymous log transfers anonymous,real inbound,outbound shutdown /etc/msg/shutmsg passwd-check rfc822 enforce (enforce´Â Á¤È®ÇÑ À̸ÞÀÏÁÖ¼Ò¸¦ ÀûÁö ¾ÊÀ» °æ¿ì Á¢¼ÓÀ» Çã°¡ÇÏÁö ¾Ê´Â ¸í·É¾î) O. sendmail ¼³Á¤Çϱâ. * sendmail.cf # Copyright (c) 1998 Sendmail, Inc. All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # ###################################################################### ###################################################################### ##### ##### SENDMAIL CONFIGURATION FILE ##### ##### built by root@linux.sarang.net on Sun Aug 16 03:26:55 KST 1998 ##### in /pkg/BUILD/sendmail-8.9.0/cf/cf ##### using ../ as configuration include directory ##### ###################################################################### ###################################################################### ##### @(#)cfhead.m4 8.22 (Berkeley) 5/19/98 ##### ##### @(#)cf.m4 8.29 (Berkeley) 5/19/98 ##### ##### @(#)redirect.m4 8.10 (Berkeley) 5/19/98 ##### ##### @(#)always_add_domain.m4 8.6 (Berkeley) 5/19/98 ##### ##### @(#)use_cw_file.m4 8.6 (Berkeley) 5/19/98 ##### ##### @(#)local_procmail.m4 8.11 (Berkeley) 5/19/98 ##### ##### @(#)mailertable.m4 8.9 (Berkeley) 5/19/98 ##### ##### @(#)access_db.m4 8.8 (Berkeley) 5/19/98 ##### ##### @(#)proto.m4 8.223 (Berkeley) 6/30/98 ##### # level 8 config file format V8/Berkeley # override file safeties - setting this option compromises system security # need to set this now for the sake of class files #O DontBlameSendmail=safe ################## # local info # ################## --> sendmail ¼³Á¤¿¡ À־ ´ëºÎºÐÀÇ »ç¿ëÀÚ´Â Cw, Fw, Dj ¼³Á¤¸¸ ºÁÁÖ¸é ¸ÞÀÏ ¼³Á¤Àº µÈ´Ù. Cwlocalhost : C ´Â Ŭ·¡½º Á¤ÀÇ ¸í·É¾îÀÌ´Ù. Cw ´Â w¶ó´Â Ŭ·¡½º¿¡ °ªÀ» ´ëÀÔÇÏ´Â Çü½ÄÀÌ´Ù. ÀÌ Çü½Ä¿¡ °ªÀ» Áֱ⺸´Ù´Â sendmail.cw ¿¡ Àû¾îÁÖ´Â ÆíÀÌ ÁÁ´Ù. sendmail.cw ¿¡ ´ëÇؼ­´Â ¹Ø¿¡ ºÎºÐ¿¡¼­ ¼³¸íÀÌ ³ª¿Â´Ù. # file containing names of hosts for which we receive email Fw/etc/sendmail.cw --> w Ŭ·¡½º¿¡ ¼ÓÇÑ È£½ºÆ®·Î ¸ÞÀÏÀÌ ³¯¶ó¿À¸é ¸ÞÀϼ­¹ö´Â ¼ö½ÅÀ» ÇϰԵȴÙ. # my official domain name # ... define this only if sendmail cannot automatically determine your domain #Dj$w.Foo.COM --> »÷µå¸ÞÀÏÀÌ ¿©·¯ºÐÀÇ È£½ºÆ®¸¦ Á¦´ë·Î ÀνÄÀ» ÇÏÁö ¢¬ ¸øÇÏ´Â °æ¿ì¿¡ # ÁÖ¼®À» ¾ø¾ÖÁÖ°í ³ª¼­ ÀÚ½ÅÀÇ È£½ºÆ®¸¦ Àû¾îÁØ´Ù ¿¹) Dj$hackers.smartmate.com CP. # "Smart" relay host (may be null) DS # operators that cannot be in local usernames (i.e., network indicators) CO @ % ! # a class with just dot (for identifying canonical names) C.. # a class with just a left bracket (for identifying domain literals) C[[ # Mailer table (overriding domains) Kmailertable hash -o /etc/mailertable # Access list database (for spam stomping) Kaccess hash -o /etc/mail/access --> sendmail-8.9.1 ºÎÅÍ´Â relay Çã¿ë ¹× ½ºÆÔ¸ÞÀÏ Â÷´Ü±â´ÉÀÌ relay_domians ¿¡¼­ access ·Î ¹Ù²î¾ú´Ù. # Resolve map (to check if a host exists in check_mail) Kresolve host -a -T # Hosts that will permit relaying ($=R) FR-o /etc/mail/relay-domains # who I send unqualified names to (null means deliver locally) DR # who gets all local email traffic ($R has precedence for unqualified names) DH # dequoting map Kdequote dequote # class E: names that should be exposed as from this host, even if we masquerade # class L: names that should be delivered locally, even if we have a relay # class M: domains that should be converted to $M #CL root CE root # who I masquerade as (null for no masquerading) (see also $=M) DM # my name for error messages DnMAILER-DAEMON CPREDIRECT O MaxMimeHeaderLength=256/128 # Configuration version number DZ8.9.1a ############### # Options # ############### # strip message body to 7 bits on input? O SevenBitInput=False # 8-bit data handling O EightBitMode=pass8 # wait for alias file rebuild (default units: minutes) O AliasWait=10 # location of alias file O AliasFile=/etc/aliases # minimum number of free blocks on filesystem O MinFreeBlocks=100 # maximum message size #O MaxMessageSize=1000000 # substitution for space (blank) characters O BlankSub=. # avoid connecting to "expensive" mailers on initial submission? O HoldExpensive=False # checkpoint queue runs after every N successful deliveries #O CheckpointInterval=10 # default delivery mode O DeliveryMode=background # automatically rebuild the alias database? O AutoRebuildAliases # error message header/file #O ErrorHeader=/etc/sendmail.oE # error mode #O ErrorMode=print # save Unix-style "From_" lines at top of header? #O SaveFromLine # temporary file mode O TempFileMode=0600 # match recipients against GECOS field? #O MatchGECOS # maximum hop count #O MaxHopCount=17 # location of help file O HelpFile=/usr/lib/sendmail.hf # ignore dots as terminators in incoming messages? #O IgnoreDots # name resolver options #O ResolverOptions=+AAONLY # deliver MIME-encapsulated error messages? O SendMimeErrors=True # Forward file search path O ForwardPath=$z/.forward.$w:$z/.forward # open connection cache size O ConnectionCacheSize=2 # open connection cache timeout O ConnectionCacheTimeout=5m # persistent host status directory #O HostStatusDirectory=.hoststat # single thread deliveries (requires HostStatusDirectory)? #O SingleThreadDelivery # use Errors-To: header? O UseErrorsTo=False # log level O LogLevel=9 # send to me too, even in an alias expansion? #O MeToo # verify RHS in newaliases? O CheckAliases=False # default messages to old style headers if no special punctuation? O OldStyleHeaders=True # SMTP daemon options #O DaemonPortOptions=Port=esmtp # privacy flags O PrivacyOptions=authwarnings # who (if anyone) should get extra copies of error messages #O PostMasterCopy=Postmaster # slope of queue-only function #O QueueFactor=600000 # queue directory O QueueDirectory=/var/spool/mqueue # timeouts (many of these) #O Timeout.initial=5m #O Timeout.connect=5m #O Timeout.iconnect=5m #O Timeout.helo=5m #O Timeout.mail=10m #O Timeout.rcpt=1h #O Timeout.datainit=5m #O Timeout.datablock=1h #O Timeout.datafinal=1h #O Timeout.rset=5m #O Timeout.quit=2m #O Timeout.misc=2m #O Timeout.command=1h #O Timeout.ident=30s #O Timeout.fileopen=60s O Timeout.queuereturn=5d #O Timeout.queuereturn.normal=5d #O Timeout.queuereturn.urgent=2d #O Timeout.queuereturn.non-urgent=7d O Timeout.queuewarn=4h #O Timeout.queuewarn.normal=4h #O Timeout.queuereturn.urgent=2d #O Timeout.queuereturn.non-urgent=7d O Timeout.queuewarn=4h #O Timeout.queuewarn.normal=4h #O Timeout.queuewarn.urgent=1h #O Timeout.queuewarn.non-urgent=12h #O Timeout.hoststatus=30m # should we not prune routes in route-addr syntax addresses? #O DontPruneRoutes # queue up everything before forking? O SuperSafe=True # status file O StatusFile=/var/log/sendmail.st # time zone handling: # if undefined, use system default # if defined but null, use TZ envariable passed in # if defined and non-null, use that info #O TimeZoneSpec= # default UID (can be username or userid:groupid) O DefaultUser=8:12 # list of locations of user database file (null means no lookup) #O UserDatabaseSpec=/etc/userdb # fallback MX host #O FallbackMXhost=fall.back.host.net # if we are the best MX host for a site, try it directly instead of config err #O TryNullMXList # load average at which we just queue messages #O QueueLA=8 # load average at which we refuse connections #O RefuseLA=12 # maximum number of children we allow at one time #O MaxDaemonChildren=12 # maximum number of new connections per second #O ConnectionRateThrottle=3 # work recipient factor #O RecipientFactor=30000 # deliver each queued job in a separate process? #O ForkEachJob # work class factor #O ClassFactor=1800 # work time factor #O RetryFactor=90000 # shall we sort the queue by hostname first? #O QueueSortOrder=priority # minimum time in queue before retry #O MinQueueAge=30m # default character set #O DefaultCharSet=iso-8859-1 # service switch file (ignored on Solaris, Ultrix, OSF/1, others) #O ServiceSwitchFile=/etc/service.switch # hosts file (normally /etc/hosts) #O HostsFile=/etc/hosts # dialup line delay on connection failure #O DialDelay=10s # action to take if there are no recipients in the message #O NoRecipientAction=add-to-undisclosed # chrooted environment for writing to files #O SafeFileEnvironment=/arch # are colons OK in addresses? #O ColonOkInAddr # how many jobs can you process in the queue? #O MaxQueueRunSize=10000 # shall I avoid expanding CNAMEs (violates protocols)? #O DontExpandCnames # SMTP initial login message (old $e macro) O SmtpGreetingMessage=$j Sendmail $v/$Z; $b # UNIX initial From header format (old $l macro) O UnixFromLine=From $g $d # From: lines that have embedded newlines are unwrapped onto one line #O SingleLineFromHeader=False # Allow HELO SMTP command that does not include a host name #O AllowBogusHELO=False # Characters to be quoted in a full name phrase (@,;:\()[] are automatic) #O MustQuoteChars=. # delimiter (operator) characters (old $o macro) O OperatorChars=.:%@!^/[]+ # shall I avoid calling initgroups(3) because of high NIS costs? #O DontInitGroups # are group-writable :include: and .forward files (un)trustwort #O UnsafeGroupWrites # where do errors that occur when sending errors get sent? #O DoubleBounceAddress=postmaster # what user id do we assume for the majority of the processing? #O RunAsUser=sendmail # maximum number of recipients per SMTP envelope #O MaxRecipientsPerMessage=100 # shall we get local names from our installed interfaces? #O DontProbeInterfaces ########################### # Message precedences # ########################### Pfirst-class=0 Pspecial-delivery=100 Plist=-30 Pbulk=-60 Pjunk=-100 ##################### # Trusted users # ##################### # this is equivalent to setting class "t" #Ft/etc/sendmail.ct Troot Tdaemon Tuucp * sendmail.cw # sendmail.cw - include all aliases for your machine here. ÀÌ ¼³Á¤Àº »ç¿ëÀÚÀÇ Linux ½Ã½ºÅÛÀÌ °¡¸®Å°´Â ¸ðµç º°Äª°ú ¸ÞÀÏÀ» ó¸®ÇÏ°íÀÚ Çϴ ȣ½ºÆ®¸¦ °¡¸®Å°´Â ³»¿ëÀÌ´Ù. ÀÌ Ç׸ñ¿¡ ÇØ´çÇϴ ȣ½ºÆ®ÀÇ À̸§À» Àû¾îÁÖ¸é ÇØ´ç È£½ºÆ®ÀÇ ¸ÞÀϵµ ó¸®ÇÏ´Â ±â´ÉÀ» °¡Áö°í ÀÖ´Ù. O. telnet »ç¿ë¹ý. Áö¿ª È£½ºÆ®¿Í ³×Æ®¿öÆ®»óÀÇ È£½ºÆ®¸¦ ¿¬°áÇÏ´Â ½Ã½ºÃÀ ÇÁ·Î±×·¥À¸·Î½á ÅÚ³ÝÀ» ¸¹ÀÌ »ç¿ëÇϴµ¥, ÁÖ·Î ´Ù¸¥ È£½ºÆ®·ÎÀÇ ·Î±ä ÀÛ¾÷À» ÇÏ´Â °æ¿ì¿¡ ¸¹ÀÌ »ç¿ëÇÑ´Ù. telnetÀ¸·ÎÀÇ ·Î±ä ÈÄ ÀÛ¾÷Àº ·ÎÄà ȣ½ºÆ®¿¡¼­ÀÇ ÀÛ¾÷°ú µ¿ÀÏÇÑ È¿°ú¸¦ ³½´Ù. telnetÀº ÆÄÀÏ Àü¼Û ¹× ÆÄÀÏ ¹Þ±â ±â´ÉÀÌ ¾ø´Â ÇÁ·ÎÅäÄÝÀÌ´Ù. ÆÄÀÏ ¹Þ±â ¹× ÆÄÀÏ Àü¼Û ÇÁ·Î±×·¥À¸·Î´Â ÁÖ·Î »ç¿ëÇÏ´Â ztelnetÀ̶ó´Â ÇÁ·Î±×·¥ÀÌ ÀÖ´Ù. ztelnet(zmodem + telnet)À¸·Î½á ÆÄÀÏ Àü¼Û ¹× ÆÄÀÏ ¹Þ±â¿¡ ¸¹ÀÌ ¾²ÀÌ´Â ÅÚ³Ý ÇÁ·Î±×·¥ÀÌ´Ù. * ÆÄÀÏ ¹Þ±â Åë½Å»ó¿¡¼­ ÀڷḦ ¹Þ°íÀÚ ÇÒ ¶§, ÀÚ·á ¹Þ±â¸¦ ¼±ÅÃÇÑ ´ÙÀ½¿¡ PgDnÅ°¸¦ Ä¡½Ã°í ZMODEMÀ» ¼±ÅÃÇϽʽÿÀ. ¼ö½ÅÀ» Áß´ÜÇϽ÷Á¸é ESCÅ°¸¦ Ä¡½Ã°í CTRL-X¸¦ ¿©·¯¹ø Ä¡½Ê½Ã¿À. ŠpwB00000000000000 ÀÌ·± È­¸éÀÌ ³ª¿ÂÈÄ¿¡ Ctrl + ] Å°¸¦ °°ÀÌ ´©¸£¸é ´ÙÀ½°ú °°Àº Ç׸ñÀÌ ³ª¿Â´Ù. ztelnet> ÀÌ·± È­¸é¿¡ rz ¸¦ Ä¡¸é ´Ù¿îÀÌ µÈ´Ù. * ÆÄÀÏ Àü¼Û ¾÷·Îµå ÇÏ´Â ÆÄÀÏÀ» Àü¼ÛÀ» ÇÒ ½Ã¿¡´Â ztelnet> ´ÙÀ½°ú °°Àº Ç׸ñÀÌ ³ªÅ¸³ª¸é ÀÌ·± Çü½ÄÀ¸·Î ¸í·É¾î¸¦ Ä£´Ù. sz ÆÄÀϸí -w 1024 ÀÌ·± Çü½ÄÀ¸·Î Àû¾îÁØ´Ù. O. Samba ¼³Á¤Çϱâ. * smb.conf [global] workgroup = NT µµ¸ÞÀÎ À̸§ ¶Ç´Â ¿öÅ©±×·ì À̸§ workgroup = MYGROUP server string Àº ¶õ NT ¼³¸í Çʵå¿Í °°Àº °ÍÀÔ´Ï´Ù. server string = Samba Server ÀÌ ¿É¼ÇÀº º¸¾È°ú °ü·ÃÇÏ¿© Áß¿äÇÑ °ÍÀÔ´Ï´Ù. ÀÌ ¿É¼ÇÀ» ÅëÇØ ¿©·¯ºÐÀÇ ±Ù°Å¸® ³×Æ®¿÷¿¡ Àִ ȣ½ºÆ®¿¡°Ô¸¸ Á¢±ÙÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. ´ÙÀ½ ¿¹´Â 2 °³ÀÇ C Ŭ·¡½º ³×Æ®¿÷°ú "loopback" ÀÎÅÍÆäÀ̽º¿¡ ´ëÇؼ­¸¸ Á¢±ÙÀ» Çã¿ëÇÑ´Ù. ; hosts allow = 192.168.1. 192.168.2. 127. ÇÁ¸°ÅÍ ¼³Á¤À» °³º°ÀûÀ¸·Î ÇÏÁö ¾Ê°í ÀÚµ¿À¸·Î ÇÁ¸°ÅÍ ¸ñ·ÏÀ» Æ÷ÇÔ½ÃÅ°±æ ¿øÇÑ´Ù¸é ´ÙÀ½ ¿É¼ÇÀ» »ç¿ëÇÕ´Ï´Ù. printcap ¿¡¼­ Á¤ÀÇÇÑ ÇÁ¸°ÅÍ ¸ñ·ÏÀÌ ÀÚµ¿À¸·Î µî·ÏµË´Ï´Ù. load printers = no À̸é ÇϳªÇϳª Á¤ÇØÁÖ¼Å¾ß ÇÕ´Ï´Ù. load printers = yes printcap ÆÄÀÏÀÇ À§Ä¡¸¦ »õ·Ó°Ô ÁöÁ¤ÇÏ°í ½ÍÀ» ¶§ »ç¿ëÇÑ´Ù. ; printcap name = /etc/printcap SystemV ½Ã½ºÅÛ¿¡¼­´Â printcap name À» lpstat À¸·Î ÇØÁÖ¸é SystemV ½ºÇ® ½Ã½ºÅÛÀ¸·ÎºÎÅÍ ÇÁ¸°ÅÍ ¸ñ·ÏÀ» ÀÚµ¿À¸·Î ¾ò°Ô ÇØÁÝ´Ï´Ù. ; printcap name = lpstat ¿©·¯ºÐÀÇ ÇÁ¸°Æà ½Ã½ºÅÛÀÌ Ç¥ÁØ¿¡¼­ ¹þ¾î³­ °ÍÀÌ ¾Æ´Ï¶ó¸é ´ÙÀ½ ¿É¼ÇÀÇ ÁÖ¼®À» Ç® ÇÊ¿ä°¡ ¾ø½À´Ï´Ù. ; printing = bsd ¼Õ´Ô »ç¿ëÀÚ¸¦ Çã°¡ÇÏ°í ½ÍÀ» ¶§´Â ´ÙÀ½ ÇàÀÇ ÁÖ¼®À» Ç®¾îÁÝ´Ï´Ù. nobody °¡ ¾Æ´Ñ °æ¿ì¿¡´Â /etc/passwd Ç׸ñ¿¡ ¼³Á¤ÇÑ ¼Õ´Ô »ç¿ëÀÚ °èÁ¤À» Ãß°¡ÇØ¾ß ÇÕ´Ï´Ù. useradd ¸í·ÉÀ¸·Î ¼³Á¤ÇϽʽÿÀ. ; guest account = pcguest ´ÙÀ½Àº »ï¹Ù·Î ÇÏ¿©±Ý Àڽſ¡ Á¢¼ÓÇϴ ȣ½ºÆ® º°·Î °³º°ÀûÀÎ ±â·Ï ÆÄÀÏÀ» ¸¸µéµµ·Ï Áö½ÃÇÕ´Ï´Ù. "/var/log/samba/log.Á¢±ÙÈ£½ºÆ®À̸§"°ú °°Àº ÆÄÀϸíÀ» °¡Áý´Ï´Ù. %m Àº »ï¹Ù ¼³Á¤¿¡¼­ »ç¿ëµÇ´Â Ư¼öÇÑ º¯¼öÀÔ´Ï´Ù. log file = /var/log/samba/log.%m ·Î±× ÆÄÀÏ Å©±âÀÇ »óÇѼ±À» Kb ´ÜÀ§·Î ¼³Á¤ÇÕ´Ï´Ù. max log size = 50 º¸¾È ¸ðµåÀÔ´Ï´Ù. ´ëºÎºÐÀÇ »ç¶÷µé¿¡°Õ user ·¹º§ÀÇ º¸¾ÈÀÌ ¸Â½À´Ï´Ù. ÀÚ¼¼ÇÑ ³»¿ëÀº security_level.txt ¹®¼­¸¦ Âü°íÇϽʽÿÀ. Âü°í·Î user ´Â À¯´Ð½º °èÁ¤À̸§/Æнº¿öµå ¹æ½ÄÀÇ º¸¾È µî±ÞÀ̸ç share´Â ¿öÅ©±×·ì Æ÷ À©µµ¿ìÁî(WfW)¿Í À©µµ95ÀÇ ±âº» ¸ðµåÀÔ´Ï´Ù. serverÀÇ °æ¿ì¿¡´Â ÀÎÁõÀ» À§ÇØ NT ¼­¹ö°¡ ÇÊ¿äÇÕ´Ï´Ù. security = user security = server ÀÎ °æ¿ì¿¡¸¸ Æнº¿öµå ¼­¹ö¸¦ ¼³Á¤ÇÕ´Ï´Ù. ; password server = Æнº¿öµå ·¹º§¿¡¼­´Â ´ë¼Ò¹®ÀÚ ¸ðµç Á¶ÇÕ¿¡ ´ëÇÏ¿© _n_ °³ÀÇ ¹®ÀÚ·Î ÀÌ·ïÁø Æнº¿öµå¸¦ »ç¿ëÇϵµ·Ï ÇÕ´Ï´Ù. ; password level = 8 Æнº¿öµå ¾Ïȣȭ¸¦ »ç¿ëÇÏ°í ½ÍÀ» ¶§°¡ ÀÖÀ» °Ì´Ï´Ù. »ï¹Ù ¹®¼­ Áß¿¡¼­ ENCRYPTION.txt, Win95.txt, WinNT.txt ¸¦ ²À Àо½Ã±â ¹Ù¶ø´Ï´Ù. ÀÌ ¹®¼­¸¦ Âø½ÇÈ÷ ÀÐÁö ¾ÊÀº »óÅ¿¡¼­ ´ÙÀ½ ¿É¼ÇÀ» ¼³Á¤ÇÏÁö ¸¶½Ê½Ã¿À. À©µµ¿ìÁîNT 4.0 ¼­ºñ½º ÆÑ 3 ¹ø ÀÌ»óÀÎ ½Ã½ºÅÛ¿¡¼­´Â Æнº¿öµå ¾Ïȣȭ°¡ ÇÊ¿äÇÕ´Ï´Ù. ; encrypt passwords = yes ; smb passwd file = /etc/smbpasswd À¯´Ð½º »ç¿ëÀÚ À̸§°ú SMB »ç¿ëÀÚ À̸§ÀÌ ´Þ¶ó µÑ °£ÀÇ ¿¬°ü Å×À̺íÀ» ÇÊ¿äÇÒ ¶§ »ç¿ëÇÕ´Ï´Ù. ; username map = /etc/smbusers ´ÙÀ½ ¿É¼ÇÀº Á¢¼ÓÇÏ´Â °¢ ¸Ó½Å¸¶´Ù ¼­·Î ´Ù¸¥ ¼³Á¤À» ¿øÇÒ ¶§ »ç¿ëÇÕ´Ï´Ù. ¿©±â¼­ %m Àº Á¢¼ÓÇϴ ȣ½ºÆ®ÀÇ NetBIOS À̸§À¸·Î ´ëüµË´Ï´Ù. ; include = /etc/smb.conf.%m ´ëºÎºÐÀÇ °æ¿ì ´ÙÀ½ ¿É¼ÇÀ» ÁÖ¸é ¼º´É Çâ»ó È¿°ú¸¦ º¼ ¼ö ÀÖ½À´Ï´Ù. ÀÚ¼¼ÇÑ »çÇ×Àº speed.txt ¿Í ¸Ç ÆäÀÌÁö¸¦ Âü°íÇϽʽÿÀ. socket options = TCP_NODELAY »ï¹Ù°¡ ¿©·¯ °³ÀÇ ÀÎÅÍÆäÀ̽º¸¦ »ç¿ëÇϵµ·Ï ¼³Á¤ÇÕ´Ï´Ù. ¿©·¯ °³ÀÇ ³×Æ®¿÷ ÀÎÅÍÆäÀ̽º¸¦ °¡Áö°í ÀÖ´Ù¸é ±× ÀÎÅÍÆäÀ̽ºµéÀ» ¸ðµÎ ³ª¿­ÇϽʽÿÀ. ÀÚ¼¼ÇÑ »çÇ×Àº ¸Ç ÆäÀÌÁö¸¦ Âü°íÇϽʽÿÀ. ´ÙÀ½ ¿¹´Â »ï¹Ù ¼­¹ö°¡ 192.168.12.2, 192.168.13.2 ÀÌ·¸°Ô µÎ °³ÀÇ ÁÖ¼Ò¸¦ °¡Áö°í ÀÖ°í 24 ºñÆ® Áï ³Ý¸Å½ºÅ© 255.255.255.0 ¸¦ »ç¿ëÇÏ¿© 192.168.12.0, 192.168.13.0 ³×Æ®¿÷ÀÇ È£½ºÆ®¿¡ ´ëÇؼ­ ¹Þ¾ÆµéÀÔ´Ï´Ù. ; interfaces = 192.168.12.2/24 192.168.13.2/24 ¿ø°Ý ºê¶ó¿ìÁî ¸ñ·Ï°úÀÇ µ¿±âÈ­¿¡ °üÇÑ ¼³Á¤ÀÔ´Ï´Ù. °øÇ¥ ¿äûÀ» Çϰųª ¶Ç´Â ºê¶ó¿ìÁî ¸ñ·Ï µ¿±âÈ­ÇØ ÁÙ ´ë»óÀ̳ª ƯÁ¤ È£½ºÆ® ¶Ç´Â Àüü ¼­ºê³ÝÀ» ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù. ; remote browse sync = 192.168.3.25 192.168.5.255 Áö¿ªÀûÀÎ ¼­ºê³Ý¿¡ ÀÚ±â ÀÚ½ÅÀ» °¡½ÃÈ­ Çϵµ·Ï ¼³Á¤ÇÕ´Ï´Ù. À©µµ¿ìÁî ³×Æ®¿÷ ȯ°æ¿¡¼­ »ï¹Ù ¼­¹ö°¡ Àß º¸À̵µ·Ï ÇÒ ¶§ À¯¿ëÇÕ´Ï´Ù. ; remote announce = 192.168.1.255 192.168.2.44 ºê¶ó¿ìÁ® Á¦¾î ¿É¼Ç: »ï¹Ù°¡ ³×Æ®¿÷¿¡ ´ëÇÑ ¸Å½ºÅÍ°¡ µÇ±æ ¹Ù¶óÁö ¾ÊÀ¸¸é local master ¼³Á¤À» no ·Î ÇϽʽÿÀ. ; local master = no OS ·¹º§Àº ¸Å½ºÅÍ ºê¶ó¿ìÁ® ¼±°Å °úÁ¤¿¡¼­ ¼­¹öÀÇ ¿ì¼±±ÇÀ» °áÁ¤ÇÕ´Ï´Ù. ±âº»°ªÀÌ ÀûÀýÇÕ´Ï´Ù. ; os level = 33 domain master ´Â »ï¹Ù·Î ÇÏ¿ä±Ý µµ¸ÞÀÎ ¸Å½ºÅÍ ºê¶ó¿ìÁ®°¡ µÇµµ·Ï ÇØÁÝ´Ï´Ù. »ï¹Ù´Â ¼­ºê³Ýµé·ÎºÎÅÍ ºê¶ó¿ìÁî ¸ñ·ÏÀ» ¸ðÀ¸´Â ÀÛ¾÷À» ÇÏ°Ô µË´Ï´Ù. ÀÌ¹Ì ÀÌ ±â´ÉÀ» ´ã´çÇÏ°í ÀÖ´Â À©µµ¿ìÁî NT µµ¸ÞÀÎ ÄÁÆ®·Ñ·¯°¡ ÀÖ´Ù¸é ÀÌ°ÍÀ» »ç¿ëÇؼ­´Â ¾ÈµË´Ï´Ù. ; domain master = yes preferred master ¿É¼ÇÀ» ÄÑµÎ¸é ½Ãµ¿ÇÒ ¶§ Áö¿ª ºê¶ó¿ìÁ® ¼±°Å¸¦ Çϵµ·Ï ¸¸µé°í ¼±°Å¿¡¼­ ÀÌ±æ ¼ö ÀÖ´Â Á» ´õ ³ôÀº ±âȸ¸¦ ºÎ¿©¹Þ½À´Ï´Ù. ; preferred master = yes ¼³Ä¡ÇÒ ¶§ ÁÖ µµ¸ÞÀÎ ÄÁÆ®·Ñ·¯·Î ¼³Á¤µÈ NT ¼­¹ö°¡ Á¸ÀçÇÒ ¶§¸¸ »ç¿ëÇÕ´Ï´Ù. ; domain controller = »ï¹Ù°¡ À©µµ¿ìÁî95 ¿öÅ©½ºÅ×À̼ǿ¡ ´ëÇÑ µµ¸ÞÀÎ ·Î±×¿Â ¼­¹ö ¿ªÇÒÀ» ÇÏ±æ ¿øÇÏ´Â °æ¿ì ÄѵӴϴÙ. ; domain logons = yes µµ¸ÞÀÎ ·Î±×¿ÂÀ» ¼±ÅÃÇß°í °¢ ¸Ó½Å º°·Î ¶Ç´Â °¢ »ç¿ëÀÚ º°·Î ·Î±×¿Â ½ºÅ©¸³Æ®¸¦ ±¸ºÐÇÏ¿© ƯÁ¤ ¹èÄ¡ ÆÄÀÏÀ» ÀÛµ¿½ÃÅ°±æ ¿øÇÏ´Â °æ¿ì »ç¿ëÇÕ´Ï´Ù. ; logon script = %m.bat »ç¿ëÀÚ À̸§¿¡ ÀÇ°ÅÇÏ¿© ¼­·Î ´Ù¸¥ ·Î±×¿Â ¹èÄ¡ ÆÄÀÏÀ» ½ÇÇà½Ãų ¶§ ; logon script = %U.bat ; logon path = \\%L\Profiles\%U À©µµ¿ìÁî ÀÎÅÍ³Ý ³×ÀÓ ¼­ºñ½º WINS Áö¿ø ¼½¼Ç: Âü°í) /etc/lmhosts¸¦ ¸¸µé¾î ¸¶Ä¡ /etc/hosts¿Í °°ÀÌ Àû½À´Ï´Ù. ¿¹) 192.168.0.1 ¤linux ; wins support = yes WINS ¼­¹ö - »ï¹ÙÀÇ NMBD ·Î ÇÏ¿©±Ý WINS Ŭ¶óÀ̾ðÆ®°¡ µÇµµ·Ï ÇÕ´Ï´Ù. »ï¹Ù´Â WINS ¼­¹ö ¶Ç´Â Ŭ¶óÀ̾ðÆ® Áß Çϳª¸¸ µÉ ¼ö ÀÖ´Ù. ; wins server = w.x.y.z WINS ÇÁ·Ï½Ã - »ï¹Ù·Î ÇÏ¿©±Ý WINS ±â´ÉÀ» °®ÃßÁö ¸øÇÑ Å¬¶óÀ̾ðÆ®¸¦ ´ë½ÅÇÏ¿© À̸§¿¡ ÇØ´çÇÏ´Â ÁÖ¼Ò Ã£±â Áú¹®À» ´ë½Å ´äÇϵµ·Ï ÇÕ´Ï´Ù. À̸¦ À§Çؼ­´Â ³×Æ®¿÷ »ó¿¡ Àû¾î ÇÑ °³ ÀÌ»óÀÇ WINS ¼­¹ö°¡ ÀÖ¾î¾ß ÇÕ´Ï´Ù. ±âº»°ªÀº NO ; wins proxy = yes DNS ÇÁ·Ï½Ã - »ï¹Ù·Î ÇÏ¿©±Ý DNS nslookup À» »ç¿ëÇÏ¿© NetBIOS À̸§À» ãÀ» °ÍÀÎÁö ¾Æ´ÑÁö Áö½ÃÇÕ´Ï´Ù. 1.9.17 ¹öÀü¿¡¼­´Â ³»ºÎ ±âº»°ªÀÌ yes ¿´À¸³ª 1.9.18 ¹öÀü¿¡¼­´Â no ·Î º¯°æµÇ¾ú½À´Ï´Ù. dns proxy = no ´ë¼Ò¹®ÀÚ º¸Á¸ÀÌ ÇÊ¿äÇÒ ¶§°¡ ÀÖ½À´Ï´Ù. ½Ã½ºÅÛ ±âº»°ªÀº NO ÀÔ´Ï´Ù. preserve case = yes short preserve case = yes # µµ½º ÆÄÀÏ¿¡ ´ëÇÑ ±âº» ¹®ÀÚ´Â ´ë¹®ÀÚÀÔ´Ï´Ù. ; default case = lower # ´ë¼Ò¹®ÀÚ ±¸º°Àº ÁÖÀǸ¦ ¿äÇÕ´Ï´Ù. - ¹®Á¦¸¦ ÀÏÀ¸Å³ ¼öµµ ÀÖ½À´Ï´Ù! ; case sensitive = no #======================== °øÀ¯ Á¤ÀÇ================================== [homes] comment = Ȩ µð·ºÅ丮 browseable = no writable = yes µµ¸ÞÀÎ ·Î±×¿ÂÀ» À§ÇÑ netlogin µð·ºÅ丮¸¦ ¸¸µé°í ÁÖ¼® ÇØÁ¦ÇÕ´Ï´Ù. ¹°·Ð µµ¸ÞÀÎ ·Î±×¿Â ±â´ÉÀ» Áö¿øÇÒ ¶§¸¸ ÇÊ¿äÇÕ´Ï´Ù. ; [netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no ƯÁ¤ÇÑ ·Î¿ìºù ÇÁ·ÎÆÄÀÏ(roving profile) °øÀ¯¸¦ Á¦°øÇÏ°íÀÚ ÇÑ´Ù¸é ´ÙÀ½ÀÇ ÁÖ¼®À» Ç®¾îÁֽʽÿÀ. the default is to use the user's home directory ±âº»°ªÀº »ç¿ëÀÚÀÇ È¨ µð·ºÅ丮ÀÔ´Ï´Ù. ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes [printers] comment = ¸ðµç ÇÁ¸°ÅÍ path = /var/spool/samba browseable = no guest ok = yes ¶ó°í Çϸé 'guest account'·Î ÁöÁ¤ÇÑ »ç¿ëÀÚµéÀÌ ÇÁ¸°ÆÃÀ» ÇÒ ¼ö ÀÖ½À´Ï´Ù. public = yes µµ °°Àº Ç¥ÇöÀÔ´Ï´Ù. guest ok = no writable = no printable = yes ;[tmp] ; comment = Àӽà ÆÄÀÏ °ø°£ ; path = /tmp ; read only = no ; public = yes °ø°³ÀûÀ¸·Î Á¢±Ù °¡´ÉÇÑ µð·ºÅ丮ÀÌÁö¸¸ Àб⸸ °¡´ÉÇÏ°í "staff" ±×·ì¿¡ ¼ÓÇÑ »ç¿ëÀڵ鸸ÀÌ ¾²±â¸¦ ÇÒ ¼ö ÀÖ´Â ¼³Á¤ÀÇ ¿¹ÀÔ´Ï´Ù. ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff fred ¶ó´Â »ç¿ëÀÚ¸¸ ÀÌ¿ëÇÒ ¼ö ÀÖ´Â °³ÀÎÀûÀÎ ÇÁ¸°ÅÍ ¼³Á¤. ½ºÇ® ÀÚ·á´Â fred ÀÇ È¨ µð·ºÅ丮¿¡ ¾º¿©Áý´Ï´Ù. fred ´Â ÁöÁ¤ÇÑ ½ºÇ® µð·ºÅ丮¿¡ ¾²±â ±ÇÇÑÀ» °¡Áö°í ÀÖ´Â »óÅ¿©¾ß ÇÕ´Ï´Ù. ;[fredsprn] ; comment = Fred Àü¿ë ÇÁ¸°ÅÍ ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes fread ¸¸ÀÌ ÀÌ¿ëÇÒ ¼ö ÀÖ´Â °³ÀÎÀûÀÎ µð·ºÅ丮 ¼³Á¤ÀÔ´Ï´Ù. µð·ºÅ丮¿¡ ´ëÇÏ¿© fred ÀÇ ¾²±â ±ÇÇÑÀÌ ÀÖ´Â »óÅ¿©¾ß ÇÕ´Ï´Ù. ;[fredsdir] ; comment = Fred °³ÀÎ ¼­ºñ½º ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no Á¢¼ÓÇÏ´Â ¸Ó½Å¿¡ µû¶ó ¼­·Î ´Ù¸¥ µð·ºÅ丮¸¦ Á¦°øÇÏ´Â ¼­ºñ½ºÀÇ ÁÁÀº ¿¹ÀÔ´Ï´Ù. ÀÌ·¸°Ô ÇÔÀ¸·Î½á Á¢¼Ó ¸Ó½Å¿¡ µû¶ó ½ÇÁ¦ ¼³Á¤ ³»¿ëÀÌ ´Þ¶óÁö´Â È¿°ú¸¦ ¾òÀ» ¼ö ÀÖ½À´Ï´Ù. »ç¿ëÀÚ À̸§À¸·Î ±¸º°ÇÏ·Á¸é %u ¿É¼ÇÀ» ´ë½Å »ç¿ëÇÏ¸é µË´Ï´Ù. %m Àº Á¢¼ÓÇÏ´Â ¸Ó½ÅÀÇ À̸§À¸·Î ġȯµË´Ï´Ù. ;[pchome] ; comment = PC µð·ºÅ丮 ; path = /usr/pc/%m ; public = no ; writable = yes ¸ðµç »ç¿ëÀÚ°¡ ÀÐ°í ¾µ ¼ö ÀÖ´Â °ø°³ Á¢±Ù µð·ºÅ丮ÀÇ ¿¹ÀÔ´Ï´Ù. »ý¼ºµÇ´Â ¸ðµç ÆÄÀÏÀº ±âº» »ç¿ëÀÚÀÇ ¼ÒÀ¯°¡ µÇ¹Ç·Î ´Ù¸¥ »ç¿ëÀÚ°¡ ¿©·¯ºÐÀÌ ¸¸µç ÆÄÀÏÀ» Áö¿ï ¼ö ÀÖ½À´Ï´Ù. ´ç¿¬È÷ ÁÖ¾îÁø µð·ºÅ丮¿¡ ´ëÇÏ¿© ±âº» »ç¿ëÀÚ°¡ ¾²±â ±ÇÇÑÀ» °¡Áö°í ÀÖ¾î¾ß ÇÕ´Ï´Ù. ´Ù¸¥ »ç¿ëÀÚ¸¦ ¸í½ÃÇÏ¸é ±âº» »ç¿ëÀÚ°¡ ¾Æ´Ñ ±× »ç¿ëÀÚÀÇ ¼ÒÀ¯°¡ µË´Ï´Ù. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no ´ÙÀ½ Ç׸ñÀº µÎ »ç¿ëÀÚ°¡ ¾î¶»°Ô ÇÑ µð·ºÅ丮¸¦ °øÀ¯ÇÏ¿© »ç¿ëÇÏ°Ô ÇÒ ¼ö ÀÖ´ÂÁö ¿¹½ÃÇÏ°í ÀÖ½À´Ï´Ù. ÀÌ ¼³Á¤ÀÌ Á¦´ë·Î ÀÛµ¿ÇÏ·Á¸é µð·ºÅ丮´Â µÎ »ç¿ëÀÚ¿¡ ÀÇÇØ ¾²±â °¡´ÉÇØ¾ß ÇÏ¸ç ½ºÆ½Å°(sticky) ºñÆ®¸¦ ¼³Á¤ÇÏ¿© ¼­·ÎÀÇ ÆÄÀÏ¿¡ ´ëÇÏ¿© ¾ÇÀÇÀûÀÎ ÇൿÀ» ÃëÇÒ ¼ö ¾øµµ·Ï ÇØÁà¾ß ÇÕ´Ï´Ù. ÀÌ·± ¹æ¹ýÀ¸·Î ¿©·¯ »ç¿ëÀÚ°¡ ÇÑ µð·ºÅ丮¸¦ ¾ÈÀüÇÏ°Ô °øÀ¯Çϵµ·Ï È®ÀåÇÒ ¼ö ÀÖ½À´Ï´Ù. ;[myshare] ; comment = Mary & fred µð·º. ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 O. À©98 °ú À©NT ¿ÍÀÇ »ï¹Ù °øÀ¯ÇÒ¶§. ´ÙÀ½°ú °°Àº ¸í·ÉÀ» ³»ÁÝ´Ï´Ù. # cat /etc/passwd | mksmbpasswd.sh >/etc/smbpasswd ¶ó´Â ¸í·ÉÀ» ³»·ÁÁÖ¸é /etc/ µð·ºÅ丮ÇÏ¿¡ smbpasswd ¶ó´Â ÆÄÀÏÀÌ ¸¸µé¾îÁý´Ï´Ù. À§¿Í °°Àº »çÇ×Àº À©98 °ú NT ¿¡¼­´Â Æнº¿öµå ¾Ïȣȭ ±â´ÉÀÌ µé¾îÀֱ⠶§¹®ÀÔ´Ï´Ù. ¸¸¾à, linux »ç¿ëÀÚ¿¡ ´ëÇÑ »ï¹Ù°øÀ¯ ¾ÏÈ£¸¦ ÁöÁ¤ÇÏ·Á¸é ´ÙÀ½°ú °°ÀÌ ÇØÁÝ´Ï´Ù. # smbpasswd linux ¶ó°í Ä¡¸é Æнº¿öµå¸¦ ÁöÁ¤Çϵµ·Ï ¿ä±¸ÇÕ´Ï´Ù. Æнº¿öµå¸¦ ÁöÁ¤ÇÑ ´ÙÀ½¿¡ »ï¹Ù µ¥¸óÀ» ¶ç¿ì¸é ¾Ïȣȭ ±â´ÉÀ¸·Î½á »ï¹Ù °øÀ¯°¡ ÁöÁ¤ÀÌ µË´Ï´Ù. # /etc/rc.d/init.d/smb stop (»ï¹Ù µ¥¸ó ÁßÁö) # /etc/rc.d/init.d/smb start (»ï¹Ù µ¥¸ó ½ÃÀÛ) 3. ¸®´ª½º & Database Linux»ó¿¡¼­ÀÇ Database±¸Ãà¿¡ ÇÊ¿äÇÑ Application¿¡´Â PostgreSQL, mSQL, MySQL, Informix for Linux, Oracle for LinuxµîÀÌ ÀÖ´Ù. ±Ý³â ¸»¿¡ Ãâ½ÃµÉ ¿¹Á¤ÀÎ OracleÀº ¾ÆÁ÷ ÇÁ·Î±×·¥ÀÌ Ãâ½Ã°¡ ¾ÈµÈ »óÅÂÀ̹ǷΠ¿©±â¿¡¼­´Â ¼Ò°³ Á¤µµ·Î ¸¶Ä¥±î ÇÑ´Ù. ¢º PostgreSQL(http://www.postgresql.org/) : PostgreSQLÀº °´Ã¼-°ü°èÇü DBMS·Î¼­ Berkeley Postgres µ¥ÀÌÅͺ£À̽º °ü¸®½Ã½ºÅÛ¿¡¼­ ÆÄ»ýµÇ¾ú´Ù. PostgreSQLÀº °´Ã¼-°ü°èÇü µ¥ÀÌÅÍ ¸ðµ¨°ú dzºÎÇÑ µ¥ÀÌÅÍ Å¸ÀÔ ½¬¿î È®À强À» °¡Áö°í ÀÖÀ¸¸ç, PostQuel ÀÇ ¾ð¾î¸¦ È®ÀåµÈ SQLÀÇ ºÎºÐÁýÇÕÀ¸·Î ´ëüÇÏ°í ÀÖ´Â µ¥ÀÌÅͺ£À̽ºÀÌ´Ù. ¢º mSQL(http://www.hughes.com.au/) : Mini SQL(mSQL)Àº ±¸Á¶Àû ÁúÀÇ ¾ð¾î(structured Query Language)¸¦ »ç¿ëÇÏ´Â °ü°èÇü µ¥ÀÌÅͺ£À̽ºÀÌ´Ù. °æ·®±ÞÀÇ µ¥ÀÌÅͺ£À̽º·Î½á, ANSI Ç¥ÁØ SQL¸¦ ÀüºÎ´Ù Áö¿øÇÏÁö ¾Ê´Â°Ô ´ÜÁ¡ÀÌ¸ç ºü¸¥ ¼Óµµ°¡ ÀåÁ¡ÀÌ´Ù. ¢º MySQL(http://www.tcx.se/) : MySQLÀº °¡Àå ÀϹÝÀûÀÎ µ¥ÀÌÅͺ£À̽º ¾ð¾îÀÎ SQL(Structured Query Language) ¹®¹ýÀ» »ç¿ëÇÏ´Â µ¥ÀÌÅͺ£À̽º ¼­¹öÀÌ´Ù. MySQLÀº Ư¡ÀûÀÎ Programs/libraries ¿Í ÀÚüÀûÀÎ mysqld ¼­¹öµ¥¸óÀ» ±¸¼ºÇϸç Ŭ¶óÀ̾ðÆ® & ¼­¹ö·Î½á ÃæÁ·½ÃÄÑÁÖ´Â Database ÀÌ´Ù. MySQLÀÇ ÁÖ ¸ñÀûÀº ¼Óµµ¿Í ¾ÈÁ¤¼º¿¡ µÐ´Ù. ¢º Informix : ¹Ì±¹ ½Ã¾ÖƲ¿¡¼­ ¿­¸° ÀÎÆ÷¹Í½º ¿ùµå¿ÍÀ̵å À¯Àú ÄÁÆÛ·±½º¸¦ ÅëÇØ "ÀÎÆ÷¹Í½ºSE" DBÁ¦Ç°°ú "´ÙÀ̳ª¹Í 4GL" °³¹ßÅøÀ» ¸®´ª½º¿¡ À̽Ä, Á¶¸¸°£ »ó¿ëÈ­ÇÒ °èȹÀ̶ó°í ¹ßÇ¥Çß´Ù. ƯÈ÷ ÀÎÆ÷¹Í½ºÀÇ °æ¿ì ´çÃÊ ÀÚ»çÁ¦Ç°À» ¸®´ª½º·Î À̽ÄÇÏÁö ¾Ê°Ú´Ù´Â ¹æħÀ» Àü°Ý ¹Ù²Û °ÍÀº ÃÖ±Ù ¸®´ª½º Ç÷§Æû¿¡ ´ëÇÑ ±â¾÷ °í°´µéÀÇ °ü½É°ú »ó¿ëÈ­ °¡´É¼ºÀÌ ±ÞÁõÇÏ°í Àִµ¥ µû¸¥ °ÍÀ¸·Î Ç®À̵ȴÙ. (ÀüÀڽŹ® ¹ßÃé) ¢º Oracle : ¿À¶óŬ»ç´Â ÃÖ±Ù ÀÚ»ç "¿À¶óŬ8.1" DB¿Í "¿À¶óŬ ¾îÇø®ÄÉÀÌ¼Ç ½ºÀ§Æ®"¸¦ ¸®´ª½º¿ëÀ¸·Î °³¹ßÇÒ ¹æħÀ̶ó°í ¹àÇû´Ù. ÀÌ È¸»çÀÇ ÆÀ ÆäÀÎ DB ¸¶ÄÉÆà ´ã´ç Ã¥ÀÓÀÚ´Â "¸ÖƼ ÇÁ·Î¼¼½Ì ½Ã½ºÅÛ¿¡¼­ ¸®´ª½ºÀÇ È®À强¿¡ ¸¸Á·ÇÑ´Ù."¸ç ÀÌ ½ÃÀåÀÌ ¾öû³­ ¼ºÀå ÀáÀç·ÂÀ» °¡Áú °ÍÀ̶ó°í ±â´ë Çß´Ù. (ÀüÀڽŹ® ¹ßÃé) [PostgreSQL ¼³Ä¡ ¹× È°¿ë¹ý] ¡Ü PostgreSQL ¼³Ä¡½Ã ÇÊ¿äÇÑ ÆÄÀÏ. =========================================================== PostgreSQL Homepage : http://www.postgresql.org/ Source & patch : ftp://ftp.sra.co.jp/pub/cmd/postgres/6.3.2/ =========================================================== o postgresql-6.3.2.tar.gz --> PostgreSQL ¼³Ä¡ ÆÄÀÏ. o jumbo.patch.gz --> ÇÑ±Û »ç¿ëÀ» À§ÇÑ ÆÐÄ¡ ÆÄÀÏ. ¡Ü PostgreSQL ¼³Ä¡. ¸ÕÀú, postgres ¶ó´Â PostgreSQL¸¦ ¿¢¼¼½ºÇÏ´Â »ç¿ëÀÚ¸¦ ¸¸µç´Ù. # adduser postgres # cd /etc/ # vi passwd ÇÏ¿© postgres »ç¿ëÀÚÀÇ È¨µð·ºÅ丮¸¦ /usr/local/pgsql·Î ¹Ù²Ù¾îÁØ´Ù. root »ç¿ëÀÚ·Î½á ´ÙÀ½°ú °°Àº postgres »ç¿ëÀÚÀÇ ¿¢¼¼½º ±ÇÇÑÀ» ºÎ¿©ÇÑ´Ù. # chown -R postgres.postgres /usr/local/pgsql ±×·¯¸é, ¹Þ¾Æ¿Â postgresql-6.3.2.tar.gz °ú jumbo.patch.gzÀ» /usr/local/pgsql·Î º¹»çÇÏ¿© ¾ÐÃàÀ» Ǭ´Ù. # tar xvfz postgresql-6.3.2.tar.gz # cd postgresql-6.3.2 # cp jumbo.patch.gz /usr/local/pgsql/postgresql-6.3.2 # gzip -dc jumbo.patch.gz | patch -p0 jumbo.patch.gz Àº ÇÑ±Û »ç¿ëÀ» À§ÇÑ ÆÐÄ¡È­ÀÏÀÌ´Ù. src µð·ºÅ丮·Î À̵¿ÇÏ¿© Makefile.custom ÆÄÀÏÀ» ¸¸µé°í ´ÙÀ½ÀÇ ÇÑÁÙÀ» Àû´Â´Ù.(ÇÑ±Û »ç¿ëÀ» À§ÇÑ) # jumbo=1 ÀúÀåÇÑ ÈÄ¿¡ posrgres »ç¿ëÀÚ·Î ·Î±äÀ» ÇÑ´Ù. # su - postgres # cd src # ./configure # make # make all ¼³Ä¡°¡ ´Ù µÇ¾úÀ¸¸é ½Ã½ºÅÛÀÌ °øÀ¯ ¶óÀ̺귯¸®¸¦ ãÀ»¼ö ÀÖµµ·Ï /etc/ld.so.conf¿¡ ´ÙÀ½ÀÇ ÇÑÁÙÀ» Àû´Â´Ù. # /usr/local/pgsql/lib À̶ó°í Àû´Â ´ÙÀ½¿¡ /sbin/ldconfig ¸í·ÉÀ» Çѹø ½ÇÇàÇØÁØ´Ù. ¡Ü PostgreSQL ȯ°æ º¯¼ö ¼³Á¤. postgres »ç¿ëÀÚ·Î ·Î±äÀ» ÇÏ¿© PostgreSQLÀ» »ç¿ëÇÒ¼ö ÀÖµµ·Ï ȯ°æ º¯¼ö¸¦ ¼³Á¤À» ÇØÁØ´Ù. ÀÌÁ¦ºÎÅÍ´Â ¸ðµç PostgreSQL ÀÛ¾÷Àº postgres ¶ó´Â »ç¿ëÀڷνá ÀÌ·ç¾îÁø´Ù. bash »ç¿ëÀÚ¶ó¸é .bash_profile¿¡ ¼³Á¤È­ÀÏÀ» Àû¾îÁØ´Ù. ------------------< .bash_profile >-------------------------- PATH=/usr/local/pgsql/bin MANPATH=/usr/local/pgsql/man PGLIB=/usr/local/pgsql/lib PGDATA=/usr/local/pgsql/data export PATH MANPATH PGLIB PGDATA ---------------------------------------------------------- ÀúÀåÇÑ ÈÄ¿¡ source ¸í·ÉÀ» »ç¿ëÇÏ¿© ȯ°æº¯¼ö¸¦ Àû¿ë½ÃŲ´Ù. # source .bash_profile csh »ç¿ëÀÚ¶ó¸é .cshrc ÆÄÀÏ¿¡ ¼³Á¤È­ÀÏÀ» Àû¾îÁØ´Ù. -----------------------< .cshrc >-------------------------- setenv PATH=/usr/local/pgsql/bin setenv MANPATH=/usr/local/pgsql/man setenv PGLIB=/usr/local/pgsql/lib setenv PGDATA=/usr/local/pgsql/data setenv PATH MANPATH PGLIB PGDATA ---------------------------------------------------------- ¶È°°Àº ¹æ¹ýÀ¸·Î source ¸í·ÉÀ» ³»·ÁÁØ´Ù. ¡æ µ¥ÀÌÅͺ£À̽ºÀÇ ÃʱâÈ­¸¦ ³»·ÁÁØ´Ù. # initdb ¡Ü Daemon ¶ç¿ì±â postmaster ÀÇ µ¥¸óÀ» ¼öÇàÇÏ´Â ¸í·É¾î´Â ¡æ postmaster > server.log 2>& 1 & ½Ã½ºÅÛ ºÎÆýà ÀÚµ¿ÀûÀ¸·Î µ¥¸óÀ» ¼öÇà½ÃÅ°±â À§Çؼ­´Â /etc/rc.d/rc.local¿¡ ´ÙÀ½ÀÇ ÇÑÁÙÀ» Àû´Â´Ù. ¡æ su postgres -c "/usr/local/pgsql/bin/postmaster -S -D /usr/local/pgsql/data" ÀÌ·¸°Ô Àû¾îÁÖ°í ³ª¸é ½Ã½ºÅÛ ºÎÆýø¶´Ù µ¥¸óÀ» ¶ç¿ì°Ô µÈ´Ù. [mSQL ¼³Ä¡ ¹× È°¿ë¹ý.] ¡Ü mSQL ¼³Ä¡½Ã ÇÊ¿äÇÑ ÆÄÀÏ. ============================================================ Mini SQL Homepage : http://www.hughes.com.au/ ============================================================ o msql-2.0.4.1.tar.gz --> mSQL ¼³Ä¡ ÆÄÀÏ. ¡Ü mSQL ¼³Ä¡. ¸ÕÀú, mSQL ȨÆäÀÌÁö¿¡ °¡¼­ msql-2.0.4.1.tar.gzÀ» ¹Þ¾Æ¿Â´Ù. ±×¸®°í ³ª¼­, ¹Þ¾Æ¿Â ÆÄÀÏÀÇ ¾ÐÃàÀ» Ç®¾îº¸ÀÚ. # tar xvfz msql-2.0.4.1.tar.gz # cd msql-2.0.4.1 # make target --> Çϸé ÀÚ½ÅÀÇ ½Ã½ºÅÛ¿¡ ¸Â°Ô ¼³Á¤À» ÇØÁØ´Ù. --------------------------------------------------------- Making target directory for Linux-2.1.116-i586 Building directory tree. Adding common Adding conf Adding lang-common Adding lite Adding makedepend Adding makegen Adding msql Adding regexp Adding tests Adding tests/rtest.src Adding w3-msql Adding w3-msql/tests ................................................................................................................................................ Build of target directory for Linux-2.1.116-i586 complete -------------------------------------------------------------- ´Ù µÇ¾úÀ¸¸é ÀÚ½ÅÀÇ ½Ã½ºÅÛ°ú Ä¿³Î ¹öÀü¿¡ ¸Â´Â targets µð·ºÅ丮°¡ »ý±ä´Ù. ÇÊÀÚÀÇ Ä¿³ÎÀº 2.1.116ÀÌ´Ù. # cd targets/Linux-2.1.116-i586 # ./setup # make all # make install ÇϸéÀº ¼³Ä¡°¡ ¿Ï·áµÈ´Ù. ¸ÕÀú, msql À̶ó´Â »ç¿ëÀÚ¸¦ ¸¸µç´Ù. # adduser msql /usr/local/Hughes µð·ºÅ丮´Â msqlÀ̶ó´Â »ç¿ëÀÚÀÇ ¼ÒÀ¯±ÇÇÑÀÌ µÇ¾î¾ßÇÑ´Ù. ´ÙÀ½°ú °°Àº ¸í·ÉÀ¸·Î /usr/local/Hughes µð·ºÅ丮¸¦ msql »ç¿ëÀÚ°¡ ÀÐ/¾²±â°¡ °¡´ÉÇϵµ·Ï ±ÇÇÑÀ» ºÎ¿©ÇØÁØ´Ù. # chown -R msql.msql /usr/local/Hughes ¡Ü Á¢±Ù Á¦ÇÑ ¼³Á¤ ÆÄÀÏ. msqlÀÌ ¼³Ä¡°¡ µÇ°í ³ª¸é msql »ç¿ëÀÚ·Î ·Î±äÀ» ÇÏ¿© msql.acl.sample ÆÄÀÏÀ» msql.acl À̶ó´Â ÆÄÀÏ·Î º¹»ç¸¦ ÇÑ´Ù. # su - msql # cp msql.acl.sample msql.acl ´Ù ÇÏ¿´´Ù¸é, msql.acl ÆÄÀÏÀ» ¼³Á¤ÇÔÀ¸·Î½á Á¢±Ù Á¦ÇÑÀ» ¼³Á¤Çغ¸ÀÚ. ------------------< vi msql.acl >---------------------------- # Access control for mSQL # # Entries are of the form # database=test --> Database table name. read=bambi,-root --> test¶ó´Â Å×À̺íÀ» Àд ±ÇÇÑÀº bambi ¶ó´Â »ç¿ëÀÚÀÌ°í root »ç¿ëÀÚ´Â Àд ±ÇÇÑÀ» Á¦ÇÑÇÑ´Ù, write=root --> test¶ó´Â Å×À̺íÀº ¿ÀÁ÷ root »ç¿ëÀÚ¸¸ ±ÇÇÑÀÌ ÀÖ´Ù. host=* access=local,remote option=rfc931 database=minerva read=* write=minerva access=local ------------------------------------------------------------- ¼³Á¤ÀÌ ³¡³ª¸é msql ÀÇ µ¥¸óÀ» ¶ç¿öº¸ÀÚ. # cd bin # ./msql2d & [msql@hackers bin]$ Mini SQL Version 2.0.4.1 Copyright (c) 1993-94 David J. Hughes Copyright (c) 1995-98 Hughes Technologies Pty Ltd. All rights reserved. Loading configuration from '/usr/local/Hughes/msql.conf'. Server process reconfigured to accept 200 connections. Server running as user 'msql'. Server mode is Read/Write. ¼­¹ö µ¥¸óÀº msql »ç¿ëÀÚ·Î µ¥¸óÀ» ½ÃÀÛÇÑ´Ù. ÇÏÁö¸¸, ¾Õ ºÎºÐ¿¡¼­ »ç¿ëÀÚ°¡ µ¥¸ó½ÇÇàÁß msql.acl ÆÄÀÏÀ» ¹Ù²Ù¾ú´Ù¸é, µ¥ÀÌÅͺ£À̽º °ü¸®ÀÚ°¡ ´ÙÀ½ ¸í·ÉÀ» ¼öÇàÇÑ´Ù. # /usr/local/Hughes/bin/msqladmin reload ÇÏ°í ³ª¼­ ´Ù½Ã µ¥¸óÀ» ½ÇÇà½ÃÅ°¸é µÈ´Ù. ±×¸®°í, ½Ã½ºÅÛ ºÎÆðú ÇÔ²² msql µ¥¸óÀ» ±¸µ¿½ÃÅ°·Á¸é /etc/rc.d/rc.local¿¡ ´ÙÀ½ ÇÑÁÙÀ» Àû¾îÁÖ¸é µÈ´Ù. ¡æ /usr/local/Hughes/bin/msql2d & À̷νá mSQL ¼³Ä¡¹ý¿¡ ´ëÇؼ­ ¾Ë¾Æº¸¾Ò´Ù. [MySQL ¼³Ä¡ ¹× È°¿ë¹ý] ¡Ü MySQL À» ¼³Ä¡ÇÒ °æ¿ì ÇÊ¿äÇÑ °Í MySQL À» ¼³Ä¡ÇÒ °æ¿ì ÇÊ¿äÇÑ °ÍÀÌ ÀÖ´Ù. ±×°ÍÀº ´ÙÀ½°ú °°´Ù. - ¾ÐÃàµÇ¾îÁø ¹èÆ÷ÆÇÀ» Ç®±âÀ§ÇÑ GNU gzip ÇÁ·Î±×·¥ - tar ÇÁ·Î±×·¥ - ANSI C++ ÄÄÆÄÀÏ·¯. - gcc ÄÄÆÄÀÏ·¯ : ¹öÀüÀº 2.7 ÀÌ»óÀÎ°Í ¡Ü MySQL ÀÇ ¼³Ä¡¹æ¹ý. =============================================================== MySQL Homepage : http://www.tcx.se/ =============================================================== ´ÙÀ½ÀÇ ¸í·ÉÀ¸·Î ¾ÐÃàÀ» Ǭ´Ù. # gzip mysql-VERSION.tar.gz ¿©±â¼­ mysql-VERSION.tar.gz Àº ¹æ±Ý ¹ÞÀº ¾ÐÃàÆÄÀÏÀÇ À̸§ÀÌ´Ù. tar ¸í·ÉÀ» ÀÌ¿ëÇÏ¿© ¹­¿©ÀÖ´Â ¼Ò½º¸¦ ´Ù½Ã Ç®¾î¾ß ÇÑ´Ù. ÀÌ°æ¿ì mysql-VERSION À̶ó´Â µð·ºÅ丮°¡ »ý¼ºµÇ¸é¼­ ±× ¾È¿¡ ¸ðµç ¼Ò½º¿Í ÆÄÀÏÀÌ Ç®¸®°Ô µÈ´Ù. # tar -xvf mysql-VERSION.tar »ý¼ºµÈ µð·ºÅ丮·Î À̵¿ÇÑ´Ù. # cd mysql-VERSION ȯ°æÀ» ¼³Á¤ÇÑ´Ù. ¸¸ÀÏ ¾î¶² ¿É¼ÇÀ» Ãß°¡Çϱ⸦ ¿øÇÑ´Ù¸é ´ÙÀ½°ú °°¾Æ ÇÑ´Ù. # ./Configure --help ÀÌ °æ¿ì °¢Á¾ ¿É¼ÇÀÌ ³ª¿À¹Ç·Î ÀÌ ³»¿ëÀ» º¸°í º¯°æÇϱ⠹ٶõ´Ù. ´õ ÀÚ¼¼ÇÑ »çÇ×Àº ¿µ¹® ¸Þ´º¾óÀ» ÀÐ¾î º¸±â ¹Ù¶õ´Ù. ÀϹÝÀûÀ¸·Î ±×³É ¾Æ·¡ÀÇ ¸í·ÉÀ» ½ÇÇàÇÏ¸é µÈ´Ù. #./Configure # make # make install ÄÄÆÄÀÏµÈ ¸ðµç ½ÇÇà °¡´ÉÇÑ ÆÄÀÏÀÌ ¼³Ä¡°¡ µÇ°í ȯ°æÀÌ ¼³Á¤µÈ´Ù. ¼³Ä¡°¡ ³¡³­ÈÄ ¾Æ·¡ÀÇ ¸í·ÉÀ» ½ÇÇàÇÏ¿© ±âÃÊ Å×À̺í°ú admin À¯Àú¸¦ ¼³Ä¡ÇÑ´Ù. ÀÌ ¸í·ÉÀº ´Ü ÇѹøÇÏ´Â °ÍÀ¸·Î¼­ µÎ¹ø ½ÇÇàÇÏ¸é ¾ÊµÈ´Ù. # ./scripts/mysql_install_db ÀÌ°ÍÀº ½ºÅ©¸³Æ®·Î¼­ ½ÇÇàÇÏ¿© ±âÃÊÀÛ¾÷À» ÇÑÈÄ MySQLÀ» ½ÇÇà½ÃÄÑ ÁØ´Ù. ¼³Ä¡ µð·ºÅ丮¸¦ µðÆúÆ®·Î ÇÏ¿´´Ù¸é /usr/local/bin/ µð·ºÅ丮¿¡ ½ÇÇàÆÄÀÏÀÌ ¸ðµÎ ¼³Ä¡µÇ¾úÀ» °ÍÀÌ´Ù. µðÆúÆ®·Î ¼³Ä¡ÇÏ¿´´Ù°í °¡Á¤ÇÏ°í ´ÙÀ½ÀÇ ¸í·ÉÀ» ¼öÇàÇÏ¿© º»´Ù. # /usr/local/bin/mysqladmin version MySQL ¹öÀü Á¤º¸°¡ ¾Æ·¡¿Í ºñ½ÁÇÏ°Ô Ãâ·ÂµÉ °ÍÀÌ´Ù. mysqladmin Ver 6.8 Distrib 3.21.27-gamma, for unknown-freebsd2.2.1 on i386 TCX Datakonsult AB, by Monty Server version 3.21.27-gamma-log Protocol version 10 Connection localhost via TCP/IP TCP port 3306 Uptime: 22 hours 20 min 9 sec Running threads:1 Questions: 20 Opened_tables: 8 Reloads: 2 Open tables: 4 ÀÌÁ¦ mysql ÇÁ·Î±×·¥À» ¾Æ·¡¿Í °°ÀÌ ½ÇÇàÇÏ¿© ±âº»ÀûÀÎ µ¿ÀÛÀ» Å×½ºÆ®ÇÏÀÚ. # mysql mysql ȤÀº mysql -u root mysql (½ÇÇà½ÃÅ°´Â À¯Àú°¡ root°¡ ¾Æ´Ò °æ¿ì) ¾Æ·¡ÀÇ sql¹®ÀåÀ» mysql »ó¿¡¼­ ¼öÇà½ÃÄѺ¸ÀÚ select * from user mysql ÀÇ »ç¿ë¹æ¹ýÀº mysqlÀÌ ½ÇÇàµÈ »óÅ¿¡¼­ ´ÙÀ½ÀÇ ¸í·ÉÀ» ÁÖ¸é ¾Ë¼ö ÀÖ´Ù. \h °¢Á¾ ¸í·ÉÀ» Àß ÀÐ¾î º¸°í »ç¿ëÇÏ¸é µÈ´Ù. SQL¹®µµ Ç¥ÁØ SQLÀ» ¸ðµÎ Áö¿øÇϸç MySQL¸¸ÀÇ È®Àå SQL¹®À» ¾Ë°í ½Í´Ù¸é ¿µ¹® ¸Þ´º¾óÀ» ÂüÁ¶Ç϶ó. ¡Ü MySQL ServerÀÇ ½ÇÇà°ú Á¾·á MySQL ServerÀ» ½ÇÇà ½ÃÅ°°Å³ª Á¾·á½ÃÅ°·Á¸é ´ÙÀ½ÀÇ ¸í·ÉÀ» root °¡ »ç¿ëÇÏ¸é µÈ´Ù. mysql.server start --> mysql ServerÀÇ ½ÃÀÛ mysql.server stop --> mysql ServerÀÇ Á¾·á MySQL Server°¡ ½ÇÇà½Ã µÎ°³ÀÇ ÇÁ·Î¼¼¼­°¡ ½ÇÇàµÇ¹Ç·Î È®ÀÎÇØ º¸±â ¹Ù¶õ´Ù. /usr/local/bin/safe_mysqld /usr/local/libexec/mysqld [Informix-SE for Linux] Áö±ÝºÎÅÍ Informix-SE for Linux¸¦ ¼³Ä¡ÇϽô ¹ý¿¡ ´ëÇÏ¿© ¼³¸íÀ» µå¸®°Ú½À´Ï´Ù... ÀÚ.. ¸ÕÀú ´ÙÀ½ÀÇ ³»¿ëÀ» Àû¾î ³õÀ¸½Ã°í ½ÃÀÛÇսôÙ.. Serial Number : ACN#A287337 Software Key : BECZJK 1. root·Î loginÇÕ´Ï´Ù... 2. "informix"¶õ group°ú user¸¦ »õ·Î ¸¸µì´Ï´Ù... (#adduser informix ÉÝ ÇϽøé Çѹø¿¡ O.K.~!) 3. ±×´ÙÀ½¿£ ´ç¿¬È÷ informixÀÇ password¸¦ Á¤Çϼž߰ÚÁö¿ä? (#passwd informix) 4. ÀÚ.. ±× ´ÙÀ½¿£... informix¸¦ ¾îµð¿¡ ¼³Ä¡ÇÒ °ÍÀΰ¡¸¦ °áÁ¤ÇÕ´Ï´Ù... ¹®¼­»óÀ¸·Ð /usr/informix¸¦ ±âÁØÀ¸·Î ¼³¸íÀÌ µÇ¾î ÀÖÀ¸´Ï±î ±×°÷À» ±âÁØÀ¸·Î ¼³¸íÀ» µå¸®Áö¿ä.. ¸¸ÀÏ ´Ù¸¥ À§Ä¡¿¡ ¼³Ä¡ÇϽñ¸ ½ÍÀ¸½Ã´Ù¸é ¾ó¸¶µçÁö °¡´ÉÇÏ´Ï±î °ÆÁ¤¸¶½Ã±¸¿ä.. :-) ±×·³ Àü ¿©±â¼­ /usr/informix¸¦ ±âÁØÀ¸·Î ¼³¸íµå¸±²²¿ä.. 5. /usr/informix¸¦ ±âÁØÀ¸·Î ¼³Ä¡ÇÏ·Á°í ÇßÀ¸´Ï±î... ¹ÞÀ¸½Å ÆÄÀÏÀ» /usr ¾Æ·¡·Î ¿Å±â¼¼¿ä... (#mv [ÆÄÀÏÀÌ ÀÖ´Â µð·ºÅ͸®]/informix.zip /usr ÉÝ) 6. ÀÌÁ¨ /usr·Î À§Ä¡¸¦ À̵¿ÇÕ´Ï´Ù... (#cd /usr ÉÝ) 7. ±× ´ÙÀ½¿£ ¾ÐÃàÀ» DZ´Ï´Ù... (#unzip informix.zip ÉÝ) 8. ±×·¯¸é ´ÙÀ½°ú °°ÀÌ ³ª¿À°Ô µË´Ï´Ù... (Archive: informix.zip creating: LINUX_se_bundle724UC5/ creating: LINUX_se_bundle724UC5/ESQLC/ inflating: LINUX_se_bundle724UC5/ESQLC/ESQL.TAR creating: LINUX_se_bundle724UC5/ICONNECT/ inflating: LINUX_se_bundle724UC5/ICONNECT/CONNECT.TAR inflating: LINUX_se_bundle724UC5/README.TXT inflating: LINUX_se_bundle724UC5/README.UNX creating: LINUX_se_bundle724UC5/SE/ inflating: LINUX_se_bundle724UC5/SE/SE.TAR) 9. ¾Õ¿¡ LINUX_se_bundle724UC5 ÈÊ... À̸§ÀÌ ±æÁÒ? ^^ ÀÌ À̸§À» Á» ª°Ô ¹Ù²ÙÁÒ.. (#mv LINUX_se_bundle724UC5 informix ÉÝ) 10. ÀÚ.. ÀÌÁ¨ ¼ÒÀ¯±ÇÀ» ¹Ù²Ù°Ú½À´Ï´Ù... (#chown -R informix:informix informix ÉÝ) 11. ±× ´ÙÀ½¿£ °¢ ¼­ºê µð·ºÅ͸®¸¶´Ù °¡¼Å¼­ °¢°¢ÀÇ TAR¾ÐÃàÀ» Ç®¾î¾ßÇÕ´Ï´Ù... (#cd /usr/informix/ESQLC ÉÝ #tar xvopf ESQL.TAR ÉÝ #cd /usr/informix/ICONNECT ÉÝ #tar xvopf CONNECT.TAR ÉÝ #cd /usr/informix/SE ÉÝ #tar xvopf SE.TAR ÉÝ ) 12. ÀÌÁ¦ºÎÅÏ º»°ÝÀûÀÎ ¼³Ä¡¸¦ ½ÃÀÛÇÕ´Ï´Ù... ¸ÕÀú ESQL/CºÎÅÍ.. (#cd /usr/informix/ESQLC ÉÝ #INFORMIXDIR=/usr/informix/ESQLC ÉÝ #export INFORMIXDIR ÉÝ #./installesql ÉÝ INFORMIX EMBEDDED SQL for C Version 7.24.UC5 Copyright (C) 1991-1998 Informix Software, Inc. Installation Script This installation procedure must be run by root (super-user). It will change the owner, group, and mode of all files of this package in this directory. There must be a user "informix" and a group "informix" known to the system. Press RETURN to continue, or the interrupt key (usually CTRL-C or DEL) to abort. (¿ä±â¼­ ±×³É ÉÝ ÇϽɵǰÚÁÒ? -^^-) Enter your serial number (for example, INF#X999999) > ACN#A287337 (<-¿ä±â´Ù°¡´Â ¾Æ±î À§¿¡¼­ ÀûÀ¸½Å ½Ã¸®¾ó ¹øÈ£¸¦ ³ÖÀ¸¼¼¿ä..) Enter your serial number KEY (uppercase letters only) > BECZJK (<-¿ä±â´Ù°¡´Â ¾Æ±î À§¿¡¼­ ÀûÀ¸½Å ¼ÒÇÁÆ®¿þ¾î Å°¸¦ ³ÖÀ¸¼¼¿ä...) WARNING! This software, and its authorized use and number of users, are subject to the applicable license agreement with Informix Software, Inc. If the number of users exceeds the licensed number, the excess users may be prevented from using the software. UNAUTHORIZED USE OR COPYING MAY SUBJECT YOU AND YOUR COMPANY TO SEVERE CIVIL AND CRIMINAL LIABILITIES. Press RETURN to continue, or the interrupt key (usually CTRL-C or DEL) to abort. (¿ä±â¼­ ¿ª½Ã ±×³É ÉÝ ÇÏ½É µÇ°ÚÁÒ? -^^-) (¿©±â±îÁö ÇÏ½Ã¸é ¾Ë¾Æ¼­ ÀÚµ¿À¸·Î ¼³Ä¡¸¦ ½ÃÀÛÇÕ´Ï´Ù...)) 13. ´ÙÀ½Àº ICONNECTÀÔ´Ï´Ù... (#cd /usr/informix/ICONNECT ÉÝ #INFORMIXDIR=/usr/informix/ICONNECT ÉÝ #export INFORMIXDIR ÉÝ #./installconn ÉÝ (³ª¸ÓÁö ºÎºÐÀº 12¹ø µÞºÎºÐ°ú µ¿ÀÏÇÕ´Ï´Ù..)) 14. ´ÙÀ½Àº SEÀÔ´Ï´Ù... (#cd /usr/informix/SE ÉÝ #INFORMIXDIR=/usr/informix/SE ÉÝ #export INFORMIXDIR ÉÝ #./installse ÉÝ (¿ª½Ã ³ª¸ÓÁö ºÎºÐÀº 12¹ø µÞºÎºÐ°ú µ¿ÀÏÇÕ´Ï´Ù...)) ÀÚ... ¿©±â±îÁö°¡ ¹Ù·Î informixÀÇ ¼³Ä¡ÀÔ´Ï´Ù... 4. ¸®´ª½º & Security 4.1 ¹°¸®ÀûÀÎ ½Ã½ºÅÛÀÇ º¸¾È 4.1.1 HardWare¸¦ ÀÌ¿ë ÇöÀç ¿ì¸®°¡ »ç¿ëÇÏ´Â ¸¹Àº ÄÄÇ»ÅÍ¿¡´Â ¿­¼è·Î Àá±Û ¼ö ÀÖ´Â ±â´ÉÀ» °¡Áö°í À־ ÀÌ°ÍÀ» ÀÌ¿ëÇÏ¿© »ç¿ëÇÏ´Â ¹æ¹ýÀÌ´Ù. ¶ÇÇÑ ºÎÆÃÀ» Á¦ÇÑÇÒ ¼ö ÀÖ´Â ±â´Éµµ ÀÖ°í ½Ã½ºÅÛ³»ÀÇ BIOS¸¦ ÀÌ¿ëÇϸéÀº ½Ã½ºÅÛÀÇ ºÎÆýà Æнº¿öµå¸¦ ¹°¾î º¼ ¼ö ÀÖ°Ô ¼³Á¤À» ÇÒ ¼öµµ ÀÖÀ» °ÍÀÌ´Ù. 4.1.2 Lock(xlock & vlock) ¸¸¾à¿¡ ¸®´ª½º¸¦ °ü¸®ÇÏ´Â µµÁß¿¡ ÀÚ¸®¸¦ ºñ¿ï ÀÏÀÌ »ý±æ °ÍÀÌ´Ù. ±×·¯¸é ´Ù¸¥ »ç¶÷ÀÌ ÀÌ ÄÄÇ»Å͸¦ °ÇµéÁö ¸øÇϵµ·Ï ¹æÁö¸¦ ÇÒ ¼ö°¡ ÀÖ´Ù. xlockÀº ¿¢½ºÀ©µµ¿ìÀÇ È­¸éÀº Àá±×´Â °ÍÀÌ°í vlockÀº °¡»ó Å͹̳ÎÀ» Àá±×´Âµ¥ »ç¿ëÀ» Çϴµ¥ µÑ ´Ù ±×³É Å͹̳ο¡¼­ ½ÇÇàÀ» ÇÔÀ¸·Î½á Àá±ÅÁö´Â °ÍÀÌ´Ù. ¿ì¼± vlock¸¦ ¸ÕÀú »ìÆ캸ÀÚ ¾Æ·¡ÀÇ ¿¹Ã³·³ ½ÇÇàÀ» ÇÏ¸é °£´ÜÇÏ°Ô Àá±Û ¼ö ÀÖ´Ù. [hwinnt@linux:~$]vlock *** This tty is not a VC (virtual console). *** *** It may not be securely locked. *** This TTY is now locked. Please enter the password to unlock. hwinnt's Password: À§ÀÇ µÎÁÙÀº ³×Æ®À¨ »ó¿¡¼­ ÅÚ³ÝÀ¸·Î Á¢¼ÓÀ» Çؼ­ ÀÌ Å͹̳ÎÀÌ °¡»ó Å͹̳ÎÀÌ ¾Æ´Ï¶ó°í ³ª¿Â°ÍÀε¥ Á÷Á¢ ¸®´ª½º¿¡¼­ ¸í·É¾î¸¦ ÁÖ°Ô µÇ¸é alt + function key ·Î Å͹̳ÎÀ» ¹Ù²Ù¾î¼­ »ç¿ëÇÒ¼ö ÀÖ´Ù´Â ¸»ÀÌ ³ª¿Ã °ÍÀÌ´Ù. ÀÌ·¸°Ô vlock À̶ó´Â ¸í·É¾î¸¦ ÁÖ°Ô µÇ¸éÀº °¡»ó ÄܼÖÀ» Àá±Å ¹ö¸°´Ù. ´Ù½Ã ÇÁ·ÒÇÁÆ®·Î µ¹¾Æ°¥·Á¸éÀº Æнº¿öµå¸¦ ¾Ë¾Æ¾ß ÇÒ °ÍÀÌ´Ù. vlock ÀÇ ±âº»ÀûÀÎ ¿É¼ÇÀº ´ÙÀ½°ú °°´Ù. -a,--all ¸ðµç °¡»ó Å͹̳ÎÀ» Àá±×°í ½ÍÀ»¶§¿¡ »ç¿ëÇÏ´Â ¿É¼ÇÀÌ´Ù. -c,--current ÇöÁ¦ÀÇ Å͹̳ÎÀ» Àá±Û¼ö ÀÖ´Â ¿É¼ÇÀε¥ ÀÌ°ÍÀº ±âº» ¿É¼ÇÀÌ´Ù.. -h,--help µµ¿ò¸» Ãâ·Â -v,--version vlock¿¡ ´ëÇÑ ¹öÀüÀ» Ãâ·Â ÇÑ´Ù. xlockÀº Å͹̳ο¡¼­¿Í´Â ´Þ¸® »ç¿îµå ÁöÁ¤ ¹è°æ ¼±Á¤ µî ¸¹Àº ¿É¼ÇÀ» °¡Áö°í Àִµ¥ ÀÌ°ÍÀº ¸Ç ÆäÀÌÁö¸¦ Âü°í ÇØ¾ß ÇÒ °ÍÀÌ´Ù(¿É¼ÇÀÌ ³Ê¹« ¸¹À¸¹Ç·Î). ¶ÇÇÑ ¿¢½º À©µµ¿ì¿¡¼­ È­¸é Àá±Ý À̶ó´Â ¸Þ´º¸¦ ã¾Æ º¸¸é ÀÖÀ» °ÍÀÌ´Ù. ÀÌ°ÍÀº ¿¢½º À©µµ¿ì °ü¸®ÀÚ¿¡ µû¶ó ¸ð¾çÀÌ ¸¹ÀÌ Æ²¸± °ÍÀÌ´Ù. 4.1.3 SystemÀÇ Log ÆÄÀÏ Ã³¸® ¸®´ª½º¿¡¼­ ħÀÔÀÚÀÇ °¡ ÀÖ¾ú´ÂÁö ¾Ë¾Æº¸´Â °ÍÀÌ °£´ÜÇÏ°Ô ·Î±× ÆÄÀÏÀ» º¸´Â °ÍÀ¸·Îµµ ¾Ë ¼ö ÀÖ´Ù. ´ç½ÅÀÌ log ÆÄÀÏ¿¡¼­ È®ÀÎÇØ¾ß ÇÒ »çÇ×Àº ´ÙÀ½°ú °°´Ù. 1. ª°Å³ª ºÒ¿ÏÀüÇÑ ±â·Ï. 2. ÀÌ»óÇÑ ½Ã°£ Ç¥½Ã¸¦ °¡Áø ±â·Ï. 3. À߸øµÈ Çã°¡±ÇÀ̳ª ¼ÒÀ¯±ÇÀ» °¡Áø ±â·Ï. 4. ÀçºÎÆÃÀ̳ª ¼­ºñ½ºÀÇ Àç½ÃÀÛ¿¡ ´ëÇÑ ±â·Ï. 5. ¾ø¾îÁø ±â·Ï. 6. su »ç¿ë±â·Ï°ú ÀÌ»óÇÑ °÷À¸·ÎºÎÅÍÀÇ Á¢¼Ó ±â·Ï. 4.2 ¼³Ä¡½Ã ±âº»ÀûÀÎ º¸¾È °ü·Ã ³×Æ®À¨ ȯ°æº¯¼ö < ÇÊ¿ä ¾ø´Â ¼­¹ö´Â ½ÇÇàµÇÁö ¸øÇϵµ·Ï ¿øõ ºÀ¼âÇÑ´Ù! > ¿©±â¼­ ¼³¸íÇÏ´Â ¹Ù´Â À¯´Ð½º/¸®´ª½º¿¡ °øÅëµÇ´Â »çÇ×ÀÌ´Ù. ³×Æ®¿öÅ© ¼­¹öµéÀº Å©°Ô 2 °¡Áö ¹æ½ÄÀ¸·Î ½ÇÇàµÇ´Âµ¥ Çϳª´Â inetd ¼öÆÛ ¼­¹ö¿¡ ÀÇÇØ ÀÚµ¿ °ü¸®µÇ´Â ¹æ½ÄÀÌ¸ç ³ª¸ÓÁö Çϳª´Â À¯´Ð½ºÀÇ ¿©Å¸ ÇÁ·Î¼¼½º¿Í ¸¶Âù°¡Áö·Î Á÷Á¢ ½ÇÇà½ÃÅ°´Â ¹æ½ÄÀÌ´Ù. ÈÄÀÚÀÇ °æ¿ì¿¡´Â ºÎÆà °úÁ¤À» ¸é¹ÐÈ÷ »ìÆ캸°í ÇÊ¿ä ¾ø´Â ¼­¹öµéÀÌ ÀÛµ¿ÇÏÁö ¾Êµµ·Ï ½Ã½ºÅÛ ÃʱâÈ­ ÆÄÀÏÀ» ¼öÁ¤ÇÏ¸é µÈ´Ù. º¸¾È ¹®Á¦¿¡ °üÇÏ¿© ±Øµµ·Î ¿¹¹ÎÇÑ »ç¶÷Àº °£´ÜÈ÷ ±× ¼­¹ö¸¦ ½Ã½ºÅÛ¿¡¼­ »èÁ¦ÇÏ¸é ±×¸¸ÀÌ´Ù. ¸®´ª½ºÀÇ °æ¿ì ±×¸®°í ·¹µåÇÞ, µ¥ºñ¾È µîÀÇ ¹èÆ÷ÆÇ¿¡¼­´Â ¼­¹ö ¼³Ä¡/»èÁ¦°¡ ÀÚÀ¯·Î¿ì¹Ç·Î ±¦ÇÑ Çϵåµð½ºÅ© °ø°£À» Â÷ÁöÇÏ°Ô ÇÒ ÇÊ¿ä ¾øÀÌ »èÁ¦ÇÏ´Â °ÍÀÌ ÁÁ´Ù°í º»´Ù. ¿øÇÒ ¶§´Â ¾ðÁ¦µçÁö ½Ã½ºÅÛ ¿î¿µ µµÁß ¼³Ä¡ÇÏ°í ±× Áï½Ã °¡µ¿ °¡´ÉÇϱ⠶§¹®ÀÌ´Ù. ¿ì¸®°¡ ³õÄ¡±â ½¬¿î ºÎºÐÀÌ ¹Ù·Î inetd ¼öÆÛ ¼­¹ö¿¡ ÀÇÇØ °ü¸®µÇ´Â ¼­¹öµéÀÌ´Ù. 4.2.1 /etc/inetd.conf ¿¡ °üÇÏ¿© /etc/inetd.conf û¼ÒÇϱ⠰¢ ÇàÀº ÇϳªÀÇ ¼­ºñ½º¸¦ Á¤ÀÇÇÑ´Ù. Çü½ÄÀº ´ÙÀ½°ú °°´Ù. <¼­ºñ½º¸í> <¼ÒÄÏ Å¸ÀÔ> <ÇÁ·ÎÅäÄÝ> <Ç÷¡±×> <»ç¿ëÀÚ> <¼­¹ö °æ·Î> <Àü´Þ Àμö> # # These are standard services. # ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd gopher stream tcp nowait root /usr/sbin/tcpd gn ftp,telnet µîÀÇ ¼­ºñ½º´Â ¾ÆÁÖ ±âº»ÀûÀÎ ¼­ºñ½ºÀÌ´Ù. ÇÏÁö¸¸ ¸¶Áö¸· ÁÙ¿¡ ÀÖ´Â °íÆÛ(gohper) ¼­ºñ½º´Â À¥ÀÇ µîÀåÀ¸·Î ÀÎÇØ ¿äÁò º° Àα⵵ ¾ø¾î ´ëºÎºÐ »ç¿ëÇÏÁö ¾ÊÀ» °ÍÀ̶ó°í º»´Ù. Àß ¸ð¸¥´Ù¸é ¿©·¯ºÐÀº ÀÌ°ÍÀ» »ç¿ëÇÏ°í ÀÖÁö ¾Ê´Â °ÍÀÌ¸ç ¼­ºñ½º¸¦ Á¦°øÇÒ ´É·Âµµ µÇÁö ¾ÊÀ¸¹Ç·Î ÁÙ ¸Ç ¾Õ¿¡ ¼¥(#) ¹®ÀÚ¸¦ ³Ö¾î ÁÖ¼® ó¸®Çعö¸®±â ¹Ù¶õ´Ù. # # Shell, login, exec and talk are BSD protocols. # #shell stream tcp nowait root /usr/sbin/tcpd in.rshd #login stream tcp nowait root /usr/sbin/tcpd in.rlogind #exec stream tcp nowait root /usr/sbin/tcpd in.rexecd talk dgram udp wait root /usr/sbin/tcpd in.talkd À§¿¡¼­ ³ª¿­ÇÑ ¼­ºñ½ºµéÀº ¾ÆÁÖ ²ûÂïÇÑ(?) ¼­ºñ½ºµéÀÌ´Ù. Æнº¿öµå ¾øÀÌ ¿ø°Ý ·Î±×ÀÎÇϰųª ¿ø°Ý¿¡¼­ ¼­¹ö »ó¿¡ ÇÁ·Î±×·¥À» ½ÇÇà½Ãų ¼ö ÀÖ´Â ±â´ÉÀ» Á¦°øÇϱ⠶§¹®ÀÌ´Ù. ÀÌ·± ¼­ºñ½º¿¡ ÀÇÇØ °ø°Ý´çÇÏ¸é ¹üÀεµ ¸ø Àâ´Â´Ù. shell, login, exec µîÀº °³ÀÎ¿ë ¼­¹ö°¡ ¾Æ´Ñ ÀÌ»ó À§¿¡¼­Ã³·³ ÁÖ¼®Ã³¸®Çϱ⠹ٶõ´Ù. ## Finger, systat and netstat give out user information # which may be valuable to potential "system crackers." # Many sites choose to disable # some or all of these services to improve security. # # cfinger is for GNU finger, which is currently not # in use in RHS Linux # # finger stream tcp nowait root /usr/sbin/tcpd in.fingerd #cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd #systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx #netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat ÀÌ¹Ì inetd.conf ¼³Á¤ ÆÄÀÏ¿¡ Àß Àû¾î³õ°í ÀÖ´Â ³»¿ëÀÌ´Ù. ¿©±â¿¡ ÀÖ´Â ¼­ºñ½º µéÀº ¿ÜºÎ¿¡°Ô ¿©·¯ºÐ ¼­¹ö, »ç¿ëÀÚ¿¡ °üÇÑ Á¤º¸¸¦ ´©ÃâÇÑ´Ù. finger, systat, netstatÀº ÁÖ¼® ó¸®ÇÒ °ÍÀΰ¡ ¸» °ÍÀΰ¡? fingerÀÇ ¿¹¸¦ µé¾îº¸ÀÚ. [hwinnt@linux:~$]finger linux Login: hwinnt Name: Red Hat Linux User Directory: /home/hwinnt Shell: /bin/bash On since Mon Aug 17 22:27 (KST) on ttyp1 from carrot 39 minutes 39 seconds idle On since Mon Aug 17 22:28 (KST) on ttyp0 from carrot 1 minute 36 seconds idle No mail. No Plan. Login: Administrator Name: Red Hat Linux User Directory: /home/Administrator Shell: /bin/bash Never logged in. No mail. No Plan. º¸±â ¿¡¼­ º¸´Ù½ÃÇÇ µµ´ëü ¾î¶² »ç¶÷µéÀÌ ·ÎÄà ȣ½ºÆ®¿¡¼­ ÀÛ¾÷ÇÏ°í ÀÖ´ÂÁö ¾ÆÁÖ ºÐ¸íÇÏ°Ô Á¤º¸¸¦ ´©ÃâÇÏ°í ÀÖ´Ù. ´ÙÀ½Àº Çï½ÌÅ° ´ëÇÐ ¼­¹ö¿¡¼­ ¾î¶² »ç¶÷ÀÌ ÀÛ¾÷ÇÏ°í ÀÖ´ÂÁö º¸¿©ÁÖ´Â ¿¹ÀÌ´Ù. ¸®´ª½º ¹èÆ÷ÆǵéÀº ´ëºÎºÐ finger¸¦ ÇÒ ¼ö ÀÖµµ·Ï Çصξú´Âµ¥ ÀÌ´Â º¸¾È¿¡ °ü½É ¾ø±â ¶§¹®ÀÌ ¾Æ´Ï´Ù. ¸®´ª½º´Â »óÈ£ ½Å·Ú¿¡ ÀÇÇØ °³¹ßµÇ´Â ¿î¿µÃ¼°èÀ̱⠶§¹®ÀÌ´Ù. ÇÏÁö¸¸ Áß¿äÇÑ ÀÓ¹«¸¦ ¼öÇàÇÏ°í ħÀÔÀÚ¸¦ ¸·¾Æ¾ß ÇÏ´Â °ø°³ ¼­¹öµéÀº À̸¦ ¸·¾Æ¾ß ÇÑ´Ù. finger¸¦ ¸·Àº È£½ºÆ®ÀÎ °æ¿ì¿¡´Â ´ÙÀ½°ú °°Àº ¸Þ½ÃÁö°¡ ³ª¿Â´Ù. [hwinnt@linux:~$]finger linux [linux.klug.org] finger: connect: ¿¬°áÀÌ °ÅºÎµÊ 4.2.2 /etc/ftpuser ÀÌ ÆÄÀÏÀ» µé¿©´Ù º¸¸éÀº »ç¿ëÀÚ °èÁ¤ ÀÌ Á× ³ª¿­ µÇ¾îÀִµ¥ ÀÌ°ÍÀº FTP·Î Á¢¼ÓÀ» ÇÏÁö ¸øÇϵµ·Ï Çϴµ¥¿¡ ¾²ÀÌ´Â ÆÄÀÏ ÀÌ´Ù vi ÆíÁý±â·Î ¿­¾î¼­ º¸½Ã¸é ¾Ë°ÚÁö¸¸ ÀüºÎ ½Ã½ºÅÛ °ü¸® °èÁ¤ÀÌ´Ù. ÀÌ°èÁ¤µéÀº ftp Á¢¼ÓÀ» ¿Ö Á¦¾ÈÀ» ÇÏ´ÂÁö ¾Ë °ÍÀÌ´Ù. ¶ÇÇÑ ÅÚ³ÝÀ¸·Îµµ µé¾î¿À¸é ¾ÈµÇ´Â °èÁ¤µéÀÌ´Ù. 4.2.3 /etc/securetty ÀÌ ÆÄÀÏ¿¡´Â tty1 - 8 ¹ø ±îÁö Âß ³ª¿­ µÇ¾î ÀÖÀ» °ÍÀÌ´Ù. ÀÌ°ÍÀº °¡»ó ÄܼÖÀ» ³ªÅ¸³»´Âµ¥ ¸®´ª½º´Â ±âº»À¸·Î 8°³ÀÇ °¡»ó ÄܼÖÀ» »ç¿ëÇÒ¼ö ÀÖµµ·Ï ¼³Á¤ÀÌ µÇ¾î Àִµ¥ ¿©±â¼­ Å͹̳Π¼ö¸¦ ÁÙÀÌ´Â °Íµµ º¸¾ÈÀÇ ÇÑ ¹æ¹ýÀ̶ó°í ÇÒ¼ö ÀÖ´Ù. ±×¸®°í °£È¤ ÅÚ³ÝÀ¸·Î ¿Ö ·çÆ®°¡ Á¢¼ÓÀÌ ¾ÈµÇ³Ä°í ÇϽô ºÐµéÀÌ Àִµ¥ ÀÌ°ÍÀº ºñÁ¤ÀûÀÎ °ÍÀÌ ¾Æ´Ï´Ù. À§¿¡¼­µµ ¼³¸íÇÑ ¹Ù¿Í °°ÀÌ ¸®´ª½ºÀÇ ½Ã½ºÅÛ °èÁ¤µéÀº ¿ÜºÎ ÀÎÅÍ³Ý »ó¿¡¼­ Á¢¼ÓÀ» ÇÏÁö ¸øÇϵµ·Ï ±âº»ÀûÀ¸·Î ¼¼ÆÃÀÌ µÇ¾î Àֱ⠶§¹®ÀÌ´Ù. ¸¸¾à ·çÆ® ±ÇÇÑÀÌ ÇÊ¿äÇÏ´Ù¸é su ¶ó´Â ¸í·É¾î¸¦ »ç¿ëÇÏ¿© ·çÆ® ±ÇÇÑÀ» ºô·Á¼­ »ç¿ëÇÏ´Â °ÍÀÌ ´õ È¿°úÀûÀÌ´Ù. 4.2.3 /usr/sbin/tcpd À§ÀÇ inetd.conf ÆÄÀÏÀ» º¸¸é ¼­¹ö°æ·Î¿¡ /usr/sbin/tcpd ¶ó°í µÇ¾î ÀÖ´Â °ÍÀ» º¸¾ÒÀ» °ÍÀÌ´Ù. inetd.conf ÆÄÀÏ¿¡¼­ ÀÎÅÍ³Ý ¼­ºñ½º¸¦ Á¤ÀÇ ÇØ ³õ¾Ò´Âµ¥ ÀÌ tcpd ¶ó´Â ÇÁ·Î±×·¥ÀÌ ¼­¹ö¿¡´ëÇؼ­ Á¢±Ù ÇÒ¼ö ÀÖµµ·Ï ÇØÁÖ´Â °ÍÀÌ´Ù. À̶§¿¡ ½Ã½ºÅÛ¿¡´ëÇÑ Á¢±Ù Çã¶ô(/etc/hosts.allow) ¹× Á¢±Ù °ÅºÎ(/etc/hosts.deny) µîÀÇ ¼³Á¤À» ÇÒ ¼ö°¡ ÀÖ´Ù. /etc/hosts.allow ÆÄÀÏÀº Çã¿ë ±ÔÄ¢À» Á¤ÀÇÇÑ´Ù. ¼³Á¤ Çü½ÄÀº ¸Å¿ì °£´ÜÇÏ´Ù. <¼­ºñ½º ¸ñ·Ï>: <È£½ºÆ® ¸ñ·Ï> [: ¸í·É] <¼­ºñ½º ¸ñ·Ï>Àº ±ÔÄ¢À» Àû¿ëÇÒ ¼­ºñ½ºÀÇ ¸ñ·ÏÀ¸·Î¼­ °¢°¢ÀÇ Ç׸ñÀº ÄÞ¸¶(,)·Î ±¸ºÐÇÏ¿© ³ª¿­ÇÑ´Ù. ¼­¹ö¸íÀ¸·Î´Â ftpd, telnetd, fingerd µîÀ» µé ¼ö ÀÖ´Ù.<È£½ºÆ® ¸ñ·Ï>Àº È£½ºÆ®¸íÀ» ³ª¿­ÇÑ °ÍÀε¥ ¿ª½Ã ÄÞ¸¶·Î ±¸ºÐÇÑ´Ù. È£½ºÆ®¸í ÀÌ¿Ü¿¡µµ IP ÁÖ¼Ò¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù. ¶ÇÇÑ È£½ºÆ®¸í°ú IP ÁÖ¼Ò¿¡ ´ëÇÏ¿© ¿ÍÀϵå Ä«µå ¹®ÀÚ¸¦ »ç¿ëÇÏ´Â °ÍÀÌ °¡´ÉÇÏ´Ù. ¿¹¸¦ µé¾î gw.vk2ktj.ampr.org¿Í °°ÀÌ ÇϳªÀÇ È£½ºÆ®¸¦ ÁöÁ¤ÇÏ´Â ¹æ¹ýµµ ÀÖ°í .uts.edu.au¿Í °°ÀÌ È£½ºÆ®¸íÀÌ Àú·¸°Ô ³¡³ª´Â ¸ðµç È£½ºÆ®¿¡ ´ëÇÏ¿© ÀÏ°ý ÁöÁ¤ÇÏ´Â °Íµµ °¡´ÉÇÏ´Ù. ¸¸¾à 44.À̶ó°í Ç¥ÇöÇϸé ÀÌ ¼ýÀÚ·Î ½ÃÀÛÇÏ´Â ¸ðµç IPÁÖ¼Ò¸¦ °¡Áø È£½ºÆ®¸¦ °¡¸®Å°´Â °ÍÀÌ´Ù. ÀÌ¿Ü¿¡´Â Ưº°ÇÑ ½Éº¼ÀÌ Àִµ¥ ALLÀº ±ÛÀÚ ±×´ë·Î ÀÎÅÍ³Ý »óÀÇ ¸ðµç È£½ºÆ®¸¦ ÀǹÌÇϸç LOCALÀº µµÆ®(.) ¹®ÀÚ¸¦ Æ÷ÇÔÇÏÁö ¾Ê´Â ¸ðµç È£½ºÆ®¸íÀ» °¡¸®Å°´Âµ¥ Áï ¿©·¯ºÐÀÇ È£½ºÆ® ¸Ó½Å°ú °°Àº µµ¸ÞÀο¡ ¼ÓÇÑ ¸ðµç È£½ºÆ®µéÀ» °¡¸®Å²´Ù. PARANOID´Â ¸¹ÀÌ »ç¿ëµÇÁö ¾ÊÁö¸¸ ÁÖ¼Ò À§Á¶ÀÚµéÀ» °æ°èÇϱâ À§ÇÏ¿© ÁÖ¼Ò¿Í È£½ºÆ®¸íÀÌ ÀÏÄ¡ÇÏÁö ¾Ê´Â È£½ºÆ®¸¦ °¡¸®Å³ ¶§ »ç¿ëÇÑ´Ù. ¸¶Áö¸·À¸·Î EXCEPT´Â ¿µ¾î ¶æ ±×´ë·Î Àüü È£½ºÆ®¿¡¼­ ¾î¶² È£½ºÆ®¸¦ Á¦¿ÜÇÒ ¶§ »ç¿ëµÇ´Â Å°¿öµåÀÌ´Ù. <¸í·É> ºÎºÐÀº ÀϹÝÀûÀ¸·Î Àû¾îÁÖÁö ¾Ê´Âµ¥ Àû¾îÁشٸé tcpd¿¡ ÀÇÇØ ±× ±ÔÄ¢ÀÌ Àû¿ëµÉ ¶§¸¶´Ù ÁÖ¾îÁø ¸í·ÉÀ» ¼öÇàÇϵµ·Ï Çϵµ·Ï µÇ¾î ÀÖ´Ù. ¸í·ÉÀº ¿ÏÀüÇÑ Æнº¸íÀ¸·Î Àû¾îÁÖ¾î¾ß ÇÑ´Ù. º¸Åë ´©°¡ È£½ºÆ®¿¡ Á¢¼ÓÇÏ·Á°í ½ÃµµÇÏ´ÂÁö È®ÀÎÇÏ´Â ¸í·É, ƯÁ¤ÀÎ Á¢¼ÓÇÒ ¶§ ½Ã½ºÅÛ °ü¸®ÀÚ¿¡°Ô ÀÚµ¿À¸·Î ¸ÞÀÏÀ̳ª °æ°í ¸Þ½ÃÁö¸¦ º¸³»µµ·Ï ÇÏ´Â ¸í·ÉÀ» Àû´Â´Ù. # /etc/hosts.allow # # ¸ÞÀÏÀ» ¸ðµç »ç¶÷¿¡°Ô Çã¿ë in.smtpd: ALL # telnet°ú ftp´Â °°Àº µµ¸ÞÀο¡ ¼ÓÇÑ »ç¶÷°ú Áý¿¡ ÀÖ´Â º»ÀÎÀÇ È£½ºÆ® # ¿¡¸¸ Çã¿ë telnetd, ftpd: LOCAL, linux.klug.org # finger¸¦ Çã¿ëÇ쵂 ´©°¡ ¿äûÇß´ÂÁö ±â·ÏÀ» ³²±ä´Ù. fingerd: ALL: (finger @%h | mail -s "finger from %h" root) /etc/hosts.deny ÆÄÀÏÀº ¼­ºñ½º °ÅºÎ¿¡ ´ëÇÑ ÆÄÀÏÀÌ´Ù. ÀϹÝÀûÀ¸·Î ALL: ALLÀ̶ó´Â ÁÙ Çϳª¸¦ ³Ö¾î¼­ /etc/hosts.allow¿¡¼­ Çã°¡µÇÁö ¾Ê´Â ¸ðµç °Í¿¡ ´ëÇÏ¿© ±âº»ÀûÀ¸·Î °ÅºÎ Á¤Ã¥À» »ç¿ëÇÏ´Â °ÍÀÌ ÁÁ´Ù°í º»´Ù. /etc/hosts.deny¿¡¼­ ±âº» Á¤Ã¥À¸·Î ¸ðµç ¼­ºñ½º¿¡ ´ëÇÏ¿© ±×¸®°í ¸ðµç »ç¿ëÀÚ¿¡ ´ëÇÏ¿© °ÅºÎ¸¦ Çسõ´Â ÀÌÀ¯´Â tcpd°¡ /etc/hosts.allow¿Í /etc/hosts .deny¿¡¼­ ¾î¶°ÇÑ ¾Ë¸ÂÀº ±ÔÄ¢µµ ¹ß°ßÇÏÁö ¸øÇÒ ¶§´Â Çã°¡ÇÑ´Ù´Â Á¤Ã¥À» °¡Áö°í Àֱ⠶§¹®ÀÌ´Ù. ±âº»ÀûÀÎ °ÅºÎ Á¤Ã¥ ´ÙÀ½¿¡ /etc/hosts.allow¿¡ Çϳª¾¿ Çã°¡ÇÏ´Â °ÍÀÌ ¿Ã¹Ù¸¥ ÀýÂ÷¶ó°í º»´Ù. ÁÖÀÇÇÒ °ÍÀº Àý´ë /etc/hosts.allow¿¡ ALL: ALL°ú °°Àº ¹«ÁöÇÑ ¼³Á¤Àº ÇÏÁö ¸»¾Æ´Þ¶ó´Â °ÍÀÌ´Ù. ±×¸®°í tcpdÀÇ ±ÔÄ¢ Á¡°Ë Ư¼º »ó Ư¼öÇÑ ±ÔÄ¢À» ¾Õ¿¡ µÎ°í ÀϹÝÀûÀÎ ±ÔÄ¢À» µÚ¿¡ µÐ´Ù. ¼ø¼­°¡ Áß¿äÇϱ⠶§¹®ÀÌ´Ù. ¿©·¯ºÐÀÌ tcpd ¼³Á¤¸¸ ÀßÇصξ ÈǸ¢ÇÑ °ü¸®ÀÚ¶ó´Â Æò°¡¸¦ ¹ÞÀ» ¼ö ÀÖÀ¸¸ç Å©·¡Ä¿ ÀÔÀå¿¡¼­´Â ¾ÆÁÖ ½Å°æ ¾²ÀÌ´Â ¼­¹ö Ãà¿¡ µé°ÍÀÌ´Ù. ÀÎÅÍ³Ý »ó¿¡ ¼ö¸¹Àº ¼­¹ö Áß ¶Õ±â Èûµç ¿©·¯ºÐÀÇ ¼­¹ö ÁÖÀ§¿¡¼­ ´õ ÀÌ»ó ¹èȸÇÏ·Á µéÁö ¾ÊÀ» °ÍÀÌ´Ù. 4.3 ¸®´ª½º¿¡¼­ÀÇ ¼Îµµ¿ì Æнº¿öµå 4.3.1 ¿Ö /etc/passwd ÆÄÀÏÀ» ¼û°Ü¾ß Çϳª? Shadow Suite¸¦ ±òÁö ¾ÊÀº Linux system¿¡¼­´Â, password¸¦ Æ÷ÇÔÇÑ »ç¿ëÀÚ Á¤º¸´Â/etc/passwd¿¡ º¸°üµÇ¾î ÀÖ´Ù. password´Â ¾ÏȣȭµÇ¾î¼­ (encrypted) ÀúÀåµÈ´Ù. ¸¸ÀÏ ¾ÏÈ£ÇÐÀÇ Àü¹®°¡¿¡°Ô ¹¯´Â´Ù¸é, ±×´Â password´Â encryptµÈ Çü½ÄÀ̶ó±â º¸´Ù´ÂencodeµÈ Çü½ÄÀ¸·Î µÇ¾î ÀÖ´Ù. ÀÌÀ¯´Â crypt(3)À» Àû¿ëÇÒ ¶§, text´Â null·Î ÇÏ°í password¸¦ key·Î »ç¿ëÇϱ⠶§¹®À̶ó°í ÇÑ´Ù. µû¶ó¼­ ÀÌ ¹®¼­¿¡¼­´Â encodeµÈÀ̶ó´Â ¸»À» ¾µ °ÍÀÌ´Ù. (¿ªÀÚÁÖ : »çÀü¿¡´Â encode¿Í encrypt¸¦ °°Àº ¶æÀ¸·Î »ç¿ëÇÏ°í ÀÖÀ¾´Ï´Ù. - ¾ÏÈ£·Î ¹Ù²ã¾²´Ù - ¶ó´Â ¶æÀÔ´Ï´Ù¸¸, ¾ÏÈ£ÇÐÀ» Àü°øÇϽŠºÐµé¿¡°Ô´Â ´µ¾Ó½º°¡ ´Ù¸¦ °Í°°½À´Ï´Ù. ÀÌ¿¡ ´ëÇÑ º¸Ãæ ¹Ù¶ø´Ï´Ù.) password¸¦ encodeÇÏ´Â µ¥ »ç¿ëµÇ´Â algorithmÀº ±â¼úÀûÀ¸·Î´Â ´Ü¹æÇâ hash function°ú °°Àº ¹æ¹ýÀ¸·Î °£Áֵǰí ÀÖ´Ù. ÀÌ °ÍÀº ¼ø¹æÇâÀ¸·Î´Â °è»êÇϱâ ÆíÇÏ°Ô µÇ¾î ÀÖÁö¸¸ ¿ª¹æÇâÀº ¿¬»êÀÌ ¸Å¿ì Èûµé°Ô µÇ¾î ÀÖ´Ù. »ç¿ëµÈ algorithm¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸íÀº section 2.4³ª crypt(3) manual page¿¡ ÀÖ´Ù. »ç¿ëÀÚ°¡ password¸¦ ¼±ÅÃÇϰųª ÇÒ´ç¹ÞÀ» ¶§, password´Â salt(¼Ò±Ý?)¶ó°í ºÒ¸®´Â ¹«ÀÛÀ§·Î »ý¼ºµÈ °ª°ú °°ÀÌ encodeµÈ´Ù. ÀÌ°ÍÀº ¾î¶² passwordµçÁö 4096°¡ÁöÀÇ ´Ù¸¥ ¹æ¹ýÀ¸·Î ÀúÀåµÉ ¼ö ÀÖ´Ù¶ó´Â ¾ê±â´Ù. salt °ªÀº encodeµÈ password¿Í °°ÀÌ ÀúÀåµÈ´Ù. »ç¿ëÀÚ°¡ loginÇÏ°í password¸¦ »ç¿ëÇϸé, salt´Â encodeµÇ¾î ÀúÀåµÈ password¿¡¼­ »ÌÇôÁ® ³ª¿Â´Ù. ±×´ÙÀ½ ÀÔ·ÂµÈ password¿Í salt°¡ °°ÀÌ encodeµÈ´Ù. ±×¸®°í,encodeµÇ¾î ÀúÀåµÈ password¿Í ºñ±³ÇÑ´Ù. ±× °á°ú, ¼­·Î °°´Ù¸é »ç¿ëÀÚ´Â ÀÎÁõµÈ´Ù. ¹«Áú¼­ÇÏ°Ô encodeµÈ password¸¦ ȹµæÇؼ­ ¿ø·¡ÀÇ password·Î µÇµ¹¸®´Â °ÍÀº °è»ê»óÀ¸·Î´Â Èûµé´Ù(±×·¯³ª ºÒ°¡´ÉÇÏÁö´Â ¾Ê´Ù). ±×·¯³ª, ÀûÁö ¾ÊÀº »ç¿ëÀÚ°¡ »ç¿ëÇÏ´Â systemÀ̶ó¸é, Àû¾îµµ ¸î¸î password´Â ÀÏ»ó´Ü¾î·Î ÀÌ·ç¾îÁ® ÀÖ´Ù (¶Ç´Â°£´ÜÇÑ º¯Á¾ÀÌ´Ù). system crackerµé´Â ÀÌ·± °ÍÀ» ¾Ë°í, ÀÚÁÖ ¾²ÀÌ´Â passwordµé°ú ´Ü¾îÀÇ »çÀü°ú °¡´ÉÇÑ 4096°¡Áö salt °ªÀ» »ç¿ëÇؼ­ encryptÀ» ÇàÇÒ °ÍÀÌ´Ù. ±×´ÙÀ½¿¡ ±×µéÀº ±×µéÀÇdatabase¿¡ ÀÖ´Â ´ç½ÅÀÇ /etc/passwd fileÀÇ encodeµÈ password¿Í ºñ±³ÇÒ °ÍÀÌ´Ù. ÀÏ´Ü Çϳª¶óµµ ÀÏÄ¡ÇÑ´Ù¸é ±×µéÀº ¶Ç´Ù¸¥ °èÁ¤ÀÇ password¸¦ °¡Áö°Ô µÇ´Â ¼ÀÀÌ´Ù. ÀÌ´Â dictionary attack(»çÀü °ø°Ý?)À̶ó °í ºÒ¸®¿ì°í, system¿¡ Çã°¡µÇÁö ¾ÊÀº Á¢¼ÓÀ» ¾òÀ» ¶§ ¾²´Â °¡Àå º¸ÆíÀûÀÎ ¹æ¹ýÁß ÇϳªÀÌ´Ù. »ý°¢Çغ¸¶ó, 8¹®ÀÚµÈ password°¡ 4096 * 13¹®ÀÚ¿­·Î encodeµÈ´Ù. ±×¸®°í, 400,000°³ÀÇ ÀÏ¹Ý ´Ü¾î, À̸§, password, ¾à°£ÀÇ º¯Çüµé·Î ÀÌ·ç¾îÁø »çÀüÀº 4G Byte hard¸¦ ½±°Ô ä¿ï °ÍÀÌ´Ù. °ø°ÝÀÚµéÀº ÀÌ·± Á¾·ùÀÇ °ÍÀÌ ÇÊ¿äÇÏ°í, ¸Â´Â Áö °Ë»çÇØ º¼ ÇÊ¿ä°¡ ÀÖ´Ù. ¸¸ÀÏ 10000 ´Þ·¯ÀÌÇÏ·Î ÀÌ·± 4G byteÂ¥¸® hard¸¦ °¡Áú ¼ö ÀÖ´Ù¸é, ´ëºÎºÐÀÇ system crackerµé¿¡°Ô´Â ÃæºÐÇÏ´Ù. ¶ÇÇÑ, cracker°¡ ´ç½ÅÀÇ /etc/passwd fileÀ» ÀÌ¹Ì °¡Áö°í ÀÖ´Ù¸é, ±×µéÀº /etc/passwd file¿¡ Æ÷ÇԵǾî ÀÖ´Â salt °ª¸¸ °¡Áö°í »çÀüÀ» encodeÇÏ¸é µÈ´Ù. ÀÌ ¹æ¹ýÀº 200MegabyteÀÇ °ø°£°ú 486±Þ computer¸¦ °¡Áö°í ÀÖ´Â º¸Åë û¼Ò³âÀ̸é ÀÌ¿ëÇÒ ¼ö ÀÖ´Ù. ½ÉÁö¾î ¸¹Àº °ø°£¾øÀÌ, crack(1)°ú °°Àº utilityµéÀº ÃÖ¼ÒÇÑ ÃæºÐÈ÷ ¸¹Àº »ç¿ëÀÚ¸¦ È®º¸ÇÏ°í ÀÖ´Â systemÀÇ password¸¦ 2°³Á¤µµ´Â ±ý ¼ö ÀÖ´Ù (user°¡ ÀÚ±â ÀÚ½ÅÀÇ password¸¦ °í¸¦ ¼ö ÀÖ´Â systemÀ̶ó°í ÇÑ´Ù¸é). /etc/passwd fileÀº user ID¿Í group ID¿Í °°Àº ´ëºÎºÐÀÇ system program¿¡¼­ ¾²´Â Á¤º¸¸¦ °¡Áö°í ÀÖ´Ù. °Ô´Ù°¡ /etc/passwd fileÀº "¸ðµÎ Àб⠰¡´É"À¸·Î ³²¾Æ ÀÖ¾î¾ß ÇÑ´Ù. /etc/passwd fileÀ» ¾Æ¹«µµ º¸Áö ¸øÇÏ°Ô Çϸé, Á¦ÀÏ ¸ÕÀú ls -l ¸í·ÉÀÌ ÀÌÁ¦ user À̸§´ë½Å user ID¸¦ Ãâ·ÂÇÏ´Â °ÍÀ» º¸°Ô µÉ °ÍÀÌ´Ù! Shadow Suite´Â password¸¦ ´Ù¸¥ file(´ë°³ /etc/shadow)¿¡ À§Ä¡½ÃÅ´À¸·Î½á ÀÌ ¹®Á¦¸¦ ÇØ°áÇÑ´Ù. /etc/shadow fileÀº ¾î´À ´©±¸µµ º¼ ¼ö ¾øµµ·Ï µÇ¾î ÀÖ´Ù. root¸¸ÀÌ /etc/shadow¸¦ º¼ ¼ö ÀÖ°í, ¾µ ¼ö ÀÖ´Ù. ¾î¶² program (xlock °°Àº)Àº password¸¦ ¹Ù²Ü¼ö ÀÖ´Â ±Ç¸®¸¦ ¿øÇÏÁö ¾Ê´Â´Ù. password¸¦ È®ÀÎÇÒ ¼ö ÀÖÀ¸¸é µÈ´Ù. ÀÌ·± programµéÀº suid root·Î ½ÇÇàµÇ°Å³ª, /etc/shadow¸¦ Àб⸸ ÇÒ ¼ö ÀÖ´Â shadow·Î groupÀ» ¹Ù²Ù¾î ÁÖ¸é µÈ´Ù. ±×·¯¸é programÀº sgid shadow·Î ½ÇÇà½Ãų ¼ö ÀÖ´Ù. password¸¦ /etc/shadow file·Î ¿Å°Ü ÁÜÀ¸·Î½á, dictionary attack¸¦ Çϱâ À§Çؼ­ encodeµÈ passwordµé¿¡ Á¢±ÙÇÏ´Â °ø°ÝÀÚµéÀº È¿°úÀûÀ¸·Î ¹æÇØÇÒ ¼ö ÀÖ´Ù. Ãß°¡ÀûÀ¸·Î Shadow Suite´Â ¸î°¡Áö ±¦ÂúÀº ±â´ÉÀ» ´õ °¡Áö°í ÀÖ´Ù: login ±âº»»çÇ×(/etc/login.defs)µéÀÌ ÁغñµÈ configuration file user °èÁ¤ ¹× groupÀ» Ãß°¡, ¼öÁ¤, »èÁ¦ÇÏ´Â utilityµé passwordÀÇ À¯È¿±â°£ ¼³Á¤°ú °æ°úÈÄ Ãë¼Ò °èÁ¤ ¹«È¿¿Í µ¿°á group passwordµéÀÇ shadow (¼±ÅûçÇ×) 2¹è ±æÀ̸¦ °¡Áö´Â passwrd (16¹®ÀÚ password) (±ÇÇÏÁö ¾ÊÀ½) user°¡ password¸¦ °í¸¦ ¶§, ÀûÀýÇÑ ÅëÁ¦ ÀüÈ­Á¢¼Ó¿ë password º¸Á¶ ÀÎÁõ program (±ÇÇÏÁö ¾ÊÀ½) Shadow Suite¸¦ ¼³Ä¡ÇÏ´Â °ÍÀº Á» ´õ º¸¾ÈÀÌ °­È­µÈ systemÀ¸·Î ¸¸µé¾î ÁØ´Ù. ±×·¯³ª, Linux systemÀÇ º¸¾ÈÀ» °­È­½ÃÄÑÁÖ´Â ´Ù¸¥ ¸¹Àº °ÍµéÀÌ ÀÖ°í, µû¶ó¼­ ±Ã±ØÀûÀ¸·Î ´Ù¸¥ º¸¾È µµ±¸³ª °ü·ÃµÈ »ç¾ÈÀ» ´Ù·ç´Â Linux Security HOWTO series°¡ »ý±æ °ÍÀÌ´Ù. ¾Ë·ÁÁø Ãë¾àÁ¡À» Æ÷ÇÔÇÑ Linux º¸¾È ¹®Á¦¿¡ ´ëÇÑ Á¤º¸¸¦ ¾òÀ¸·Á¸é Linux Security home page¸¦ ¹æ¹®Çϱ⠹ٶõ´Ù. 4.3.2 /etc/passwd fileÀÇ Çü½Ä shadowÀÇ ¼¼·Ê¸¦ ¹ÞÁö ¾ÊÀº /etc/passwd fileÀº ´ÙÀ½°ú °°ÀÌ ±¸¼ºµÇ¾î ÀÖ´Ù. username:passwd:UID:GID:full_name:directory:shell °¢ ¿ä¼Ò´Â username »ç¿ëÀÚ (login) À̸§ passwd encodeµÈ password UID ¼ýÀÚ·Î µÈ user ID GID ¼ýÀÚ·Î µÈ ±âº» group ID full_name userÀÇ ½ÇÁ¦ À̸§ - ½ÇÁö·Î ÀÌ field´Â GECOS (General Electric Comprehensive Operating System: ÀÏ¹Ý ÀüÀÚÀû Á¾ÇÕ ¿î¿µ ü°è?) field¶ó°í ºÒ¸®¿ì¸ç, ´ÜÁö ½ÇÁ¦ À̸§º¸´Ù´Â ´Ù¸¥ Á¤º¸¸¦ °¡Áú ¼ö ÀÖ´Ù. Shadow ¸í·Éµé°ú manual page´Â ÀÌ field¸¦ comment·Î ´Ù·é´Ù. directory »ç¿ëÀÚÀÇ home directory (Full pathname) shell »ç¿ëÀÚÀÇ login shell (Full pathname) ¿¹¸¦ µé¸é username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh Np´Â saltÀ̸ç, ge08pfz4wuk´Â encodeµÈ passwordÀÌ´Ù. encodeµÈ salt/password´Â kbeMVnZM0oL7I°¡ µÉ ¼öµµ ÀÖ°í, µÑÀº °°Àº password¸¦ °¡¸®Å²´Ù. °°Àº password¿¡ ´ëÇؼ­ 4096°³ÀÇ ´Ù¸¥ encodingÀÌ Á¸ÀçÇÒ ¼ö ÀÖ´Ù. (¿¹¸¦ µç password´Â 'password'À̸ç, »ó´çÈ÷ ³ª»Û passwordÀÌ´Ù). shadow suite°¡ ¼³Ä¡µÇ¸é, /etc/passwd fileÀº ´ÙÀ½Ã³·³ ¹Ù²ï´Ù: username:x:503:100:Full Name:/home/username:/bin/sh µÎ¹ø° fieldÀÇ x´Â ¾Æ¹« °Íµµ ¾Æ´Ï´Ù. (°ø°£¸¸ Â÷ÁöÇÏ°í ÀÖÀ» »ÓÀÌ´Ù.) /etc/passwd fileÀÇ Çü½ÄÀº ÀüÇô ¹Ù²îÁö ¾Ê¾Ò´Ù. ´ÜÁö encodeµÈ password¸¦ Æ÷ÇÔÇÏÁö ¾ÊÀ» »ÓÀÌ´Ù. ÀÌ´Â /etc/passwd fileÀ» Àб⸸ ÇÒ »Ó password¸¦ °Ë»çÇÏÁö ¾ÊÀº programÀº ¾Æ¹« ÀÌ»ó¾øÀÌ µ¹¾Æ°£´Ù´Â °ÍÀ» ÀǹÌÇÑ´Ù. ÀÌÁ¦ password°¡ shadow file(´ëºÎºÐ /etc/shadow file)·Î Àç¹èÄ¡µÈ´Ù. 4.3.3 shadow fileÀÇ Çü½Ä /etc/shadow fileÀº ´ÙÀ½°ú °°Àº Á¤º¸¸¦ °®°í ÀÖ´Ù: username:passwd:last:may:must:warn:expire:disable:reserved °¢ ¿ä¼Ò´Â: username »ç¿ëÀÚ À̸§ passwd encodeµÈ password last ÃÖ±ÙÀÇ password¸¦ ¹Ù²Û ³¯ (1970, 1, 1ÀϺÎÅÍ °è»êÇÑ ³¯¼ö) may password¸¦ ¹Ù²Û ´ÙÀ½, ¶Ç ¹Ù²Ù±â À§ÇØ ±â´Ù¸®´Â ³¯¼ö (´ÙÀ½ password·ÎÀÇ º¯°æ À¯¿¹±â°£) must ´ÙÀ½ password·Î ¹Ù²Ü¾î¾ß ÇÒ ¶§±îÁöÀÇ ±â°£ (Çö password À¯È¿±â°£) warn password°¡ ¸¸·áµÇ±â Àü¿¡ user¿¡°Ô ¹Ù²Ü °ÍÀ» °æ°íÇÏ´Â ±â°£ expire password°¡ ¸¸·áµÈ µÚ, user °èÁ¤ »ç¿ëÀÌ ºÒ°¡´ÉÇϱâ±îÁö ±â°£ disable °èÁ¤ÀÌ »ç¿ë ºÒ°¡´ÉÇÏ°Ô µÈ ³¯(1970, 1, 1ÀϺÎÅÍ °è»êÇÑ ³¯¼ö) reserved ³²°ÜµÒ ÀüÀÇ ¿¹Á¦ °æ¿ì ´ÙÀ½°ú °°´Ù: username:Npge08pfz4wuk:9479:0:1000 4.3.4 crypt(3)¿¡ ´ëÇؼ­. crypt(3) manual ÆäÀÌÁö¿¡ ÀÇÇϸé: "crypt´Â password¸¦ encryptÇÏ´Â ÇÔ¼öÀÌ´Ù. ÀÌ´Â Data Encryption Standard algorithm¸¦ ±â¹ÝÀ¸·Î, (¹«¾ùº¸´Ù) key¸¦ ã´Â ±â°èÀûÀÎ ¹æ¹ýÀÌ ÀÌ¿ëµÇ±â Èûµéµµ·Ï ¾à°£ÀÇ º¯ÇüÀÌ °¡ÇØÁ® ÀÖ´Ù. key´Â »ç¿ëÀÚ°¡ ÀÔ·ÂÇÑ passwordÀÌ´Ù. encodeµÇ´Â stringÀ» ÀüºÎ NULLÀÌ´Ù. saltÀº a-zA-Z0-9./·Î ÀÌ·ç¾îÁø ÁýÇÕÀ¸·ÎºÎÅÍ °í¸¥ µÎ¹®ÀÚ·Î ÀÌ·ç¾îÁø ¹®ÀÚ¿­ÀÌ´Ù. ÀÌ ¹®ÀÚ¿­Àº 4096°³ °æ¿ìÁßÀÇ Çϳª·Î algorithmÀÌ È¥¶õ½º·´°Ô º¸ÀÌ·Á´Â ¸ñÀûÀ¸·Î ¾²ÀδÙ. keyÀÇ °¢ ¹®ÀÚÀÇ ÇÏÀ§ 7 bitÀ» ÃëÇÔÀ¸·Î½á, 56-bit key°¡ ÁÖ¾îÁø´Ù. ÀÌ 56-bit key´Â ÀÏÁ¤ÇÑ ¹®ÀÚ¿­À», ¹Ýº¹Çؼ­ encryptÇÏ´Â µ¥ ¾²ÀδÙ. °á°ú´Â 13°³ ASCII ¹®ÀÚ¿­·Î, encryptµÈ password¸¦ °¡¸®Å²´Ù (óÀ½ µÎ°³ ¹®ÀÚ´Â salt ±× ÀÚ½ÅÀÌ´Ù). °á°ú°ªÀº ¸Å¹ø È£ÃâµÉ ¶§¸¶´Ù ´Ù½Ã ¾²ÀÌ´Â °íÁ¤µÈ data¸¦ °¡¸®Å²´Ù. °æ°í: key space´Â 2**56, Áï 7.2e16 °¡´ÉÇÑ °ªÀ¸·Î ÀÌ·ç¾îÁ® ÀÖ´Ù. key space¸¦ »ô»ôÀÌ µÚÁö´Â °ÍÀº °Å´ëÇÑ º´·Ä computer¸¦ »ç¿ëÇÏ¸é °¡´ÉÇÒ °ÍÀÌ´Ù. crack(1)¿Í °°Àº, ´ëºÎºÐÀÇ »ç¶÷µéÀÌ password·Î »ï´Â key spaceÀÇ Æ¯Á¤ ºÎºÐÀ» ã´Â software°¡ ÀÖ´Ù. µû¶ó¼­, ÃÖ¼ÒÇÑ password¸¦ ¼±ÅÃÇÒ ¶§, ÀÚÁÖ ¾²ÀÌ´Â ´Ü¾î³ª À̸§Àº ÇÇÇϱ⠹ٶõ´Ù. passwd programÀ» »ç¿ëÇÏ¿©, ã±â ½¬¿î password¸¦ ¼±ÅÃÇÏ´Â Áö °Ë»çÇϱ⸦ ¹Ù¶õ´Ù. DES algorithm, ±× ÀÚü´Â °¡²û crypt(3) interface¸¦ »ç¿ëÇÏ´Â °ÍÀÌ ´Ù¸¥ password ÀÎÁõÀ» À§ÇÑ ¾î¶² °Íº¸´Ù ´õ ³ª»Û ¼±ÅÃÀ¸·Î ¸¸µé¾î ¹ö¸®´Â °æÇâÀÌ ÀÖ´Ù. º¸¾È °­È­¸¦ À§Çؼ­ crypt(3)¸¦ »ç¿ëÇÏ·Á°í ÇÑ´Ù¸é, DES¸¸ »ç¿ëÇÏÁö ¸¶¶ó: encryption¿¡ ´ëÇÑ ÁÁÀº Ã¥°ú ³Î¸® ¾²ÀÌ´Â DES libraryµéÀ» ±¸Ç϶ó." (¿ªÀÚÁÖ : ¿ø¹®Àº The DES algorithm itself has a few quirks which make the use of the crypt(3) interface a very poor choice for anything other than password authentication. If you are planning on using the crypt(3) interface for a cryptography project, don't do it: get a good book on encryption and one of thewidely available DES libraries." ÀÔ´Ï´Ù. ±×Áß¿¡¼­ don't do it: get ...ºÎºÐÀÌ ¸Å¿ì ¾Ö¸ÅÇÕ´Ï´Ù. itÀÌ ¹«¾ó °¡¸®Å°´Â °ÇÁö ¸íÈ®ÇÏÁö ¾Ê½À´Ï´Ù. ÀÏ´Ü, get ...À»±ÇÀ¯ÇÏ´Â °ÍÀ¸·Î ÃßÃøÇÏ°í ¹ø¿ªÀ» Çß´Â µ¥...) ´ëºÎºÐ Shadow SuiteµéÀº passwordÀÇ ±æÀ̸¦ 16¹®ÀÚ·Î ´ÃÀÌ´Â code¸¦ Æ÷ÇÔÇÑ´Ù. desÀÇ Àü¹®°¡µéÀº À̸¦ ±ÇÇÏÁö´Â ¾Ê´Â´Ù. ¿Ö³ÄÇϸé Àü¹ÝºÎ¸¦ encodingÇÑ µÚ, ±ä passwordÀÇ ÈĹݺθ¦ encodingÇÏ´Â ´Ü¼øÇÑ ¹æ¹ýÀ̱⠶§¹®ÀÌ´Ù. cryptÀÇ ¹æ½Ä´ë·Î¶ó¸é, ±ä password¸¦ »ç¿ëÇÏÁö ¾Ê´Â °Íº¸´Ù ´õ Ãë¾àÇÑ password¸¦ ¸¸µé ¼ö ÀÖ´Ù. ´õ¿íÀÌ, »ç¿ëÀÚ°¡ 16¹®ÀÚ³ª µÇ´Â password¸¦ ±â¾ïÇϱâ Èûµé´Ù´Â Ãø¸éµµ ÀÖ´Ù. crypt ¹æ¹ý°ú ȣȯ¼ºÀ» Áö´Ï¸é¼­, ±ä password¸¦ Áö¿øÇÏ°í ´õ °­È­µÈ ÀÎÁõ(ƯÈ÷, MD5 algorithm)À» ÇÒ ¼ö ÀÖ´Â ¹æ¹ýÀÌ ¿¬±¸ÁßÀÌ´Ù. encryption¿¡ ´ëÇÑ Ã¥À¸·Î ´ÙÀ½À» ±ÇÇÑ´Ù: "Applied Cryptography: Protocols, Algorithms, and Source Code in C" by Bruce Schneier ISBN: 0-471-59756-2 4.3.5 Shadow Suite °¡ ÀÖ´Â ÀÎÅÍ³Ý ÁÖ¼Ò ftp://ftp.icm.edu.pl/pub/Linux/shadow/shadow-current.tar.gz ftp://iguana.hut.fi/pub/linux/shadow/shadow-current.tar.gz ftp://ftp.cin.net/usr/ggallag/shadow/shadow-current.tar.gz ftp://ftp.netural.com/pub/linux/shadow/shadow-current.tar.gz 4.3.6 Shadow Suite Installation Guide 4.3.6.1 ¾ÐÃàÇ®±â. package¸¦ ¹ÞÀ» µÚ óÀ½ ÇÒ ÀÏÀº Ç®¾î Á¦Ä¡´Â °ÍÀÌ´Ù. package´Â gzipÀ¸·Î ¾ÕÃàµÈ tar (tape archive) Çü½ÄÀ¸·Î µÇ¾î ÀÖÀ¸¹Ç·Î, /usr/src·Î ¿Å±ä µÚ: tar -xzvf shadow-current.tar.gz ±×·¯¸é, /usr/src/shadown-YYMMDD¶ó´Â directory¿¡ Ç®¸± °ÍÀÌ´Ù. 4.3.6.2 config.h fileÀ» °¡Áö°í ¼³Á¤ÇÕ´Ï´Ù. ù°, Makefile°ú config.h¸¦ º¹»çÇÑ´Ù: cd /usr/src/shadow-YYMMDD cp Makefile.linux Makefile cp config.h.linux config.h ±×¸®°í config.h¸¦ º¸¶ó. ÀÌ fileÀº ¸î¸î ¼³Á¤ »çÇ׿¡ ´ëÇÑ Á¤ÀǸ¦ ´ã°í ÀÖ´Ù. ¸¸ÀÏ ±Ç°íÇÑ package¸¦ °¡Áö°í ÀÖ´Ù¸é, ÀÏ´Ü group shadow Áö¿øÀ» »ç¿ëÇÏÁö ¾Êµµ·Ï Çϱ⸦ ±ÇÇÑ´Ù. ±âº»À¸·Î, shadowµÈ group passwordµéÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. À̸¦ ¹Ù²Ù±â À§Çؼ­ config.hÀÇ #define SHADOWGRP¸¦ #undef SHADOWGRP·Î ¹Ù²Û´Ù. ³ª´Â ±×µéÀ» »ç¿ëÇÏÁö ¾Ê°í ½ÃÀÛÇÒ °ÍÀ» ¿øÇÑ´Ù. ³ªÁß¿¡ Àý½ÇÈ÷ group password¿Í group °ü¸®ÀÚ¸¦ ¿øÇÑ´Ù¸é, ´Ù½Ã »ç¿ë°¡´ÉÇϵµ·Ï ÇÑ µÚ ÀçcompileÇÏ¸é µÈ´Ù. ¸¸ÀÏ »ç¿ë°¡´ÉÀ¸·Î ³²°ÜµÐ´Ù¸é, ¹Ýµå½Ã /etc/gshadow fileÀ» ¸¸µé¾î¾ß ÇÑ´Ù. ±ä password »ç¿ëÀ» ÇÏ´Â °ÍÀº ¾Õ¿¡¼­ ¾ê±âÇÑ´ë·Î ±ÇÇÏÁö ¾Ê´Â´Ù. #undef AUTOSHADOW¶ó°í ÇÑ °ÍÀ» ¹Ù²ÙÁö ¸»¶ó. AUTOSHADOW ¼±ÅûçÇ×Àº shadow¸¦ ¹«½ÃÇÏ´Â programµéÀÌ °è¼Ó ÀÛµ¿Çϵµ·Ï ÇÏ·Á´Â ¸ñÀûÀ¸·Î ÁغñµÈ °ÍÀ̾ú´Ù. ÀÌ À̾߱â´Â À̷лóÀ¸·Î´Â ±¦ÂúÁö¸¸, Á¦´ë·Î ±â´ÉÇÏÁö ¾Ê´Â´Ù. ÀÌ optionÀ» Çã¿ëÇÏ°í root·Î½á programÀ» ½ÇÇà½ÃÅ°¸é, ±× ³ðÀº getpwnam()¸¦ root±ÇÇÑÀ¸·Î ºÎ¸£°í, ÈÄ¿¡ /etc/passwd file¿¡ ¼öÁ¤µÈ ³»¿ëÀ» ´Ù½Ã ¾²°Ô µÈ´Ù (´õÀÌ»ó shadowµÇÁö ¾ÊÀº ä·Î). ±×·± program¿¡´Â chfn°ú chsh°¡ ÀÖ´Ù. (getpwnam()¸¦ È£ÃâÇϱâ Àü¿¡, ½ÇÁ¦ uid¿Í À¯È¿ uid¸¦ ¹Ù²Û´ÙÇصµ À̸¦ ȸÇÇÇÒ ¼ö ¾ø´Ù. ¿Ö³ÄÇϸé rootµµ chfn°ú chsh¸¦ »ç¿ëÇÒ °ÍÀ̱⶧¹®ÀÌ´Ù. (¿ªÀÚÁÖ: ¸ðÈ£Çϳ׿ä. system programming¿¡ °üÇÑ ³»¿ë°°´Â µ¥... ¾Æ½Ã´Â ºÐÀÇ ¼³¸í ¹Ù¶ø´Ï´Ù.)) libc¸¦ ¸¸µé ¶§µµ °°Àº °æ¿ì°¡ ÀÖ´Ù. SHADOW_COMPAT optionÀÌ ±× °ÍÀÌ´Ù. ±× °ÍÀº ¾²¸é¾È µÈ´Ù! /etc/passwd·ÎºÎÅÍ encodeµÈ password¸¦ ¾ò±â ½ÃÀÛÇÑ´Ù´Â °ÍÀÌ ¹®Á¦´Ù. Áö±Ý »ç¿ëÇÏ°í ÀÖ´Â libc versionÀÌ 4.6.27ÀÌÀüÀ̶ó¸é, config.h¿Í MakefileÀ» °íÄ¥ °ÍÀÌ ´õ ÀÖ´Ù. config.h¿¡¼­ ¹Ù²Ü °ÍÀº: #define HAVE_BASENAME À» #undef HAVE_BASENAME À¸·Î. ±×¸®°í Makefile¿¡¼­´Â: SOBJS = smain.o env.o entry.o susetup.o shell.o \ sub.o mail.o motd.o sulog.o age.o tz.o hushed.o SSRCS = smain.c env.c entry.c setup.c shell.c \ pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \ tz.c hushed.c À» SOBJS = smain.o env.o entry.o susetup.o shell.o \ sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o SSRCS = smain.c env.c entry.c setup.c shell.c \ pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \ tz.c hushed.c basename.c À¸·Î. ÀÌ °íħÀº libc 4.6.27À̳ª ±× ÀÌÈÄ¿¡ Æ÷ÇÔµÈ basename.c¿¡ ÀÖ´Â code¸¦ µ¡ºÙÀδÙ. 4.3.6.3 ¿ø programÀÇ backup copyµéÀ» ¸¸µç´Ù. shadow suite°¡ ´ëü½Ãų programµéÀ» ÃßÀûÇؼ­ backupÀ» ¸¸µå´Â °Íµµ ÁÁÀº »ý°¢ÀÌ´Ù. Slackware 3.0¿¡´Â ´ÙÀ½°ú °°´Ù: /bin/su /bin/login /usr/bin/passwd /usr/bin/newgrp /usr/bin/chfn /usr/bin/chsh /usr/bin/id BETA package´Â Makefile¿¡ backupÀ» ¸¸µé ¸ñ·ÏÀÌ ÀÖÁö¸¸, ´Ù¸¥ ¹èÆ÷ÆÇ¿¡¼­ ´Ù¸¥ À§Ä¡¿¡ ³õ¿© ÀÖÀ» ¼ö Àֱ⿡ ¼³¸íÀ¸·Î 󸮵Ǿî ÀÖ´Ù. ¶ÇÇÑ /etc/passwd fileÀ» backup¹Þ±â¸¦ ¹Ù¶õ´Ù. ±×·¯³ª, °°Àº directory¿¡ ¸¸µé ¶§, passwd ¸í·ÉÀ¸·Î µ¤¾î ¾²Áö ¸øÇϵµ·Ï, À̸§À» Á¤ÇÒ ¶§ Á¶½ÉÇضó. 4.3.6.4 make¸¦ ½ÇÇà °ÅÀÇ ´ëºÎºÐÀÇ ¼³Ä¡°úÁ¤¿¡¼­ ´ç½ÅÀÌ root ±ÇÇÑÀ» Áö´Ò ÇÊ¿ä°¡ ÀÖ´Ù. package¸¦ compileÇϱâ À§ÇØ makeÀ» ½ÇÇà½ÃŲ´Ù: make all ´ÙÀ½°ú °°Àº °æ°í¹®°¡ ³ª¿À´Â °æ¿ì°¡ ÀÖ´Ù: rcsid defined but not used (rcsid°¡ Á¤ÀǵǾî ÀÖÁö¸¸ »ç¿ëµÇÁö ¾Ê½À´Ï´Ù). ±¦Âú´Ù, ÀÌ °Ç ÀúÀÚ°¡ version control package¸¦ »ç¿ëÇϱ⿡ ³ª¿À´Â °ÍÀÌ´Ù. 4.3.6.5 ÀÏÀÌ À߸øµÅ¾î °¥ °æ¿ì¸¦ ´ëºñÇؼ­ boot disk¸¦ ÁغñÇսôÙ. ¹º°¡ À߸øµÇ¾î °£´Ù¸é, boot disk¸¦ ÁغñÇØ¾ß µÉ °ÍÀÌ´Ù. ¼³Ä¡½Ã boot/root disk¸¦ »ç¿ëÇß´Ù¸é, ±× °É·Î ÃæºÐÇÏ´Ù. ±×·¸Áö ¾Ê´Ù¸é, Bootdisk-HOWTO¿¡ booting°¡´ÉÇÑ disk¸¦ ¸¸µå´Â ¹ýÀÌ ÀûÇôÀÖÀ¸´Ï ÂüÁ¶Ç϶ó. 4.3.5.6 Áߺ¹µÈ man pageµéÀ» Á¦°ÅÇϱ⠶ÇÇÑ, ´ëüµÉ manual pageµéÀ» ¿Å±â±æ ¹Ù¶õ´Ù. ½ÉÁö¾î backup¾øÀÌ Shadow Suite¸¦ ¼³Ä¡ÇÒ Á¤µµ·Î ¹«¸ðÇÒÁö´õ¶óµµ, ¿©ÀüÈ÷ ¿¾ manual pageµéÀº Á¦°ÅÇϱ⸦ ¿øÇÒ °ÍÀÌ´Ù. ´ë°³ ¿¾ manual page°¡ ¾ÐÃàµÇ¾î º¸°üµÇ¾î ÀÖÀ¸¹Ç·Î, »õ °ÍµéÀº ÀÌÀü °Í¿¡ µ¤¾î¾²Áö ¸øÇÒ ¼ö ÀÖ´Ù. Á¦°Å ¶Ç´Â ¿Å±æ ÇÊ¿ä°¡ ÀÖ´Â manual page¸¦ ã±â À§ÇØ man -aW command³ª locate command¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù. make installÀ» ½ÇÇà½ÃÅ°±â Àü¿¡ ±×·± ½ÄÀ¸·Î ¿¾ pageµéÀ» ã´Â °ÍÀÌ ÀϹÝÀûÀ¸·Î ´õ ½±´Ù. Slackware 3.0 ¹èÆ÷ÆÇÀ» »ç¿ëÇÑ´Ù¸é, Á¦°ÅÇØ¾ß ÇÒ man pageµéÀº: /usr/man/man1/chfn.1.gz /usr/man/man1/chsh.1.gz /usr/man/man1/id.1.gz /usr/man/man1/login.1.gz /usr/man/man1/passwd.1.gz /usr/man/man1/su.1.gz /usr/man/man5/passwd.5.gz ¶Ç, /var/man/cat[1-9]ÀÇ subdirectory¿¡ »èÁ¦ÇØ¾ß ÇÒ °Í°ú °°Àº À̸§À» Áö´Ñ ³ðµéÀÌ ÀÖ´Ù. 4.3.6.7 make installÀ» ½ÇÇà ÀÌÁ¦ Áغñ°¡ ³¡³µ´Ù: (root·Î¼­ ÀÌ ÀÏÀ» ÇսôÙ) make install ÀÌ ÀÏÀº »õ °ÍÀ» ±ò°Å³ª, ¿¾ °Í°ú ´ëüÇϸç file permissionÀ» °íÄ£´Ù. ¶Ç, man pageµµ ¼³Ä¡ÇÑ´Ù. ±×¸®°í, /usr/include/shadow¿¡ Shadow Suite¿¡ ÀÖ´Â include fileÀ» ¼³Ä¡ÇØÁØ´Ù. BETA package¸¦ ¾´´Ù¸é, Á÷Á¢ login.defs¸¦ /etc¿¡ º¹»çÇÏ°í, root¸¸ÀÌ À̸¦ ¹Ù²Ü ¼ö ÀÖµµ·Ï ÇØÁÖ¾î¾ß ÇÑ´Ù. cp login.defs /etc chmod 700 /etc/login.defs ÀÌ fileÀº login programÀÇ ¼³Á¤ fileÀÌ´Ù. ³»¿ëÀ» ´Ù½Ã º¸°í, ´ç½ÅÀÇ system¿¡ ¸Â°Ô °íÄ¡±â ¹Ù¶õ´Ù. ÀÌ°ÍÀº root·Î loginÇÒ ¼ö ÀÖ´Â tty¸¦ °áÁ¤ÇÏ°í, ´Ù¸¥ º¸¾È °ü·Ã settingÀ» °áÁ¤ÇÑ´Ù(password Ãë¼Ò¿¡ ´ëÇÑ ±âº»°ª°°Àº). 4.3.6.8 pwconv ½ÇÇà ´ÙÀ½ ÀÏÀº pwconv¸¦ ½ÇÇà½ÃÅ°´Â °ÍÀÌ´Ù. ¹Ýµå½Ã root·Î¼­ ÀÌ ÀÏÀ» ÇØ¾ß µÉ »Ó¸¸ ¾Æ´Ï¶ó, /etc directory¿¡¼­ ÇÏ¸é ±Ý»ó÷ȭ´Ù: cd /etc /usr/sbin/pwconv pwconv´Â /etc/passwd¿Í ±× ¾È¿¡¼­ ¸î¸î fieldÀ» °¡Á®¿Í ´ÙÀ½ µÎ fileÀ» ¸¸µç´Ù: /etc/npasswd ¿Í /etc/nshadow. pwunconv programÀº /etc/passwd¿Í /etc/shadow·ÎºÎÅÍ Æò¹üÇÑ /etc/passwd fileÀ» ¸¸µé °æ¿ì¿¡ ´ëºñÇØ ÁÖ¾îÁø´Ù. 4.3.6.9 npasswd¿Í nshadowÀÇ À̸§À» ¹Ù²Û´Ù. ÀÌÁ¦ pwconv¸¦ ½ÇÇà½ÃÄѼ­ /etc/npasswd¿Í /etc/nshadow¸¦ ¾ò¾ú´Ù. ÀÌ °ÍµéÀ» /etc/passwd¿Í /etc/shadow·Î µ¤¾î¾µ ÇÊ¿ä°¡ ÀÖ´Ù. ¿ì¸®´Â ¿ø /etc/passwd¸¦ backupÀ» ¹Þ±â¸¦ ¿øÇÏ°í, root¸¸ ÀÐÀ» ¼ö ÀÖ°Ô ÇÑ´Ù. ±×¸®°í backupÀ» rootÀÇ home directory·Î ¿Å±ä´Ù: cd /etc cp passwd ~passwd chmod 600 ~passwd mv npasswd passwd mv nshadow shadow fileÀÇ ¼ÒÀ¯¿Í permission¿¡ °üÇÑ °ÍÀ» Á¤È®ÇÏ°Ô Çضó. X-Windows¸¦ ¾µ »ý°¢À̶ó¸é, xlock¿Í xdm programÀº shadow fileÀ» ÀÐÀ» ¼ö ÀÖ°Ô ÇÑ´Ù (¾²´Â °ÍÀº ¸»°í). ÀÌ ÀÏÀ» °¡´ÉÇÏ°Ô ÇÏ´Â ¹æ¹ýÀº µÎ°¡Áö´Ù. xlock¿¡ suid root¸¦ ¼³Á¤ÇØ ÁÙ ¼ö ÀÖ´Ù(xdm°¡ rootÀÇ ±ÇÇÑÀ¸·Î ½ÇÇàµÉ ¼ö ÀÖ´Ù). ¶Ç´Â shadow fileÀ» shadow groupÀÇ root°¡ ¼ÒÀ¯ÇÑ °ÍÀ¸·Î ¸¸µå´Â °ÍÀÌ´Ù. ±×·¯³ª µÎ ¹ø° Á¦¾ÈÀ» Çϱâ Àü¿¡ shadow group(/etc/group¸¦ º¸¶ó)ÀÌ ÀÖ´Â Áö È®½ÇÈ÷ Çضó. ÇöÀç systemÀÇ ¾î¶² »ç¿ëÀÚµµ shadow group¿¡ ¼ÓÇØÀÖÀ¸¸é ¾ÈµÈ´Ù. chown root.root passwd chown root.shadow shadow chmod 0644 passwd chmod 0640 shadow ÀÌÁ¦ systemÀ» shadowµÈ password fileÀ» °¡Áö°Ô µÇ¾ú´Ù. ´Ù¸¥ °¡»ó terminalÀ» ¶ç¿ì°í, loginÇÒ ¼ö ÀÖ´Â Áö Á¡°ËÇÏ´Â °ÍÀÌ ÁÁÀ» °ÍÀÌ´Ù. Áö±Ý Çضó! ¾È µÅ¸é, ¹º°¡ À߸øµÈ°Å´Ù! shadowµÇÁö ¾ÊÀº »óÅ·Πµ¹¾Æ°¡±â À§Çؼ­ ´ÙÀ½Ã³·³ ÇÑ´Ù: cd /etc cp ~passwd passwd chmod 644 passwd ±×¸®°í ³ª¼­, ÀÌÀü¿¡ ÀÖ´ø Àå¼Ò·Î ¸ðµç fileÀ» µÇµ¹·Á ³õ¾Æ¾ß ÇÒ °ÍÀÌ´Ù. 4.3.7 Shadow Passwd »ç¿ë¹ý ÀÌ sectionÀº system¿¡ Shadow SuiteÀ» ±ò°í ³ª¼­ ¾Ë°í ½ÍÀº ¸î¸î ÁÖÁ¦¸¦ ´Ù·é´Ù. ´õ ÀÚ¼¼ÇÑ °ÍÀº °¢ ¸í·ÉÀÇ manual page¸¦ ÂüÁ¶Çϱ⠹ٶõ´Ù. 4.3.7.1 »ç¿ëÀÚ°èÁ¤ Ãß°¡, ¼öÁ¤, »èÁ¦ Shadow Suite´Â »ç¿ëÀÚ °èÁ¤À» °ü¸®ÇÏ´Â, ´ÙÀ½°ú °°Àº ¸í·ÉµéÀ» Ãß°¡Çß´Ù. ÀÌ¹Ì adduser programÀº ±×Àü¿¡ ¼³Ä¡µÇ¾î ÀÖ¾úÀ» °ÍÀÌ´Ù. useradd useradd ¸í·ÉÀº »ç¿ëÀÚ¸¦ Ãß°¡ÇÑ´Ù. ¶ÇÇÑ, ±âº» ¼³Á¤À» ¹Ù²Ù±â À§ÇØ ÀÌ ¸í·ÉÀ» ½ÇÇàÇÒ¼ö ÀÖ´Ù. óÀ½ ÇØ¾ß ÇÒ ÀÏÀº ±âº» ¼³Á¤À» È®ÀÎÇÏ°í, system¿¡ ¸Â°Ô °íÄ¡´Â °ÍÀÌ´Ù: useradd -D GROUP=1 HOME=/home INACTIVE=0 EXPIRE=0 SHELL= SKEL=/etc/skel ±âº» ¼³Á¤Ä¡´Â ¾Æ¸¶ ¸¾¿¡ µéÁö ¾ÊÀ» °ÍÀÌ´Ù. µû¶ó¼­ Áö±Ý »ç¿ëÀÚ¸¦ Ãß°¡ÇÏ·Á¸é, °¢°¢ »ç¿ëÀÚ¿¡°Ô °øÅëµÇ´Â ¸ðµç Á¤º¸¸¦ Á¤ÇØ¾ß ÇÑ´Ù. ¾î·µç ¿ì¸®´Â ±âº» ¼³Á¤Ä¡¸¦ ¹Ù²Ù°í µ¡ºÙÀÏ°Å´Ù. ³» system¿¡¼­´Â: ±âº» groupÀº 100ÀÌ´Ù. password´Â 60Àϸ¶´Ù Çѹø¾¿ ¹Ù²Û´Ù. password°¡ Ãë¼ÒµÉ ¼ö ÀÖÀ¸¹Ç·Î °èÁ¤ÀÌ °íÁ¤µÇÁö ¾Ê±â¸¦ ¹Ù¶õ´Ù. ±âº» shellÀº /bin/bashÀÌ´Ù. ÀÌ·¸°Ô ¹Ù²Ù±â À§Çؼ­: useradd -D -g100 -e60 -f0 -s/bin/bash ÀÌÁ¦ useradd -D¸¦ Ä¡¸é: GROUP=100 HOME=/home INACTIVE=0 EXPIRE=60 SHELL=/bin/bash SKEL=/etc/skel ÀÌ·¯ÇÑ ±âº»Ä¡µéÀº /etc/default/useradd¿¡ ÀúÀåµÈ´Ù. ÀÌÁ¦ useradd¸¦ ½á¼­ system¿¡ »ç¿ëÀÚ¸¦ Ãß°¡ÇÒ ¼ö ÀÖ´Ù. ¿¹¸¦ µé¾î, fred¶ó´Â »ç¿ëÀÚ¸¦ ±âº»Ä¡¸¸ Àû¿ëÇؼ­ Ãß°¡ÇÑ´Ù¸é: useradd -m -c "Fred Flintstone" fred /etc/passwd file¿¡ ´ÙÀ½°ú °°Àº ¸íºÎ(?)°¡ »ý¼ºµÈ´Ù: fred:*:505:100:Fred Flintstone:/home/fred:/bin/bash ±×¸®°í, /etc/shadow file¿¡´Â: fred:!:0:0:60:0:0:0:0 fredÀÇ home directory°¡ ¸¸µé¾îÁö°í, -m switch°¡ ¾²¿´À¸¹Ç·Î /etc/skel Àüü°¡ ±× °÷À¸·Î º¹»çµÈ´Ù.¶ÇÇÑ, Ưº°È÷ UID¸¦ ÁöÁ¤ÇÏÁö ¾Ê¾ÒÀ¸·Î, ÀÌ¹Ì »ç¿ëµÈ UID ´ÙÀ½ °ÍÀÌ ¾²¿´´Ù. fredÀÇ °èÁ¤ÀÌ »ý°åÀ¸³ª, ¿ì¸®°¡ °èÁ¤À» Ç®¾îÁÖ±â Àü±îÁö´Â fred´Â loginÇÒ ¼ö ¾ø´Ù. °èÁ¤À» Ç®¾îÁÖ±â À§Çؼ­´Â password¸¦ ¹Ù²Ù¾î ÁÖ¾î¾ß ÇÑ´Ù. passwd fred Changing password for fred Enter the new password (minimum of 5 characters) Please use a combination of upper and lower case letters and numbers. New Password: ******* Re-enter new password: ******* ÀÌÁ¦ /etc/shadow´Â ´ÙÀ½°ú °°À» °ÍÀÌ´Ù: fred:J0C.WDR1amIt6:9559:0:60:0:0:0:0 ±×¸®°í, fred´Â loginÇؼ­ systemÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. Shadow Suite¿¡ ÀÖ´Â ´Ù¸¥ programµé°ú °°ÀÌ useradd°¡ ÁÁÀº Á¡Àº /etc/passwd¿Í /etc/shadow fileÀÇ ³»¿ëÀ» ¹Ù²Ü ¶§ ¹æÇعÞÁö ¾Ê´Â´Ù´Â Á¡ÀÌ´Ù. µû¶ó¼­ µ¿½Ã¿¡ ´ç½ÅÀº »ç¿ëÀÚ¸¦ Ãß°¡ÇÏ°í, ´Ù¸¥ ÀÌ¿ëÀÚ´Â ÀÚ½ÅÀÇ password¸¦ ¹Ù²Û´ÙÇصµ, µÑ ´Ù Á¦´ë·Î ÀÌÇàµÈ´Ù. (¿ªÀÚÁÖ: mutex lock, race condition°°Àº °É »ý°¢ÇÏ¸é µÉ °Í°°½À´Ï´Ù.) /etc/passwd, /etc/shadow¸¦ Á÷Á¢ ÆíÁýÇÏ´Â °Íº¸´Ù ÀÌ·± ¸í·ÉÀ» ¾²´Â °ÍÀÌ ´õ ÁÁ´Ù. ¸¸ÀÏ ´ç½ÅÀÌ /etc/shadow fileÀ» ÆíÁýÇÏ°í ÀÖ°í, ±× ¿ÍÁß¿¡ ÇÑ »ç¿ëÀÚ°¡ password¸¦ ¹Ù²Ù°í, ±×¸®°í³ª¼­ ´ç½ÅÀÌ ÆíÁýÀ» ³¡³»°í ÀúÀåÇϸé, ±× »ç¿ëÀÚ°¡ ÇÑ ÀÏÀ» ÀÒ¾î¹ö¸®°Ô µÈ´Ù. ¿©±â¿¡ useradd¿Í passwd¸¦ »ç¿ëÇÑ °£´ÜÇÑ ´ëÈ­Çü script°¡ ÀÖ´Ù: #!/bin/bash # # /sbin/newuser - Shadow SuiteÀÇ useradd¿Í passwd ¸í·ÉÀ» ÀÌ¿ëÇؼ­ # »ç¿ëÀÚ¸¦ Ãß°¡ÇÏ´Â script # # Linux Shadow Password HowtoÀÇ ¿¹Á¦·Î½á Mike Jackson ¿¡ # ÀÇÇØ ÀÛ¼ºµÆÀ½. »ç¿ë°ú ¼öÁ¤À» Ưº°È÷ Çã°¡ÇÔ. # # ÀÌ °ÍÀº SlackwareÀÇ Adduser programó·³ ±âº»Ä¡¸¦ º¸¿©ÁÖ°í, ¼öÁ¤ÇÒ ¼ö ÀÖµµ·Ï # ¹Ù²Ü ¼ö ÀÖ¾ú´Ù. ¶ÇÇÑ ¸ÛûÇÑ ÀÔ·ÂÀ» °ÅºÎÇϵµ·Ï ¹Ù²ð ¼ö ÀÖ¾ú´Ù. # (Áï, ´õ ³ªÀº ¿À·ù °Ë»çµî...) # ## # useradd ¸í·ÉÀÇ ±âº» ¼³Á¤Ä¡µé ## GROUP=100 # ±âº» Group HOME=/home # Home directory À§Ä¡ (/home/username) SKEL=/etc/skel # Skeleton(°øÅëÀûÀÎ ³»¿ëÀ» Áö´Ñ fileµé?) Directory INACTIVE=0 # password°¡ ±âÇÑÀÌ Áö³­ µÚ »ç¿ëÀÚ °èÁ¤ÀÌ ¹«È¿°¡ # µÇ±â±îÁöÀÇ ±â°£ (0=±×·¸°Ô ÇÏ°í ½ÍÁö ¾ÊÀ½) EXPIRE=60 # password À¯È¿±â°£ SHELL=/bin/bash # ±âº» Shell (full path) ## # passwd ¸í·ÉÀÇ ±âº» ¼³Á¤Ä¡µé ## PASSMIN=0 # password¸¦ ¹Ù²Û´ÙÀ½ ¶Ç ¹Ù²Ù±â À§ÇÑ À¯¿¹±â°£ PASSWARN=14 # passwordÀÇ ±âÇÑÀÌ Áö³ª±âÀü¿¡ °æ°íÇÏ´Â ±â°£ ## # script¸¦ ½ÇÇàÇÏ´Â »ç¿ëÀÚ°¡ rootÀÎÁö È®ÀÎ ## WHOAMI=`/usr/bin/whoami` if [ $WHOAMI != "root" ]; then echo "You must be root to add news users!" exit 1 fi ## # »ç¿ëÀÚ ID(username)¿Í ½ÇÁ¦ À̸§(Full name) ¹¯±â ## echo "" echo -n "Username: " read USERNAME echo -n "Full name: " read FULLNAME # echo "Adding user: $USERNAME." # # $FULLNAME ÁÖº¯¿¡ ""°¡ ÇÊ¿äÇÏ´Ù´Â °Í¿¡ ÁÖÀÇÇÒ °Í. ÀÌÀ¯´Â ÀÌ field´Â # ¹Ýµå½Ã °ø¶õÀÌ»óÀÇ ¹«¾ùÀΰ¡¸¦ Æ÷ÇÔÇϸç, "¸¦ ¾øÀÌ useradd command¸¦ # ½ÇÇà½ÃŲ´Ù¸é, ´ÙÀ½¿¡ À̾îÁö´Â parameterµéµµ ±× field¿¡ ÀϺκÐÀ¸·Î # ÀνĵȴÙ. # /usr/sbin/useradd -c"$FULLNAME" -d$HOME/$USERNAME -e$EXPIRE \ -f$INACTIVE -g$GROUP -m -k$SKEL -s$SHELL $USERNAME ## # password¿¡ ´ëÇÑ ±âº» ¼³Á¤Ä¡¸¦ Á¤ÇÑ´Ù. ## /bin/passwd -n $PASSMIN -w $PASSWARN $USERNAME >/dev/null 2>&1 ## # passwd¸¦ ½ÇÇà½ÃÄÑ password¸¦ ÀԷ¹޴´Ù. ## /bin/passwd $USERNAME ## # °á°ú¸¦ º¸¿©ÁÜ. ## echo "" echo "Entry from /etc/passwd:" echo -n " " grep "$USERNAME:" /etc/passwd echo "Entry from /etc/shadow:" echo -n " " grep "$USERNAME:" /etc/shadow echo "Summary output of the passwd command:" echo -n " " passwd -S $USERNAME echo "" »õ·Î¿î »ç¿ëÀÚ¸¦ Ãß°¡ÇÏ´Â µ¥ script¸¦ ¾²´Â °ÍÀº /etc/passwd¿Í /etc/shadow¸¦ Á÷Á¢ ÆíÁýÇÏ´Â °Å³ª SlackwareÀÇ adduser¸¦ ¾²´Â °Íº¸´Ù ÈÎ ³´´Ù. ´ç½ÅÀÇ Æ¯º°ÇÑ system¿¡ ¾Ë¸Â·Î·Ï ÀÚÀ¯·Ó°Ô °íÄ¡±â ¹Ù¶õ´Ù. useradd¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ Á¤º¸´Â manual page¸¦ º¸½Ã±æ... usermod usermod´Â »ç¿ëÀÚ¿¡ ´ëÇÑ Á¤º¸¸¦ °íÄ£´Ù. optionÀº useradd¿Í ºñ½ÁÇÏ´Ù. ¾ÕÀÇ fredÀÇ shellÀ» ¹Ù²Ù°í ½ÍÀ¸¸é, ´ÙÀ½°ú °°ÀÌ ÀÔ·ÂÇÑ´Ù: usermod -s /bin/tcsh fred ÀÌÁ¦ fredÀÇ /etc/passwd file¿¡ ÀÖ´Â ³»¿ëÀº ´ÙÀ½Ã³·³ ¹Ù²î¾î ÀÖ´Ù: fred:*:505:100:Fred Flintstone:/home/fred:/bin/tcsh À̹ø¿¡´Â fredÀÇ °èÁ¤ÀÌ 97³â 9¿ù 15ÀϱîÁö¸¸ ¾²µµ·Ï ÇÏÀÚ: usermod -e 09/15/97 fred ±×·¯¸é fredÀÇ /etc/shadow file¿¡ ÀÖ´Â ³»¿ëÀº: fred:J0C.WDR1amIt6:9559:0:60:0:0:10119:0 usermod¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ Á¤º¸´Â manual page¸¦... userdel userdel´Â Á¤È®È÷ ´ç½ÅÀÌ ¿øÇÑ °Í - »ç¿ëÀÚ °èÁ¤ Á×À̱â - ¸¦ ÇØÄ¡¿î´Ù. userdel -r username ¶ó°í Ä¡¸é µÈ´Ù. -rÀº »ç¿ëÀÚÀÇ home directory¿¡ ÀÖ´Â ¸ðµç fileµé°ú ÇÔ²² directory ÀÚü¸¦ Áö¿î´Ù. ´Ù¸¥ °÷¿¡ ÀÖ´Â fileµéÀº ÀÏÀÏÀÌ Ã£¾Æ¼­ Áö¿ö¾ß ÇÑ´Ù. »èÁ¦º¸´Ù °èÁ¤À» ¾²Áö ¸øÇÏ°Ô ÇÒ °Å¶ó¸é, passwd ¸í·ÉÀ» ¾²±â ¹Ù¶õ´Ù. 4.3.7.2 passwd ¸í·É°ú passwd ¼ö¸í Á¤Çϱâ. passwd´Â ¸» ±×´ë·Î password¸¦ ¹Ù²Ù´Â µ¥ »ç¿ëµÈ´Ù. ´õ¿ì±â, root´Â ´ÙÀ½°ú °°Àº ÀÏÀ» ÇÒ ¼ö ÀÖ´Ù: °èÁ¤ Àá±Ý(lock)°ú Ç®¸²(unlock)(-l¿Í -u) password À¯È¿±â°£(-x) password¸¦ ´Ù½Ã ¹Ù²Ù±â À§ÇØ ±â´Ù·Á¾ß ÇÏ´Â ±â°£(-n) password À¯È¿±â°£ ¸¸·áÀÓÀ» ¾Ë¸®´Â °æ°í´Â ¸îÀÏÀü¿¡ ÇÒ °ÍÀΰ¡(-w) password À¯È¿±â°£ÀÌ Áö³­ µÚ °èÁ¤À» Àá±×±â(lock)Çϱâ±îÁöÀÇ ±â°£(-i) °èÁ¤¿¡ ´ëÇÑ Á¤º¸¸¦ ´õ ÀÚ¼¼È÷ º¸´Â °ÍÀ» Çã¿ëÇÔ(-S) ´Ù½Ã fredÀÇ ¿¹·Î µ¹¾Æ°¡¸é passwd -S fred fred P 03/04/96 0 60 0 0 ÀÌ°ÍÀº fredÀÇ password°¡ À¯È¿ÇÏ°í, 96³â 3¿ù 4ÀÏ¿¡ ¸¶Áö¸·À¸·Î ¹Ù²Ù¾ú°í, ¾ðÁ¦µçÁö ¹Ù²Ü ¼ö ÀÖ´Ù. ±×¸®°í, 60Àϵ¿¾È password¸¦ ¹Ù²ÙÁö ¾ÊÀ¸¸é ±×ÈÄ¿¡´Â ¸ø¾²°í, ±× ÀÌÀü¿¡ fred´Â ¾Æ¹«·± °æ°í¸¦ ¹ÞÁö ¾ÊÀ» °ÍÀ̸ç, password¸¦ ¸ø¾²´õ¶óµµ °èÁ¤Àº À¯È¿ÇÏ´Ù. Áï, fredÀÇ password°¡ ¹«È¿°¡ µÈ µÚ µé¾î¿À¸é, »õ·Î¿î password¸¦ ÀçÃ˹ÞÀ» °ÍÀÌ´Ù. fred¿¡°Ô password°¡ Ãë¼ÒµÇ±â 14ÀÏÀü¿¡ °æ°í¸¦ ÇÏ°í, Ãë¼ÒµÈ µÚ 14ÀÏÈÄ ±×ÀÇ °èÁ¤À» µ¿°á½ÃÅ°·Á¸é: passwd -w14 -i14 fred ±×·¯¸é ´ÙÀ½Ã³·³ fred¿¡ ´ëÇÑ ³»¿ëÀÌ ¹Ù²ï´Ù: fred P 03/04/96 0 60 14 14 passwd¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ Á¤º¸´Â manual page¿¡... 4.3.6.3 The login.defs file. /etc/login fileÀº login program, ÀüüÀûÀ¸·Î Shadow Suite¿¡ ´ëÇÑ ¼³Á¤À» ´ã°í ÀÖ´Ù. /etc/loginÀº prompt°¡ ¾î¶² ¸ð½ÀÀ» ÇÏ°í ÀÖ´Â °¡ºÎÅÍ »ç¿ëÀÚ°¡ password¸¦ ¹Ù²Ù¸é ±âº» À¯È¿±â°£Àº ¾î¶»°Ô µÉ °ÍÀΰ¡¿¡ ´ëÇÑ ¼³Á¤±îÁö ´ã°í ÀÖ´Ù. /etc/login.defs fileÀº ³»ºÎ¿¡ ÀÖ´Â ¼ö¸¹Àº commentµé·Î Àß ¹®¼­È­µÇ¾î ÀÖ´Ù. ÀÖ´Â °ÍÀ» °£´ÜÈ÷ ¼³¸íÇϸé: ¹ß»ýÇÏ´Â logÀÇ ¾ç(?)À» °áÁ¤ÇÏ´Â on/off¹æ½ÄÀÇ flagµé. ´Ù¸¥ ¼³Á¤ fileÀ» °¡¸®Å°´Â pointerµé. password À¯È¿±â°£ ¼³Á¤°°Àº ±âº» ¼³Á¤Ä¡µé. À§¿¡¼­ º¸µí ÀÌ ³ðÀº »ó´çÈ÷ Áß¿äÇÑ fileÀÌ´Ù. µû¶ó¼­, Áö±Ý ÀÖ´ÂÁö È®ÀÎÇÏ°í, system°ú ´ç½Å ÃëÇâ¿¡ ¸Â´Â Áö Á¡°ËÇÒ °Í. 4.3.7.4 Group passwords. /etc/groups fileÀº »ç¿ëÀÚ°¡ ƯÁ¤ groupÀÇ È¸¿øÀÌ µÉ ¼ö ÀÖµµ·Ï Çã¿ëÇÏ´Â password¸¦ ´ã°í ÀÖ´Ù. ÀÌ ±â´ÉÀº /usr/src/shadow-YYMMDD/config.hÀÇ SHADOWGRP »ó¼ö¸¦ Á¤ÀÇÇÒ °æ¿ì ÀÛµ¿µÈ´Ù. ¸¸ÀÏ ÀÌ ±â´ÉÀ» ¾´´Ù¸é, /etc/gshadow fileÀ» ¸¸µé¾î, group password¿Í group °ü¸®ÀÚ¿¡ ´ëÇÑ Á¤º¸¸¦ ´ãÀ» ¼ö ÀÖµµ·Ï Ç϶ó. /etc/shadow¸¦ ¸¸µé ¶§, ´ç½ÅÀº pwconv¸¦ ½èÁö¸¸, /etc/gshadow¸¦ ¸¸µå´Â µ¥¿¡´Â ±×·± programÀÌ ¾ø´Ù. ÇÏÁö¸¸ °ÆÁ¤¸»¶ó. ¾Ë¾Æ¼­ Çϴϱî. óÀ½ /etc/gshadow¸¦ ¸¸µé±â À§Çؼ­ ´ÙÀ½Ã³·³ Çضó: touch /etc/gshadow chown root.root /etc/gshadow chmod 700 /etc/gshadow ´ç½ÅÀÌ »õ·Î¿î groupÀ» ¸¸µç´Ù¸é, ÀÚµ¿ÀûÀ¸·Î /etc/group¿Í /etc/gshadow file¿¡ ±×µéÀÌ µ¡ºÙ¿©Áø´Ù. group¿¡ »ç¿ëÀÚ¸¦ Ãß°¡Çϰųª »èÁ¦, ¶Ç´Â group password¸¦ ¹Ù²Ù¸é, /etc/gshadow fileÀº µû¶ó¼­ ¹Ù²ð °ÍÀÌ´Ù. groups, groupadd, groupmod, groupdel programÀÌ groupÀ» °íÄ¡´Â µµ±¸·Î½á Shadow Suite¿¡ Æ÷ÇÔµÇ¾î °ø±ÞµÈ´Ù. /etc/group fileÀÇ Çü½ÄÀº ´ÙÀ½°ú °°´Ù: groupname:!:GID:member,member,... °¢ ¿ä¼Ò´Â: groupname group À̸§ ! ÀÌ field´Â password¶õÀÌÁö¸¸ /etc/gshadow file·Î ¿Å°ÜÁ³´Ù. GID group ID number member group memberÀÇ list ÀÌ´Ù. /etc/gshadow file ÀÇ Çü½ÄÀº ´ÙÀ½°ú °°´Ù: groupname:password:admin,admin,...:member,member,... °¢ ¿ä¼Ò´Â: groupname group À̸§ password encodeµÈ group password. admin group °ü¸®ÀÚ list member group member list ÀÌ´Ù. gpasswd ¸í·ÉÀº groupÀÇ »ç¿ëÀÚ³ª °ü¸®ÀÚ¸¦ Ãß°¡, ¶Ç´Â »èÁ¦ÇÒ ¶§ ¾´´Ù. root¶Ç´Â °ü¸®ÀÚ¸¸ÀÌ group member¸¦ Ãß°¡, »èÁ¦ÇÒ ¼ö ÀÖ´Ù. group password´Â root³ª group °ü¸®ÀÚ¿¡ ÀÇÇØ passwd ¸í·ÉÀ¸·Î ¹Ù²Ü ¼ö ÀÖ´Ù. gpasswd¿¡ ´ëÇÑ manual page°¡ ÇöÀç Á¦°øµÇ¾î ÀÖÁö ¾ÊÁö¸¸, ¾Æ¹«·± parameter¾øÀÌ gpasswd¸¦ Ä¡¸é option¿¡ ´ëÇÑ list°¡ ³ª¿À¹Ç·Î, file format°ú °³³ä¸¸ Àß ÀÌÇØÇϸé»ç¿ë¹ýÀ» ½±°Ô ÀÍÈú ¼ö ÀÖ´Ù. 4.3.7.5 ÀÏ°ü¼º Á¡°Ë programµé pwck pwck programÀº /etc/passwd¿Í /etc/shadow file°£¿¡ Ʋ¸° Á¡ÀÌ ¾ø´Â Áö Á¡°ËÇÑ´Ù. ÀÌ °ÍÀº °¢°¢ »ç¿ëÀÚ¿¡ ´ëÇØ ´ÙÀ½°ú °°Àº »çÇ×À» Á¡°ËÇÑ´Ù: fieldÀÇ °¹¼ö´Â ¸Â´Â°¡ »ç¿ëÀÚ À̸§Àº À¯ÀÏÇÑ°¡ »ç¿ëÀÚ¿Í group id ±âº» group home directory login shell ¶ÇÇÑ, password°¡ ¾ø´Â °èÁ¤¿¡ ´ëÇØ °æ°í¸¦ ÁØ´Ù. Shadow SuiteÀ» ±ñ µÚ, pwck¸¦ ½ÇÇà½ÃÅ°´Â °ÍÀº ÁÁÀº »ý°¢ÀÌ´Ù. ÁÖ³ª ¿ù´ÜÀ§µî ÁÖ±âÀûÀ¸·Î ½ÇÇà½ÃÅ°±â¸¦ ±ÇÇÑ´Ù. -r optionÀ» ¾´´Ù¸é, cronÀ¸·Î ÇÏ¿©±Ý Á¤±âÀûÀ¸·Î ½ÇÇàÇÏ°í °á°ú¸¦ º¸°íÇϵµ·Ï ÇÒ ¼ö ÀÖ´Ù. grpck grpck programÀº /etc/group¿Í /etc/gshadow file°£¿¡ Ʋ¸° Á¡ÀÌ ¾ø´Â Áö Á¡°ËÇÑ´Ù. ÀÌ°ÍÀº ´ÙÀ½°ú °°Àº »çÇ×À» Á¡°ËÇÑ´Ù: fieldÀÇ °¹¼ö´Â ¸Â´Â°¡ »ç¿ëÀÚ À̸§Àº À¯ÀÏÇÑ°¡ »ç¿ëÀÚ¿Í °ü¸®ÀÚÀÇ list°¡ ¸Â´Â°¡ ÀÚµ¿ º¸°í¼­¸¦ À§ÇØ -r optionÀÌ ÀÖ´Ù. 4.3.7.6 Dial-up passwords. Dial-up password´Â ÀüÈ­Á¢¼ÓÀ» Çã¿ëÇÏ´Â system¿¡°Ô´Â ¶Ç ÇϳªÀÇ ¹æ¾î¼±ÀÌ´Ù. ´ç½ÅÀº Á÷Á¢À̵ç network¸¦ ÅëÇؼ­°Ç ¸¹Àº »ç¶÷µéÀÌ system¿¡ Á¢¼ÓÇÏ°Ô ÇÒ ¼ö ÀÖÁö¸¸, ÀüÈ­Á¢¼ÓÀ» ÇÒ ¼ö ÀÖ´Â »ç¶÷À» Á¦ÇÑÇÏ°í ½Í´Ù¸é, dial-up password´Â ÁÁÀº ÇØ°áÃ¥ÀÌ´Ù. dial-up password¸¦ ¾²°í ½Í´Ù¸é, /etc/login.defsÀÇ DIALUPS_CHECK_ENAB¸¦ yes·Î ¹Ù²Ù¸é µÈ´Ù. µÎ fileÀÌ ÀüÈ­Á¢¼Ó¿¡ ´ëÇÑ Á¤º¸¸¦ ´ã°í ÀÖ´Ù. /etc/dialups´Â ttys¿¡ ´ëÇÑ ³»¿ëÀÌ´Ù ("/dev/"´Â Á¦°ÅµÈ ä·Î line´ç Çϳª¾¿). tty°¡ list¿¡ ¿Ã¶ó¿ÍÀÖ´Ù¸é dial-up °Ë»ç°¡ ¼öÇàµÈ´Ù(?). µÎ¹ø°´Â /etc/d_passwdÀÌ´Ù. ÀÌ file¿¡´Â password¿Í shellÀÇ ¿ÏÀüÇÑ pathnameÀÌ µé¾î ÀÖ´Ù. tty¸¦ ÅëÇؼ­ logÇÏ´Â »ç¿ëÀÚ°¡ /etc/dialups¿¡, ±×ÀÇ shellÀÌ /etc/d_passwd¿¡ ÀÖ´Ù¸é, ±×´Â Á¦´ë·Î password¸¸ ÀÔ·ÂÇÏ¸é µÈ´Ù. dial-up passwordÀÇ ¶Ç ´Ù¸¥ ÀÌ¿ë¹ý´Â ÇÑ line¿¡ ¾î¶² Á¢¼Ó À¯Çü(´ë°³ PPP³ª UUCP Á¢¼Ó)À» Çã¿ëÇÒ °ÍÀΰ¡¸¦ Á¤ÇÏ´Â °ÍÀÌ´Ù. »ç¿ëÀÚ°¡ ´Ù¸¥ À¯ÇüÀÇ Á¢¼Ó(ƯÈ÷, ÀÏ·ÃÀÇ shell·Î½á)À» ½ÃµµÇÏ°íÀÚ ÇÑ´Ù¸é, lineÀ» »ç¿ëÇÒ ¼ö ÀÖ´Â password¸¦ ¾Ë°í ÀÖ¾î¾ß ÇÑ´Ù. dial-up ±â´ÉÀ» »ç¿ëÇϱâ Àü¿¡, fileµéÀ» ¸¸µé¾î¾ß ÇÑ´Ù. dpasswd ¸í·ÉÀº password¿Í /etc/d_passwd¿¡ ÀÖ´Â shellÀ» ¿¬°áÇØÁØ´Ù. ÀÚ¼¼ÇÑ Á¤º¸´Â manual page¿¡... 4.4 ¸®´ª½º¿¡¼­ÀÇ ¹æÈ­º® ¸®´ª½º ÀÎÅͳÝ/ÀÎÆ®¶ó³Ý ¼­¹ö È°¿ë ºÐ¾ß¿¡ ÀÖ¾î ¸®´ª½º Ä¿³Î°ú °£´ÜÇÑ °ü¸® µµ±¸ Çϳª¸¸À¸·Îµµ ¾ÆÁÖ ÈǸ¢ÇÑ ¹æÈ­º® ±â´ÉÀ» Çس¾ ¼ö ÀÖ´Ù´Â »ç½Ç¿¡ ¸¹Àº »ç¶÷µéÀÌ ³î¶ó¿öÇÏ°í ÀÖ´Ù. ¾ÆÁ÷Àº ½ÇÇèÀûÀÎ ¼öÁØÀÇ ÄÚµå¶ó°í ÇÏÁö¸¸ ¸®´ª½º¿¡¼­ ½ÇÇèÀûÀÌÁö ¾ÊÀº °ÍÀÌ ¾ó¸¶³ª ÀÖ¾ú´ø°¡? ±×¸®°í ¸®´ª½º¿¡¼­ ¸»ÇÏ´Â ½ÇÇèÀû ÄÚµå´Â ¿©·¯ºÐÀÌ ÀÌ¹Ì ¾Ë°í ÀÖ´Â »ó¿ë ¼ÒÇÁÆ®¿þ¾îÀÇ º£Å¸ ¹öÀü°ú´Â ¼º°ÝÀÌ ´Ù¸£´Ù. ¶ÇÇÑ ½ÇÇèÀû ÄÚµå¶ó ÇÒÁö¶óµµ ¿©·¯ºÐÀÇ ½ÇÁ¦ Æò°¡¿¡ µû¶ó ¾µ¸¸ÇÑ °ÍÀ¸·Î ÆǸíµÇ¸é ÁÁÀº ÀÏÀÌ°í ¸¸¾à ±×·¸Áö ¸øÇÏ´Ù¸é äÅÃÇÏÁö ¾ÊÀ¸¸é ±×¸¸ÀÌ´Ù. 4.4.1 Áغñ »çÇ× 1. Ä¿³Î ÄÄÆÄÀÏÀ» ÇØ¾ß ÇϹǷΠĿ³Î ¼Ò½º°¡ ÇʼöÀûÀÌ´Ù. °¢ ¹èÆ÷ÆÇ¿¡´Â Ä¿³Î ¼Ò½º°¡ ±âº»ÀûÀ¸·Î Æ÷ÇԵǾî ÀÖ´Ù(Ä¿³Î ¹öÀü 2.0.0 ÀÌ»ó). 2. ipfwadm À̶ó´Â ³×Æ®¿öÅ© °ü¸® µµ±¸°¡ ÀÖ¾î¾ß ÇÑ´Ù. ÃֽŠ¹èÆ÷ÆÇ¿¡´Â ¸ðµÎ Æ÷ÇԵǾî ÀÖ´Ù. ¸¸¾à ¿©·¯ºÐÀÇ ¹èÆ÷ÆÇ¿¡¼­ ãÀ» ¼ö ¾ø´Ù¸é ¿¡ °¡¼­ ipfwadm -2.3.0. tar.gz ÆÄÀÏÀ» ¹Þ¾Æ¿Í¼­ °£´ÜÈ÷ make ±×¸®°í make install °úÁ¤¸¸À¸·Î ½±°Ô ¼³Ä¡ÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù. 4.4.2 ¸®´ª½º ³×Æ®¿öÅ· ÄÚµå·Î ÇÒ ¼ö ÀÖ´Â ÀÏÀº? ¿ì¼± IP ¹æÈ­º®À» ±¸ÃàÇÒ ¼ö ÀÖ´Ù. IP ¹æÈ­º®À̶ó ÇÔÀº ¿©·¯ºÐÀÌ Á¤ÇÏ´Â ±ÔÄ¢(¾î¶² È£½ºÆ® ¶Ç´Â ³×Æ®¿öÅ©·ÎºÎÅÍ ¿À´Â ¶Ç´Â °¡´Â ÆÐŶÀ» Â÷´ÜÇÒ °ÍÀΰ¡? ¾î¶² ¼­ºñ½º¿¡ °üÇÑ ÆÐŶÀ» Â÷´ÜÇÒ °ÍÀΰ¡?)¿¡ µû¶ó ÆÐŶÀ» Çã°¡Çϰųª °ÅºÎÇÒ ¼ö ÀÖ´Â ±â´ÉÀÌ´Ù. ÀÌ·¸°Ô ¾Æ¿¹ ÆÐŶ ¼öÁØ¿¡¼­ºÎÅÍ Â÷´ÜÇÔÀ¸·Î½á ±âÁ¸ÀÇ °¢ ¼­¹ö ¼ÒÇÁÆ®¿þ¾î ÀÚüÀÇ º¸¾È ±â´Éº¸´Ù ÈξÀ ³ôÀº ¼öÁØÀÇ º¸¾È ´ëÃ¥ÀÌ ¸¶·ÃµÉ ¼ö ÀÖ°Ô µÇ¾ú´Ù. ÀÌ¹Ì Ä¿´Ù¶õ ¾÷üµé¿¡¼­´Â ¸ðµÎ ¹æÈ­º® Çϵå¿þ¾î³ª ¼ÒÇÁÆ®¿þ¾î¸¦ »ç¿ëÇÏ°í ÀÖ´Ù.¸®´ª½º´Â ÀÌ ¹æÈ­º® ±â´ÉÀ» Ä¿³Î ³×Æ®¿öÅ· ¼öÁØ¿¡¼­ ó¸®ÇÏ°í ÀÖ´Ù. ÀÌ´Â ¿©·¯ºÐÀÌ °í°¡ÀÇ ¶ó¿ìÅÍ Àåºñ³ª ¹æÈ­º® Àü¹® ¼ÒÇÁÆ®¿þ¾î¸¦ ±¸ÀÔÇÏÁö ¾Ê°í ´Ü¼øÈ÷ ¸®´ª½º¸¦ ¼³Ä¡ÇÏ´Â °Í Çϳª¸¸À¸·Îµµ °ÔÀÌÆ®¿þÀÌ, ¶ó¿ìÅÍ ¿ªÇÒÀÇ Çس¾ ¼ö ÀÖ°Ô µÇ¾ú´Ù´Â °ÍÀ» ÀǹÌÇÑ´Ù. µ· ¸¹Àº ȸ»çµéÀº ÀÏ´Ü Á¦Ä¡°í¶óµµ Çб³³ª ºñ¿µ¸® »çȸ´ÜüµéÀº ÃæºÐÈ÷ ¸®´ª½ºÀÇ ÀÌ ±â´ÉÀ¸·ÎºÎÅÍ ÇýÅÃÀ» ¹ÞÀ» Áغñ°¡ µÇ¾î ÀÖ´Ù°í ÇÒ ¼ö ÀÖ´Ù. »óȲÀº ÀϹÝÀûÀ¸·Î ´ÙÀ½°ú °°´Ù. ÇϳªÀÇ À̼­³×Æ® ¶Ç´Â ±âŸ ¹æ½ÄÀÇ ÀÎÆ®¶ó³ÝÀÌ ±¸ÃàµÇ¾î ÀÖ´Â »óÅÂÀÌ´Ù. ±×¸®°í ±× ÀÎÆ®¶ó³Ý°ú ÀÎÅͳÝÀÇ Á¢ÃË ÁöÁ¡¿¡ ¸®´ª½º¸¦ žÀçÇÑ °ÔÀÌÆ®¿þÀÌ ¸Ó½ÅÀÌ ³õ¿© ÀÖ´Ù. ÀÎÆ®¶ó³ÝÀÌ ÀÎÅͳݰú ¿¬°áÇϸ鼭 Á¦ÀÏ Áß¿äÇÑ ¸éÀÌ ¹Ù·Î ÀÎÅͳÝÀÇ ÀÚ¿øÀ» dzºÎÈ÷ È°¿ëÇϸ鼭µµ ÀÎÆ®¶ó³ÝÀÇ Á¤º¸°¡ ¿ÜºÎ·Î À¯ÃâµÇÁö ¾Ê°í ÀÎÅͳÝÀÇ ÀáÀçÀûÀÎ °ø°Ý¿¡ ´ëÇÑ ºÒ¾ÈÀ» ÇؼÒÇÏ´Â °ÍÀÌ´Ù. ¹Ù·Î ¸®´ª½º°¡ ÀÎÅͳݰú ÀÎÆ®¶ó³ÝÀÇ Áß°£¿¡ ³õ¿© ÆÐŶ ÇÊÅ͸µ(Filtering) ÀÛ¾÷À» Çس¿À¸·Î½á ¹®Á¦¸¦ ÇØ°áÇÏ°Ô µÉ °ÍÀÌ´Ù. ±× ´ÙÀ½ ÇÒ ¼ö ÀÖ´Â ÀϷδ IP ±³Åë·®¿¡ ´ëÇÑ ºÐ¼®(IP Acco unting) ±×¸®°í ÇϳªÀÇ °ø½ÄÀûÀÎ ÀÎÅÍ³Ý IP¸¦ ÀÎÆ®¶ó³ÝÀÇ ¿©·¯ ÄÄÇ»Å͵éÀÌ °øÀ¯ÇÏ¿© »ç¿ëÇÒ ¼ö ÀÖµµ·Ï ÇÏ´Â IP ¸Å½ºÄ¿·¹µù(IP Masquerading) ±â´ÉÀ» µé ¼ö ÀÖ´Ù. IP ºÐ¼® ±â´ÉÀ» °°ÀÌ È°¿ëÇÏ¸é °ü¸®ÀÚÀÇ ÀÔÀå¿¡¼­ ¾ê±âÄ¡ ¾ÊÀº ¹æÈ­º® º¸¾È ±¸¸ÛÀ» ¹ß°ßÇÏ´Â °ÍÀÌ °¡´ÉÇÏ´Ù. IP ¹æÈ­º®(IP Firewall) ¿ì¼± Ä¿³Î ÄÄÆÄÀÏÀ» ÇØ¾ß ÇÒ ÇÊ¿ä°¡ ÀÖÀ»Áö ¸ð¸¥´Ù. Networking options ---> [*] Network firewalls .... [*] IP: forwarding/gatewaying .... [*] IP: firewalling [ ] IP: firewall packet logging À§¿¡¼­ ³ªÅ¸³½ ¿É¼ÇÀÌ Ä¿³Î ±â´É¿¡ µé¾î ÀÖ¾î¾ß¸¸ °¡´ÉÇÏ´Ù. ¸¸¾à ¾ÕÀ¸·Î ¼öÇàÇÏ´Â ¸í·ÉÀÌ Á¦´ë·Î ½ÇÇàµÇÁö ¾ÊÀ» ¶§´Â Ä¿³Î ÄÄÆÄÀÏ °úÁ¤À» ÀçÂ÷ È®ÀÎÇغ¸±â ¹Ù¶õ´Ù. ³ëÆĽÉÀÌÁö¸¸ Á¤¸»·Î ¸¹Àº »ç¶÷µéÀÌ Ä¿³ÎÀ» ÄÄÆÄÀÏÇصΰí Á¦ À§Ä¡¿¡ Ä¿³ÎÀ» º¹»çÇÏ°í lilo¸¦ ´Ù½Ã ½ÇÇà½ÃÅ°Áö ¾Ê´Â °æ¿ì°¡ Çã´ÙÇÏ´Ù. ·¹µåÇÞ ¹èÆ÷ÆÇÀÇ °æ¿ì lilo.conf°¡ °¡¸®Å°°í ÀÖ´Â Ä¿³ÎÀÇ À§Ä¡´Â / µð·ºÅ͸®°¡ ¾Æ´Ï¶ó /boot µð·ºÅ͸®ÀÌ´Ù. Ä¿³Î ÄÄÆÄÀÏ °úÁ¤Áß make zlilo´Â Ä¿³ÎÀ» /boot À§Ä¡°¡ ¾Æ´Ñ / À§Ä¡¿¡ º¹»çÇÏ°í lilo¸¦ ½ÇÇà½ÃÅ°¹Ç·Î °¢º°È÷ ÁÖÀÇÇ϶ó. 4.4.3 ¹æÈ­º®(Firewall)À̶õ ¹«¾ùÀΰ¡? ¹æÈ­º®À̶ó ÇÔÀº ÀÚµ¿Â÷ ºÐ¾ßÀÇ ¿ë¾î¿´´Ù°í ÇÑ´Ù. ¹æÈ­º®Àº ÀÚµ¿Â÷ ¿£Áø°ú ½Â°´ »çÀÌÀÇ Â÷Æó¸· ¿ªÇÒÀ» ÇØÁÖ´Â ÀåÄ¡¸¦ °¡¸®Å²´Ù. ÀÚµ¿Â÷ ¿£Áø¿¡ ºÒÀÌ ºÙ´Â »óȲÀÌ ¹ú¾îÁ®µµ È­Àç·ÎºÎÅÍ ½Â°´À» º¸È£Çϱâ À§Çؼ­ °í¾ÈµÇ¾ú´Ù. ÀÌ ¿ë¾î°¡ ±×´ë·Î ³×Æ®¿öÅ© ºÐ¾ß·Î ¿Í¼­ ÄÄÇ»ÅÍ ³×Æ®¿öÅ© °ü·ÃÀÇ Àǹ̸¦ °¡Áö°Ô µÇ¾ú´Âµ¥ ¿©±â¼­ÀÇ ¹æÈ­º®À̶õ »çÀûÀÎ ³×Æ®¿öÅ©¸¦ ÀϹÝÀûÀ¸·Î ÀÎÅͳݰú °°Àº °ø°øÀÇ ³×Æ®¿öÅ©·ÎºÎÅÍ º¸È£ÇÏ´Â ÀåÄ¡¸¦ ÅëƲ¾î ¸»ÇÑ´Ù.¾ÕÀ¸·Î ¹æÈ­º® ¿ªÇÒÀ» Çس»´Â ÄÄÇ»Å͸¦ ±×³É °£´ÜÈ÷ ¹æÈ­º®À̶ó°í ºÎ¸¥´Ù. ÀÌ ¹æÈ­º®Àº ¿©·¯ºÐÀÌ º¸È£ÇÏ°íÀÚ ÇÏ´Â ÀÎÆ®¶ó³Ý°ú °°Àº »çÀûÀÎ ³×Æ®¿öÅ©¿Í ÀÎÅÍ³Ý µÑ ´Ù Á¢±ÙÇÒ ¼ö Àִ Ưº°ÇÑ À§Ä¡¿¡ ³õÀÎ ÄÄÇ»ÅÍÀÌ´Ù. °£´ÜÈ÷ ¸»ÇØ ÀÎÆ®¶ó³ÝÀº ÀÎÅͳÝÀ» Á¢±ÙÇÒ ¼ö ¾øÀ¸¸ç ¶ÇÇÑ ÀÎÅͳÝÀº ¿©·¯ºÐÀÇ ÀÎÅͳÝÀ» Á¢±ÙÇÒ ¼ö ¾øµµ·Ï ÇÏ´Â °ÍÀÌ´Ù. ÀÌ·¸°Ô ÀÎÆ®¶ó³Ý°ú ÀÎÅͳÝÀÇ ¿¬°á ºÎºÐ¿¡¼­ ¹æÈ­º®ÀÌ Â÷´ÜÇÏ°í ÀÖÀ¸¹Ç·Î ¸¸¾à ÀÎÆ®¶ó³Ý¿¡ ÀÖ´Â ¾î¶² »ç¶÷ÀÌ ÀÎÅͳÝÀ» »ç¿ëÇÏ°íÀÚ ÇÑ´Ù¸é ¿ì¼±Àº ¹æÈ­º®¿¡ ÅÚ³ÝÀ¸·Î ·Î±×ÀÎÇÑ ÈÄ ±× °÷¿¡¼­ ÀÎÅͳÝÀ» »ç¿ëÇØ¾ß ÇÑ´Ù. º¸Åë °¡Àå °£´ÜÇÑ ÇüÅÂÀÇ ¹æÈ­º®Àº ÀÌÁß ³×Æ®¿öÅ©·Î¼­ ¼­·Î ´Ù¸¥ ³×Æ®¿öÅ© µÎ °³¿¡ ´ëÇÏ¿© °¢°¢ ¿¬°áµÇ¾î ÀÖ´Ù. À̼­³×Æ® Ä«µå¸¦ 2°³ ´Þ°í Àְųª Çϳª´Â À̼­³×Æ®, Çϳª´Â ÀüÈ­¼±À̳ª Àü¿ë¼±À» ÅëÇÑ PPP Á¢¼ÓÀÎ °æ¿ì°¡ ¸¹´Ù. 4.4.4 ¹æÈ­º®ÀÇ ÁÖ¿ä ±â´É ¹æÈ­º®Àº, ÀϹÝÀûÀ¸·ç ³×Æ®À§Å© ¼­ºñ½º º°·Î ÇØ´ç ¼­ºñ½º¸¦ ¿ä±¸ÇÑ È£½ºÆ® IP ÁÖ¼Ò¿Í Æ÷Æ® ¹øÈ£, »ç¿ëÀÚ ÀÎÁõ¿¡ ±â¹ÝÀ» µÎ°í ¿ÜºÎ¿¡¼­ÀÇ Ä§ÀÔÀ¸·ÎºÎÅÍÀÇ ¹æ¾î¸¦ ÇÏ°Ô µÈ´Ù. Çã°¡µÈ ³×Æ®¿öÅ© »ç¿ëÀÚ¿¡°Ô´Â ¿øÇÏ´Â ¼­ºñ½º¸¦ Á¦°øÇϸ鼭 Çã¿ëµÇÁö ¾ÊÀº »ç¿ëÀÚ ¿¡°Ô´Â ¼­ºñ½º¸¦ Â÷´ÜÇÏ°í, ÇØ´ç ¼­ºñ½ºÀÇ Çã¿ë ¶Ç´Â ½ÇÆп¡ ´ëÇÑ ·Î±× ÆÄÀÏÀ» ³²±ä´Ù. 1. ¿ÜºÎ ³×Æ®¿öÅ©¿Í ¿¬°áµÈ À¯ÀÏÇÑ Ã¢±¸ (Gateway) 2. ¼­ºñ½º Á¢¼Ó Çã¿ë ¹× °ÅºÎ 3. »ç¿ëÀÚ ÀÎÁõ Æ÷ÇÔ 4. ³» ¿ÖºÎ »óÈ£ Á¢¼ÓµÈ ³×Æ®À§Å©¿¡ ´ëÇÑ Æ®·¡ÇÈ °¨½Ã, ±â·Ï 4.4.5 Kind of FireWall ÆÐŶ ÇÊÅ͸µ ¹æ½ÄÀº ³×Æ®À§Å©ÀÇ OSI ¸ðµ¨¿¡¼­ ³×Æ®À§Å©Ãþ(IP Protocol)°ú Àü¼ÛÃþ (TCP Protocol)¿¡¼­ ÆÐŶÀ» ÇÊÅ͸µ ÇÏ´Â ±â´ÉÀ» Çϸ鼭, ÆÐű¿¡ ´ëÇÑ °æ·Î ¹èÁ¤À» À§ÇÑ ÀÚü ÇÁ·ÎÅäÄÝÀ» ÇÔ²² »ç¿ëÇÏ´Â ÇüÅÂÀÇ ¹æÈ­º® ½Ã½ºÅÛÀÌ´Ù. ÆÐŶ ÇÊÅ͸µ ¹æ½ÄÀÇ ¹æÈ­º®Àº ½ºÅ©¸®´× ¶ó¿ìÅÍ·Î ±¸¼ºÇÒ¼öµµ ÀÖÀ¸¸ç, º£½ºÃµ È£½ºÆ®¿Í ÆäŶ ÇÊÅ͸µ ¼ÒÇÁÆ®¿þ¾î·Îµµ ±¸¼ºÇÒ ¼ö°¡ ÀÖ´Ù. ¾îÇø®ÄÉÀÌ¼Ç ÇÁ¶ô½Ã ¹æ½ÄÀÇ ¹æÈ­º®Àº, OSI 7 Layer Network Model¿¡¼­ Á¦ 7°èÃþÀÎ ¾îÇø®ÄÉÀÌ¼Ç °èÃþ¿¡ ¹æÈ­º® ±â´ÉÀ» ±¸ÇöÇÏ°Ô µÈ´Ù. ÀÌ·¸°Ô ±¸ÇöµÈ °ÔÀÌÆ® ¿þÀÌ´Â °¢ ¼­ºñ½º º°·Î Proxy µ¥¸óÀÌ Àֱ⠶§¹®¿¡ ÇÁ¶ô½Ã °ÔÀÌÆ® ¿þÀÌ ¶Ç´Â ÀÀ¿ë °ÔÀÌÆ® ¿þÀ̶ó°í ºÎ¸£±âµµ ÇÑ´Ù. ¾îÇø£ÄÉÀÌ¼Ç ÇÁ¶ô½Ã ¹æ½ÄÀÇ °ÔÀÌÆ® ¿þÀÌ´Â °¢ ¼­ºñ½ºº° ÇÁ¶ô½Ã°¡ ¼­ºñ½º ¿ä±¸ÀÚÀÇ IP address and port¸¦ ±â¹ÝÀ¸·Î ³×Æ®¿öÅ© Á¢±Ù Á¦¾î¸¦ ¼öÇàÇϸç, ¾Æ¿ï·¯ »ç¿ëÀÚ ÀÎÁõ ¹× ±âŸ ºÎ°¡ÀûÀÎ ¼­ºñ½º¸¦ Áö¿øÇÒ¼ö ÀÖ´Ù. À§¿¡¼­ ¾Ë¾Æº» ¾îÇø®ÄÉÀÌ¼Ç ÇÁ¶ô½Ã ¹æ½ÄÀÇ ¹æÈ­º®¿¡¼­´Â, °¢ ¼­ºñ½º ¸¶´Ù ÇÁ¶ô½Ã°¡ Á¸Àç ÇÏÁö¸¸, ¼­Å¶ °ÔÀÌÆ® ¿þÀÌ ¹æ½ÄÀÇ ¹æÈ­º®¿¡¼­´Â OSI 7 Layer Network Model¿¡¼­ 4°èÃþ°ú 5°èÃþ ¿¡ ÇØ´çµÇ´Â ºÎºÐ¿¡ TCP Proxy ¿Í UDP Porxy°¡ Á¸Àç ÇÏ°Ô µÈ´Ù. 4.4.6 IP ÆÐŶ ÇÊÅ͸µ ¹æÈ­º® ¹æÈ­º®À» ±¸ÃàÇϴµ¥´Â Å©°Ô 2 °¡Áö ¹æ¹ýÀÌ ÀÖ´Ù°í ÇÑ´Ù. Çϳª´Â Áö±ÝºÎÅÍ ¼³¸íÇÏ°íÀÚ ÇÏ´Â ÆÐŶ ÇÊÅ͸µ ¹æÈ­º®(IP Packet Filtering Firewall)ÀÌ°í ³ª¸ÓÁö Çϳª´Â ÇÁ·Ï½Ã(Proxy, ´ë¸®ÀÎ) ¼­¹ö ¹æ¹ýÀÌ ÀÖ´Ù. ÆÐŶ ÇÊÅ͸µÀ̶ó´Â ¸»ÀÌ ÀǹÌÇϵí ÀÌ·± ÇüÅÂÀÇ ¹æÈ­º®Àº ÆÐŶÀ» ¿©·¯ºÐÀÌ Á¤Çϴ ƯÁ¤ ±ÔÄ¢¿¡ µû¶ó °É·¯³»´Â ¹æ½ÄÀÌ´Ù. ¾î¶² ÆÐŶÀº ±×³É °ÅºÎÇعö¸± ¼ö ÀÖ°í ¾î¶² ÆÐŶ¿¡ ´ëÇؼ­´Â Çã°¡ÇÒ ¼ö ÀÖ´Ù. ¿©±â¼­ Áß¿äÇÑ °ÍÀº ¹Ù·Î ±× ¾î¶² ÆÐŶÀ̶ó´Â ±âÁØÀÌ ¾î¶»°Ô ¼º¸³µÇ´Â°¡ÇÏ´Â °ÍÀÌ´Ù. ÆÐŶ ³»ºÎ¿¡´Â ÆÐŶÀ» º¸³½ ¹ß½ÅÁöÀÇ ÁÖ¼Ò, ÆÐŶÀÌ µµÂøÇÏ°íÀÚ ÇÏ´Â ¸ñÀûÁö ÁÖ¼Ò, ÆÐŶÀÌ µµÂøÇÏ°íÀÚ ÇÏ´Â ¸ñÀûÁöÀÇ Æ÷Æ®(Port) ±×¸®°í TCP/UDP µîÀÇ ÆÐŶ ÇüÅ µî¿¡ ´ëÇÑ Á¤º¸°¡ ±âÀԵǾî ÀÖ´Ù. IP ÆÐŶ ÇÊÅ͸µ ¹æÈ­º®Àº ¹Ù·Î ÆÐŶÀÇ ³»ºÎ¸¦ Á¶»çÇÑ´Ù. 4.4.7 IP ÆÐŶ ÇÊÅ͸µ ±ÔÄ¢ ¡Ü ¹ß½ÅÁö/¸ñÀûÁö ÁÖ¼Ò ±× ÆÐŶÀÌ ¾îµð·ÎºÎÅÍ ¿À´ÂÁö ±×¸®°í ¾î´À °÷À¸·Î °¡·Á ÇÏ´ÂÁö Á¡°ËÇÏ¿© °áÁ¤ÇÑ´Ù. ¸î¸î Áö¿ª¿¡ Áö»ç¸¦ µÎ°í Àִ ȸ»ç°¡ ÀÖ´Ù°í ÇÏÀÚ. °¢ Áö¿ª¿¡´Â ÀÎÆ®¶ó³ÝÀÌ ±¸ÃàµÇ¾î ÀÖ°í ±× ÀÎÆ®¶ó³ÝÀº ÀÎÅͳÝÀ» ÅëÇØ ¿¬°áµÇ¾î ÀÖ´Ù. °¢ ÀÎÆ®¶ó³ÝÀº ÀÎÅͳÝÀÇ ¿¬°á ÁöÁ¡¿¡ ¸®´ª½º ¹æÈ­º®À» ¼³Ä¡ÇÏ°í °¢°¢ÀÇ ÀÎÆ®¶ó³Ý ÁÖ¼Ò¸¸ Çã¿ëÇϵµ·Ï ¼³Á¤ÇÏ°í ³ª¸ÓÁö ÁÖ¼Ò¿¡¼­ ¿À´Â ÆÐŶÀº °ÅºÎÇعö¸°´Ù. ¡Ü ÇÁ·ÎÅäÄÝÀÇ Á¾·ù : TCP, UDP, ICMP ¡Ü IP ¿É¼Ç IP ÆÐŶ¿¡ ¸î °¡Áö »çÀûÀÎ ³×Æ®¿öÅ©¿¡°Ô´Â À§ÇèÇÑ ¿É¼ÇµéÀÌ ÀÖ´Ù. ±× Áß Çϳª´Â ¼Ò½º ¶ó¿ìÆ®(source route) ¿É¼ÇÀε¥ ÀÌ ÆÐŶÀÌ ¿©·¯ºÐÀÇ ³×Æ®¿öÅ©¿¡ µ¹¾Æ´Ù´Ï¸é ¿ÜºÎ¿¡¼­ ¿©·¯ºÐÀÇ ³×Æ®¿öÅ©°¡ ¾î¶»°Ô ±¸ÃàµÇ¾î ÀÖ´ÂÁö ÆľÇÇÒ ¼ö Àֱ⠶§¹®ÀÌ´Ù. ÀϹÝÀûÀ¸·Î ÀÌ·± ÆÐŶÀº °ÅºÎÇØ¾ß ÇÑ´Ù. ¿ÜºÎ¿¡¼­ ¿©·¯ºÐÀÇ ³×Æ®¿öÅ© ±¸¼ºÀ» ¾Ë ÇÊ¿ä°¡ ¾øÁö ¾ÊÀº°¡? ¡Ü ¹ß½ÅÁö/¸ñÀûÁö Æ÷Æ® ¹øÈ£ TCP/UDP Çì´õ ºÎºÐ¿¡´Â Æ÷Æ® ¹øÈ£°¡ ±âÀԵǾî ÀÖ´Ù. TCP/IP ³×Æ®¿öÅ©¿¡¼­´Â ¹Ù·Î Æ÷Æ® ¹øÈ£¸¦ °¡Áö°í ¼­ºñ½º¸¦ ±¸ºÐÇÑ´Ù. ¾î¶² È£½ºÆ®¿¡ µµÂøÇÑ °°Àº ÆÐŶÀ̶ó ÇÒ Áö¶óµµ 23¹ø Æ÷Æ®¸¦ ÇâÇØ ´Þ·Á¿Â ÆÐŶÀº ÅÚ³Ý ¼­ºñ½º¿¡ °ü°èµÈ ÆÐŶÀ̸ç 25¹ø Æ÷Æ®´Â ¸ÞÀÏ ¼­ºñ½º¿¡ °ü·ÃµÈ °ÍÀÌ´Ù. ¿©·¯ºÐÀÌ Àß ¾Ë°í ÀÖ´Â À¥ ¼­ºñ½º´Â ÀϹÝÀûÀ¸·Î 80¹ø Æ÷Æ®¸¦ »ç¿ëÇÑ´Ù. ƯÁ¤ Æ÷Æ® ¹øÈ£°¡ ±âÀÔµÈ ÆÐŶÀ» ÇÊÅ͸µÇÔÀ¸·Î½á ¿©·¯ºÐÀº ¾ÆÁÖ ½±°Ô ¼­ºñ½º Á¦ÇÑÀ» ÇÒ ¼ö ÀÖ´Ù. °¨ÀÌ Àß ¿ÀÁö ¾ÊÀ¸¸é /etc/services ÆÄÀÏÀ» °õ°õÀÌ »ìÆ캸±â ¹Ù¶õ´Ù. °¢ ¼­ºñ½º¿¡ °üÇÏ¿© ±×°ÍÀÌ TCP¸¦ »ç¿ëÇÏ´ÂÁö UDP¸¦ »ç¿ëÇÏ´ÂÁö ±×¸®°í »ç¿ëÇÏ´Â Æ÷Æ®´Â ¹«¾ùÀÎÁö ÀûÇô ÀÖ´Ù. ¡Ü TCP Ç÷¡±× ¿¬°áÁöÇâ(Connection-Oriented) ¹æ½ÄÀÇ TCP ÆÐŶ¿¡´Â ¿¬°á È®¸³À» À§ÇÑ ACK/SYN µîÀÇ ºñÆ®°¡ ÀÖ´Ù. ÀÌ°ÍÀ» ÇÊÅ͸µÇÏ¸é ¿ÜºÎ¿¡¼­´Â ¿©·¯ºÐÀÇ ÀÎÆ®¶ó³Ý¿¡ Á¢¼ÓÇÒ ¼öÁ¶Â÷ ¾øµµ·Ï ÇÒ ¼ö ÀÖÀ¸¸ç ¿À·ÎÁö ³»ºÎ¿¡¼­ ¿ÜºÎ·ÎÀÇ Á¢¼Ó¸¸ Çã°¡ÇÒ ¼ö ÀÖ´Ù. ¿Ö³ÄÇÏ¸é ¿¬°á È®¸³À» ¿äûÇÏ´Â ÆÐŶÀ» ¸ðµÎ Á¦°ÅÇعö¸®±â ¶§¹®ÀÌ´Ù. ¡Ü ICMP ¸Þ½ÃÁö À¯Çü ICMP ÆÐŶ¿¡´Â ICMP ¸Þ½ÃÁöÀÇ À¯Çü¿¡ ´ëÇÑ Á¤º¸°¡ ´ã°ÜÀÖ´Ù. ÀÌ ¸Þ½ÃÁöÀÇ À¯ÇüÀ» °É·¯³¾ ¼ö ÀÖ´Ù. ¿¹¸¦ µé¾î ¾î¶² È£½ºÆ®°¡ »ì¾ÆÀÖ´ÂÁö È®ÀÎÇغ¸´Â ping ¸í·É¿¡¼­ ¹ß½ÅµÇ´Â ¹ÝÇâ ¿äû(Echo Request) ÆÐŶÀ» °ÅºÎÇÏ°Ô µÇ¸é ¿ÜºÎ ħÀÔÀÚ ÀÔÀå¿¡¼­´Â µµ´ëü È£½ºÆ® ÄÄÇ»ÅÍ°¡ ÄÑÁ® ÀÖ´ÂÁö ²¨Á® ÀÖ´ÂÁö Á÷Á¢ º¸Áö ¾Ê°í¼­´Â È®ÀÎÇÒ ±æÀÌ °ÅÀÇ ¾ø´Ù. ¡Ü ÆÐŶ¿¡ µç ÀÚ·á, ³×Æ®¿öÅ© ÀåÄ¡, ÆÐŶÀÇ ³¯Â¥/½Ã°£ ÀÌ·¯ÇÑ Á¤º¸¿¡ ÀÇ°ÅÇÏ¿© ¿©·¯ºÐÀº ÆÇ´ÜÀ» ³»·Á¾ß ÇÑ´Ù. ¸®´ª½º Ä¿³Î¿¡¼­ Áö¿øÇÏ´Â ÇÊÅ͸µ Á¤Ã¥(Policy)Àº ´ÙÀ½ 3 °¡ÁöÀÌ´Ù. ¡Ü Çã°¡(Accept) ¡Ü ºÎÀÎ(Deny) ¡Ü °ÅÀý(Reject) ¿©±â¼­ ¼³¸íÀÌ ÇÊ¿äÇÑ ºÎºÐÀº ¹Ù·Î ºÎÀΰú °ÅÀýÀÇ Â÷ÀÌÀÏ °ÍÀÌ´Ù. ºÎÀÎÀº ±ÔÄ¢¿¡ ÀÇ°ÅÇÏ¿© ÇÊÅ͸¦ Åë°úÇÒ ¼ö ¾ø´Â ÆÐŶÀ» ¾Æ¹« ¼Ò¸® ¾øÀÌ ¹ö¸®´Âµ¥ ¹ÝÇØ °ÅÀýÀº ÇÊÅ͸¦ Åë°úÇÒ ¼ö ¾ø´Â ÆÐŶÀ» ¹ö¸®¸é¼­ ÆÐŶÀ» º¸³½ Ãø¿¡ ¸ñÀûÁö¿¡ µµ´ÞÇÒ ¼ö ¾øÀ½ ¸Þ½ÃÁö(ICMP Destination Unreachable)¸¦ Ä£ÀýÇÏ°Ô º¸³»ÁØ´Ù. ÀÌ·¸°Ô ÇÏ¸é ¹ß½ÅÁö Ãø¿¡¼­ ¾Æ¹«·± ÀÌÀ¯µµ ¸ð¸¥ ü ÇÑ ¾øÀÌ ±â´Ù¸®´Â ÀÏÀº ¾ø°Ô µÈ´Ù. ºÎÀÎ ¹æ¹ý°ú °ÅÀý ¹æ¹ý¿¡ ´ëÇؼ­´Â ¿©·¯ºÐÀÇ ¸¶À½¿¡ ´Þ·È´Ù. 4.5 ipfwadm ÀÇ »ç¿ë¹ý ³×Æ®¿öÅ© º¸¾È¿¡ °üÇÑ °ÅÀÇ ¸ðµç ¼³Á¤À» ÀÌ ¸í·É Çϳª·Î ÇØ°áÇÑ´Ù. µû¶ó¼­ ¿©·¯ºÐÀÌ ´É·Â ÀÖ´Â ¸®´ª½º ³×Æ®¿öÅ© °ü¸®ÀÚ°¡ µÇ·Á¸é »ç¿ë¹ý¿¡ ´É¼÷ÇØ¾ß ÇÑ´Ù. ¿©·¯ºÐµµ ¿¹»óÇÏ°ÚÁö¸¸ ÇϳªÀÇ ¸í·É¿¡¼­ ¸¹Àº °ÍÀ» ÇØ°áÇϱ⠶§¹®¿¡ ¾à°£ ¸¹Àº ¿É¼ÇµéÀ» °¡Áö°í ÀÖ´Ù. ÇÏÁö¸¸ ±×·¸°Ô óÀ½ºÎÅÍ ¾î·Á¿ö ÇÒ ÇÊ¿ä´Â ¾ø´Ù. ¾î¶² ¾î·Á¿î ÀÏÀÌµç °³³ä¸¸ Àß Àâ°í µé¾î°¡¸é Àΰ£ÀÌ ¸¸µç ÀÌ»ó ÀÌÇØÇÒ ¼ö ¾ø´Â °ÍÀº ¾ø´Ù°í Àڽſ¡°Ô Àå´ãÇغ¸ÀÚ. »ç¿ëÇü½Ä: ipfwadm -A command parameters [options] ipfwadm -I command parameters [options] ipfwadm -O command parameters [options] ipfwadm -F command parameters [options] ipfwadm -M [ -l | -s ] [options] ¹üÁÖ ÃÑ 4°³ÀÇ ¹üÁÖ·Î ³ª´­ ¼ö Àִµ¥ IP ȸ°èºÐ¼®(IP Accou nting), IP ÀÔ·Â ¹æÈ­º®(IP Input Firewall) IP Ãâ·Â ¹æÈ­º®(IP Ouput Firewall), IP Àü´Þ ¹æÈ­º®(IP Forward Firewall) ¿µ¹®ÀÚÀÇ ¾Õ ÀÚ¿Í ipfwadm ¸í·ÉÀÇ -A, -I, -O, -F ¿ÍÀÇ °ü°è¸¦ Àß º¸¾ÆµÎ±â ¹Ù¶õ´Ù. ¸í·É(command) ipfwadm ¸í·É »ç¿ëÇü½Ä¿¡ ÀÖ¾î ¹üÁÖ¸¦ °í¸¥ ÈÄ ±× ´ÙÀ½ ¸í·ÉÀÌ µû¸¥´Ù. ¡Ü -p <Á¤Ã¥>¼±ÅÃÇÑ ¹æÈ­º® À¯Çü¿¡ ´ëÇÑ ±âº» Á¤Ã¥À» ¼³Á¤Çϰųª ¼³Á¤ °ªÀÌ ÀÖÀ» ¶§´Â º¯È­½ÃŲ´Ù. <Á¤Ã¥> À§Ä¡¿¡ ¿Ã ¼ö ÀÖ´Â °ªÀº À§¿¡¼­µµ ¼³¸íÇÑ ¹Ù ÀÖ´Â accept, deny, rejectÀÌ´Ù. ¸¸¾à ¾Æ¹«·± ±ÔÄ¢¿¡µµ ÇØ´çµÇÁö ¾Ê´Â ÆÐŶÀÌ ¹ß°ßµÇ¸é ¹Ù·Î ±âº» Á¤Ã¥À» »ç¿ëÇÑ´Ù. -I, -O, -F Ç÷¡±×¿Í °°ÀÌ »ç¿ëÇÒ ¼ö ÀÖ´Ù(policy). ¡Ü -f ±ÔÄ¢À» ¸ðµÎ Áö¿ö¹ö¸°´Ù(flush). ¡Ü -l ±ÔÄ¢À» È­¸é¿¡ Ç¥½ÃÇÑ´Ù(list). ¡Ü -a <Á¤Ã¥>±ÔÄ¢À» Ãß°¡ÇÑ´Ù(append). ¡Ü -i <Á¤Ã¥>±ÔÄ¢À» ¸Ç ¾Õ¿¡ »ðÀÔÇÑ´Ù(insert). ¡Ü -d <Á¤Ã¥>±ÔÄ¢À» »èÁ¦ÇÑ´Ù(delete).Àü´ÞÀμö(parameters) ¡Ü -P ÇÁ·ÎÅäÄÝ ÆÐŶ ÇüŸ¦ ¼±ÅÃÇÑ´Ù. tcp, udp, icmp ±×¸®°í ¸ðµç ÆÐŶÀ» °¡¸®Å°´Â allÀ» ¼±ÅÃÇÒ ¼ö ÀÖ´Ù. »ý·«Çϸé allÀ̶ó°í °£ÁÖÇÑ´Ù(Protocol). ¡Ü -S ÁÖ¼Ò[/¸¶½ºÅ©] [Æ÷Æ® ...] ÁÖ¼Ò¿¡ ¿Ã ¼ö Àִ ǥÇöÀº È£½ºÆ®¸í, ³×Æ®¿öÅ©¸í ±×¸®°í Æò¹üÇÑ IP ÁÖ¼ÒÀÌ´Ù. ³Ý ¸¶½ºÅ©¸¦ Àû¾îÁְųª ¶Ç´Â ±×³É ¼ýÀÚ¸¦ Àû¾îÁÖ´Â °Íµµ °¡´ÉÇѵ¥ ¿¹¸¦ µé¾î 24´Â 255.255.255.0°ú °°´Ù. 24ÀÇ Àǹ̴ ¿©±â¼­ IP ÁÖ¼Ò 32 ºñÆ®¿¡ ´ëÇÏ¿© ¿ÞÂÊ 24°³ ºñÆ®°¡ 1ÀÌ°í ³ª¸ÓÁö´Â 0À̶ó´Â ¸»ÀÌ´Ù. Æ÷Æ®¿¡´Â 23, 25¿Í °°Àº Æ÷Æ® ¹øÈ£¸¦ Àû°Å³ª telnet, smtp °°Àº ¼­ºñ½º¸íĪ ¶Ç´Â ICMP ŸÀÔÀ» Àû´Â´Ù. Æ÷Æ®ÀÇ ¹üÀ§¸¦ Ç¥ÇöÇÒ ¶§´Â 1023:65535¿Í °°ÀÌ Æ÷Æ®:Æ÷Æ®¶ó´Â Çü½ÄÀ» »ç¿ëÇÑ´Ù. »ý·«Çϸé 0.0.0.0/0À̶ó´Â °ªÀ» »ç¿ëÇϴµ¥ ÀÌ´Â ¸ðµç ÁÖ¼Ò¸¦ ¶æÇÑ´Ù(Source). ¡Ü -D ÁÖ¼Ò[/¸¶½ºÅ©] [Æ÷Æ® ...] -S¿Í »ç¿ë¹ýÀÌ °°´Ù. ´Ü ICMP Æ÷Æ®´Â ¸í½ÃÇÒ ¼ö ¾ø´Ù(Destination).±× ¹ÛÀÇ ¿É¼Çµé(Options) ¡Ü -m Àü´ÞÇϵµ·Ï Çã°¡µÈ ÆÐŶ¿¡ ´ëÇÏ¿© ¸Å½ºÄ¿·¹À̵ùÀ» ½ÇÇàÇÑ´Ù. ÀÌ ¿É¼ÇÀº Àü´Þ ¹æÈ­º®ÀÇ Çã°¡(accept) ±ÔÄ¢ÇÏ°í¸¸ °°ÀÌ »ç¿ëÇÒ ¼ö ÀÖÀ¸¸ç Ä¿³Î ÄÄÆÄÀÏ ½Ã ¸Å½ºÄ¿·¹À̵ù Áö¿øÀÌ µé¾îÀÖ¾î¾ß ÇÑ´Ù(masquerade). < ipfwadm ¸í·É »ç¿ë¿¹ > ¿¹¸¦ 2 °¡Áö µé¾îº¸°Ú´Ù. ÀÌ µÎ °¡Áö ¿¹´Â °ÅÀÇ ºñ½ÁÇÏ´Ù. ÇÏÁö¸¸ µÎ °¡Áö ¿¹·Î ºÎÅÍ ¼­·Î ´Ù¸¥ ºÐÀ§±â¸¦ ´À³¥ ¼ö ÀÖÀ» °ÍÀ̶ó°í »ý°¢ÇÏ¿© ¿©±â ¼Ò°³ÇÑ´Ù. ù ¹ø° »óȲÀº ÀÎÅͳݰú ¿¬°áµÈ ÀÎÅÍÆäÀ̽º¿¡ 199.1.2.10À̶ó´Â ÁÖ¼Ò¸¦ °®°í ÀÎÆ®¶ó³Ý Ãø°ú´Â 192.168.2.1À̶ó´Â ÁÖ¼Ò¸¦ °®´Â »óȲÀÌ´Ù. # # IP ÆÐŶ ȸ°èºÐ¼®°ú Àü´Þ¿¡ °üÇÑ ¼³Á¤ # # Àü´Þ(Forwarding) # # ±âº»ÀûÀ¸·Î ¸ðµç ¼­ºñ½º¸¦ ºÎÀÎÇÑ´Ù. ipfwadm -F -p deny # Àü´Þ, ÀÔ·Â, Ãâ·Â¿¡ ´ëÇÏ¿© ±ÔÄ¢À» ºñ¿î´Ù. ipfwadm -F -f ipfwadm -I -f ipfwadm -O -f # ÀüÀÚ¿ìÆíÀ» ¿©·¯ºÐÀÇ ¼­¹ö·Î Àü´Þ ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 - D 192.1.2.10 25 # ¿ÜºÎ ÀüÀÚ¿ìÆí ¼­¹ö·ÎÀÇ Á¢¼Ó¿äûÀ» Àü´Þ ipfwadm -F -a accept -b -P tcp -S 196.1.2.10 25 -D 0.0.0.0/0 1024:65535 # À¥ Á¢¼Ó ¿äûÀ» ¿©·¯ºÐÀÇ À¥ ¼­¹ö·Î Àü´Þ /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0 /0 1024:65535 -D 196.1.2.11 80 # ¿ÜºÎ À¥ ¼­¹ö¿¡ ´ëÇÑ ¿äûÀ» Àü´Þ /sbin/ipfwadm -F -a accept -b -P tcp -S 196.1.2. * 80 -D 0.0.0.0/0 1024:65535 # DNS ÆÐŶÀ» Àü´Þ /sbin/ipfwadm -F -a accept -b -P udp -S 0.0.0.0 /0 53 -D 196.1.2.0/24 # ÇöÀçÀÇ ºÐ¼® ±ÔÄ¢À» ºñ¿î´Ù ipfwadm -A -f # ȸ°è ºÐ¼®(Accounting) /sbin/ipfwadm -A -f /sbin/ipfwadm -A out -i -S 196.1.2.0/24 -D 0.0.0.0/0 /sbin/ipfwadm -A out -i -S 0.0.0.0/0 -D 196.1.2.0/24 /sbin/ipfwadm -A in -i -S 196.1.2.0/24 -D 0.0.0.0/0 /sbin/ipfwadm -A in -i -S 0.0.0.0/0 -D 196.1.2.0/24 ÀÎÅͳݰú PPP·Î ¿¬°áµÇ¾î ÀÖ°í ³»ºÎ ³×Æ®¿öÅ©¿Í´Â À̼­³×Æ®·Î ¿¬°áµÇ¾î ÀÖ´Â ¸®´ª½º ¹æÈ­º®ÀÇ ¹æÈ­º® ¼³Á¤ ¿¹ÀÌ´Ù. ÇϳªÀÇ ¼Ð ½ºÅ©¸³Æ®¿¡ ÀúÀåÇØµÎ°í ºÎÆÃÇÒ ¶§¸¶´Ù /etc/rc.d/rc.local°ú °°Àº °÷¿¡¼­ ÇÑ ¹ø¾¿ ½ÇÇàÇØÁÖ¸é ÁÁ´Ù. #!/bin/sh # 'Àü´Þ(Forwarding)' ±ÔÄ¢ Å×À̺íÀ» ºñ¿î´Ù. # Àü´Þ¿¡ ´ëÇÑ ±âº»Á¤Ã¥À» 'Çã°¡(accept)'·Î º¯°æÇÑ´Ù. # /sbin/ipfwadm -F -f /sbin/ipfwadm -F -p accept # # .. À̹ø¿¡´Â 'µé¾î¿À´Â' ÆÐŶ¿¡ ´ëÇÏ¿© # /sbin/ipfwadm -I -f /sbin/ipfwadm -I -p accept # ¿ì¼± PPP ÀÎÅÍÆäÀ̽º¸¦ ºÀ¼âÇÑ´Ù. # °³ÀÎÀûÀ¸·Î´Â '-a reject -y' ´ë½Å '-a deny'¸¦ »ç¿ëÇÏ°í ½ÍÁö¸¸ ±× # ·¸°ÔÇϸé ÀÎÅÍÆäÀ̽º Á¢¼Ó ÀÚü°¡ ºÒ°¡´ÉÇÏ°Ô µÈ´Ù. # -o ´Â °ÅºÎµÈ µ¥ÀÌÅͱ׷¥À» ±â·ÏÇصεµ·Ï ÇÑ´Ù.¼³Á¤ ½Ç¼ö¿¡ ´ëÇÑ ¾î¶² °ø # °ÝÀÌ ÀÖ¾ú´Â°¡¸¦ ¾Ë ¼ö ÀÖÀ¸³ª µð½ºÅ© °ø°£À» ÇÊ¿ä·Î ÇÑ´Ù. # /sbin/ipfwadm -I -a reject -y -o -P tcp -S 0/0 -D 172.16.174.30/sbin/ipfwadm -I -p accept # À§Á¶µÈ ÆÐŶÀº ±× Áï½Ã ¹ö¸°´Ù: # ¸ÖƼij½ºÆ®/¾Ö´Ïij½ºÆ®/ºê·Îµåij½ºÆ® ÁּҷκÎÅÍ ¾î¶°ÇÑ °Íµµ ¿Í¼­´Â ¾È # µÈ´Ù. # /sbin/ipfwadm -F -a deny -o -S 224.0/3 -D 172.16.37.0/24 # # ·çÇÁ¹é ³×Æ®¿öÅ©ÀÇ ÆÐŶÀº ȸ¼± »óÀ» µ¹¾Æ´Ù´Ï¸é ¾ÈµÈ´Ù. # /sbin/ipfwadm -F -a deny -o -S 127.0/8 -D 172.16.37.0/24 # ¿ÜºÎ·ÎºÎÅÍ ¿À´Â SMTP, DNS Á¢¼ÓÀº ¹Þ¾ÆµéÀÌÁö¸¸ ¿À·ÎÁö ¸ÞÀÏ/³×ÀÓ ¼­¹ö # ¿¡°Ô¸¸ Àü´ÞÇÑ´Ù. # /sbin/ipfwadm -F -a accept -P tcp -S 0/0 -D 172.16.37. 19 25 53 # # DNS´Â TCP »Ó ¾Æ´Ï¶ó UDPµµ »ç¿ëÇÑ´Ù. µû¶ó¼­ ³×ÀÓ ¼­¹ö¿¡ ´ëÇؼ­´Â # UDPµµ Çã¿ëÇØ¾ß ÇÑ´Ù. # /sbin/ipfwadm -F -a accept -P udp -S 0/0 -D 172.16.37. 19 53 # # ÇÏÁö¸¸ NFS ¶Ç´Â Larry McVoyÀÇ NSF È®Àå ±â´É µî À§ÇèÇÑ Æ÷Æ®·ÎºÎÅÍ # ³ª¿À´Â ´äº¯Àº Àü´ÞÇÏÁö ¸øÇÏ°Ô ÇÑ´Ù. squid¸¦ ½ÇÇàÇÏ°í ÀÖ´Ù¸é ±× Æ÷Æ® # ¶ÇÇÑ Ãß°¡Çϱ⠹ٶõ´Ù. /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 53 -D 172.16.37.0/24 2049 2050 # ±× ¿ÜÀÇ Æ÷Æ®¿¡ ´ëÇؼ­´Â ±¦Âú´Ù. # /sbin/ipfwadm -F -a accept -P udp -S 0/0 53 -D 172.16.37.0/24 53 1024:65535 # identd¿¡ ´ëÇÑ Á¢¼Ó ¿äûÀº °ÅÀý(reject) # ¿ì¸®´Â ¿©±â¼­ 'reject'¸¦ »ç¿ëÇÔÀ¸·Î½á Á¢¼ÓÇϴ ȣ½ºÆ®¿¡°Ô Áï½Ã Á¢¼Ó # Çصµ ¼Ò¿ë¾ø´Ù´Â ¹ÝÀÀÀ» º¸³»ÁØ´Ù. ±×·¸Áö ¾ÊÀ¸¸é ident°¡ ŸÀӾƿô °É¸® # ´Â µ¿¾È Áö¿¬ÀÌ »ý±ä´Ù. # /sbin/ipfwadm -F -a reject -o -P tcp -S 0/0 -D 172.16.37.0/24 113 # 192.168.64 ±×¸®°í 192.168.65 ³×Æ®¿öÅ©´Â ¿ì¸®°¡ ¹Ï´Â Ä£±¸µéÀ̹ǷΠ# ¸î °¡Áö ÀϹÝÀûÀÎ ¼­ºñ½º¸¦ Çã°¡ÇÑ´Ù. # /sbin/ipfwadm -F -a accept -P tcp -S 192.168.64.0/23 -D 172.16.37.0/24 20:23 # ³»ºÎ¿¡¼­ ¹ß»ýÇÏ´Â ÀÏ¿¡ ´ëÇؼ­´Â Çã°¡ÇÏ°í Åë°ú½ÃŲ´Ù. # /sbin/ipfwadm -F -a accept -P tcp -S 172.16.37.0/24 -D 0/0 # ´Ù¸¥ ´ëºÎºÐÀÇ TCP Á¢¼Ó ¿äûÀº °ÅºÎÇÏ°í ±â·ÏÇصдÙ. # (¸¸¾à ftp°¡ Á¦´ë·Î ÀÛµ¿ÇÏÁö ¾Ê´Â´Ù¸é 1:1023 À» Ãß°¡Ç϶ó) # /sbin/ipfwadm -F -a deny -o -y -P tcp -S 0/0 -D 172.16.37.0/24 # UDPµµ ¸¶Âù°¡ÁöÀÌ´Ù. # /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 -D 172.16.37.0/24 »ó´çÈ÷ º¹ÀâÇÑ ¿¹À̱ä ÇÏÁö¸¸ ipfwadm ¸í·ÉÀ» ¾î¶»°Ô »ç¿ëÇÏ´ÂÁö °¨À» ÀâÀ» ¼ö ÀÖÀ» °ÍÀÌ´Ù. 4.6 °èÁ¤À» °¡Áø »ç¿ëÀÚµé·ÎºÎÅÍÀÇ º¸¾È ´ÙÀ½À¸·Î ÁÖ¸ñÇØ¾ß ÇÒ °ÍÀº Áö¿ª »ç¿ëÀÚ(local user)µéÀÇ °ø°Ý¿¡ ´ëÇÑ º¸¾ÈÀÌ´Ù. ÇÊÀÚ°¡ ¹æ±Ý _Áö¿ª_ »ç¿ëÀÚµéÀ̶ó°í ¸»Çߴٴµ¥ ÁÖ¸ñÇϱ⠹ٶõ´Ù. Áö¿ª »ç¿ëÀÚÀÇ Á¢±Ù±ÇÀ» ¾ò´Â °ÍÀ̾߸»·Î ½Ã½ºÅÛ¿¡ ħÀÔÇÏ°íÀÚ ÇÏ´Â »ç¶÷µéÀÌ °¡Àå ¸ÕÀú ½ÃµµÇÏ´Â °Í °¡¿îµ¥ Çϳª´Ù. Áö¿ª »ç¿ëÀڵ鿡 º¸¾ÈÀÌ ´À½¼Çϸé, ħÀÔÀÚµéÀº ¿©·¯ °¡Áö ¹ö±×µé°ú ½Ã½ºÅÛÀÌ Á¦°øÇÏ´Â ¼­ºñ½ºÀÇ ÇãÁ¡À» ÀÌ¿ëÇؼ­ ±×µéÀÌ °®°í ÀÖ´Â º¸Åë »ç¿ëÀÚÀÇ Á¢±Ù±ÇÀ» °ü¸®ÀÚ(root) Á¢±Ù±ÇÀ¸·Î "¾÷±×·¹À̵å" ÇÒ ¼ö ÀÖ´Ù. Áö¿ª »ç¿ëÀڵ鿡 ´ëÇÑ º¸¾ÈÀÌ Ã¶ÀúÇϸé ħÀÔÀÚµéÀº ¶Ù¾î³Ñ¾î¾ß ÇÒ ¶Ç ÇϳªÀÇ Àå¾Ö¹°À» °®°Ô µÇ´Â ¼ÀÀÌ´Ù. ¼³·É °¡Â¥°¡ ¾Æ´Ï¶ó Çصµ (¾î¼¸é ¹Ù·Î ÀÌ·± °æ¿ì¿¡) Áö¿ª »ç¿ëÀÚµéÀº ´ç½ÅÀÇ ½Ã½ºÅÛÀ» ¾¦¹çÀ¸·Î ¸¸µé ¼ö ÀÖ´Ù. ´ç½ÅÀÌ ¸ð¸£°Å³ª ¿¬¶ô ¹æ¹ýÀ» ¸ð¸£´Â »ç¶÷µé¿¡°Ô °èÁ¤À» ÁÖ´Â °ÍÀº ¸Å¿ì ÁÁÁö ¾ÊÀº »ý°¢ÀÌ´Ù. ¾î¶² ½Ã½ºÅÛ ÆÄÀÏÀÌ°Ç Çã°¡±ÇÀ» ¹Ù²Ù±â Àü¿¡ ´ç½ÅÀÌ ÇÏ°í ÀÖ´Â ÀÏÀ» Á¤È®È÷ ÀÌÇØÇÏ°í ÀÖ´ÂÁö È®ÀÎÇϵµ·Ï Ç϶ó. Á¦´ë·Î ÀÛµ¿Çϵµ·Ï ÇÏ´Â ½¬¿î ¹æ¹ý °°´Ù´Â ÀÌÀ¯·Î ÆÄÀÏÀÇ Çã°¡±ÇÀ» ¹Ù²Ù´Â ÀÏÀº °áÄÚ ¾ÈµÈ´Ù. ÆÄÀÏÀÇ Çã°¡±ÇÀ» ¹Ù²Ù±â Àü¿¡ ¿Ö ±×·± Çã°¡±ÇÀ» °¡Á®¾ß ÇÏ´ÂÁö °áÁ¤Çϵµ·Ï Ç϶ó. 4.6.1 »õ·Î¿î °èÁ¤ÀÇ »ý¼º »ç¿ëÀÚÀÇ °èÁ¤À» ¸¸µé ¶§¿¡´Â ÀÛ¾÷À» À§ÇÑ ÃÖ¼ÒÇÑÀÇ ±ÇÇѸ¸À» Á¦°øÇØ¾ß ÇÑ´Ù. ´ç½ÅÀÇ ¿­ »ì ³­ ¾Æµé¿¡°Ô °èÁ¤À» Áشٸé, ¿öµå ÇÁ·Î¼¼¼­¿Í ±×¸®±â ÇÁ·Î±×·¥¿¡ ´ëÇÑ Á¢±Ù ±ÇÇѸ¸À» ÁÖ¾î¾ß Çϸç, ¾î¶² °ÍÀÌ°Ç Áö¿ï ¼ö ÀÖµµ·Ï Çؼ­´Â ¾È µÈ´Ù. ´Ù¸¥ »ç¶÷¿¡°Ô ÀûÀýÇÑ Á¢±Ù±ÇÇÑÀ» Á¦°øÇÏ·Á ÇÒ ¶§, ¿°µÎ¿¡ µÑ ¾Æ·¡¿Í °°Àº ÁÁÀº °æÇè¹ýÄ¢µéÀÌ ÀÖ´Ù. »ç¿ëÀڵ鿡°Ô´Â ±×µéÀÌ ÇÊ¿ä·Î ÇÏ´Â ÃÖ¼ÒÀÇ ±ÇÇѸ¸À» ÁÖ¾î¾ß ÇÑ´Ù. »ç¿ëÀÚµéÀÌ ¾ðÁ¦/¾îµð¼­ ·Î±×ÀÎ ÇÏ´ÂÁö ȤÀº ·Î±×ÀÎ ÇØ¾ß ÇÏ´ÂÁö ¾Ë¾Æ¾ß ÇÑ´Ù. »ç¿ëÀÚµéÀÌ ´õ ÀÌ»ó Á¢¼ÓÇÒ ÇÊ¿ä°¡ ¾ø¾îÁ³´Ù¸é ±×µéÀÇ °èÁ¤À» »èÁ¦ÇÏ°í È®ÀÎÇ϶ó. ħÀÔ¿¡ »ç¿ëµÇ´Â Áö¿ª »ç¿ëÀÚ °èÁ¤Àº ´ë°³ ¿©·¯ ´Þ ÀÌ»ó »ç¿ëµÇÁö ¾Ê°í ÀÖ´Â °ÍµéÀÌ´Ù. ¾Æ¹«µµ »ç¿ëÇÏ°í ÀÖÁö ¾Ê±â ¶§¹®¿¡ ÀÌ·± °èÁ¤µéÀº ÃÖ°íÀÇ °ø°Ý µµ±¸°¡µÈ´Ù. 4.6.2 ·çÆ® º¸¾È ÈçÈ÷ ½Ã½ºÅÛ¿¡ °ø°ÝÀ» °¡ÇÏ´Â ¶Ç ´Ù¸¥ Áö¿ª »ç¿ëÀÚ´Â ´ç½ÅÀÇ ¸®´ª½º °ü¸®ÀÚ, Áï ¹Ù·Î ´ç½ÅÀÌ´Ù! :) ·çÆ® °èÁ¤Àº ¸Å¿ì ª°í Ưº°ÇÑ ÀÛ¾÷À» À§Çؼ­¸¸ ½á¾ßÇϸç, ´ëºÎºÐÀÇ °æ¿ì¿¡´Â °ü¸®ÀÚ Àڽŵµ º¸Åë »ç¿ëÀڷμ­ »ç¿ëÇØ¾ß ÇÑ´Ù´Â Á¡À» ¸í½ÉÇØ¾ß ÇÑ´Ù. Ç×»ó ·çÆ®·Î ÀÛ¾÷À» ÇÏ´Â °ÍÀº ¸Å¿ì ¸Å¿ì ¸Å¿ì ³ª»Û »ý°¢ÀÌ´Ù. ·çÆ®°¡ Çؾ߸¸ Çϴ Ưº°ÇÑ ÀÛ¾÷À» À§Çؼ­´Â su³ª sudo¸¦ ¾²µµ·Ï Ç϶ó. ·çÆ®·Î ÀÛ¾÷ÇÏ´Ù°¡ ÀÚ½ÅÀÇ ÄÄÇ»Å͸¦ µÚÁ×¹ÚÁ×À¸·Î ¸¸µå´Â °ÍÀ» ÇÇÇϱâ À§ÇÑ ¸î °¡Áö ºñ°áÀÌ ÀÖ´Ù. º¹ÀâÇÑ ¸í·ÉÀ» ½á¾ßÇÒ ¶§¿£ ¸ÕÀú Æı«ÀûÀÌÁö ¾ÊÀº ¹æ½ÄÀ¸·Î ÇØ º¸µµ·Ï Ç϶ó. ƯÈ÷ ¿ÍÀϵåÄ«µå¸¦ ¾²´Â ¸í·ÉÀÇ °æ¿ì¿¡ ÁÖÀÇÇ϶ó. ¿¹¸¦ µé¾î "rm foo*.bak"À» Çϱâ Àü¿¡ ¸ÕÀú "ls foo*.bak"À» Çؼ­ ´ç½ÅÀÌ Áö¿ì·Á°í »ý°¢ÇÏ´Â ÆÄÀϵ鸸À» Áö¿ì°Ô µÇ´ÂÁö È®ÀÎÇØ¾ß ÇÑ´Ù. Æı«ÀûÀÎ ¸í·É ´ë½Å ¿¡ÄÚ¸¦ ¾²´Â °Íµµ ¶§·Î´Â ÁÁÀº ¹æ¹ýÀÌ´Ù. ¾î¶² »ç¶÷µéÀº "touch /-i"¸¦ ¾²´Â °ÍÀÌ µµ¿òÀÌ µÈ´Ù°í ÇÑ´Ù. ÀÌ ¸í·ÉÀº "rm -rf /" °°Àº ¸í·ÉÀ» ³»·ÈÀ» ¶§, ´ç½Å¿¡°Ô Á¤¸» ¸ðµç ÆÄÀϵéÀ» Áö¿ì°í ½ÍÀºÁö ¹¯µµ·Ï ÇÏ´Â °ÍÀÌ´Ù. ƯÁ¤ÇÑ ÇϳªÀÇ ÀÛ¾÷À» Çϱâ À§Çؼ­¸¸ ·çÆ®°¡ µÇµµ·Ï Ç϶ó. ¾î¶² ÀÏÀ» ÇÏ´Â ¹æ¹ýÀ» ¾Ë¾Æ³»°í ½Í´Ù¸é, ·çÆ®·Î¼­ ¼öÇàµÇ¾î¾ß¸¸ ÇÏ´Â ÀÛ¾÷ÀÌ ¹«¾ùÀÎÁö È®½ÅÇÒ ¶§±îÁö º¸Åë »ç¿ëÀÚÀÇ ¼Ð·Î µ¹¾Æ°¡µµ·Ï Ç϶ó. ·çÆ®·Î¼­ ÀÛ¾÷À» ÇÒ ¶§¿¡´Â ¾ðÁ¦³ª ´À±ßÇÏ°í ½ÅÁßÇÏ°Ô ÇൿÇ϶ó. ´ç½ÅÀÌ ÇÏ´Â ÇൿÀº ¸¹Àº °Íµé¿¡ ¿µÇâÀ» ÁÙ ¼ö ÀÖ´Ù. ÃæºÐÈ÷ »ý°¢ÇÑ ÈÄ¿¡ ÀÚÆÇÀ» µÎµå·Á¶ó! (¹Ù¶ó°Ç´ë Áö±ØÈ÷ ¹ÏÀ» ¸¸ÇÑ) ´©±º°¡¿¡°Ô ´ç½ÅÀÇ ÄÄÇ»ÅÍ¿¡ ¼öÆÛÀ¯Àú·Î¼­ Á¢±ÙÇÒ ±ÇÇÑÀ» Çã¿ëÇÒ Àý´ëÀûÀÌ°í ¸íÈ®ÇÑ ÇÊ¿ä°¡ ÀÖ´Ù¸é, µµ¿òÀÌ µÉ ¸¸ÇÑ µµ±¸°¡ ¸î °¡Áö ÀÖ´Ù. Sudo´Â »ç¿ëÀÚ°¡ ÀÚ½ÅÀÇ Æнº¿öµå¸¦ ½á¼­ ¸î °¡Áö Á¦ÇÑµÈ ¸í·ÉÀ» ·çÆ®·Î¼­ ³»¸± ¼ö ÀÖµµ·Ï ÇØÁØ´Ù. ¿¹ÄÁ´ë sudo¸¦ ÀÌ¿ëÇؼ­ ¸®´ª½º ½Ã½ºÅÛÀÇ ¾î¶² »ç¿ëÀÚ°¡ ´Ù¸¥ ·çÆ®·Î¼­ÀÇ Æ¯±ÇÀ» °®´Â ÀϾøÀÌ ½Ãµð·ÒÀ̳ª µð½ºÄÏÀ» Á¦°ÅÇϰųª ¸¶¿îÆ®ÇÏ´Â °ÍÀÌ °¡´ÉÇϵµ·Ï ÇÒ ¼ö ÀÖ´Ù. sudo´Â ´©°¡ ¹«¾ùÀ» Çϱâ À§ÇØ ¾î¶² ¸í·ÉÀ» »ç¿ëÇß´ÂÁö ÃßÀûÇÒ ¼ö ÀÖµµ·Ï, ¸ðµç sudo »ç¿ë ½Ãµµ¿Í ¼º°ø¿¡ ´ëÇÑ ±â·ÏÀ» ÀÛ¼ºÇÑ´Ù. ÀÌ·± ±î´ßÀ¸·Î ¸¹Àº »ç¶÷µéÀÌ ·çÆ® Á¢±Ù±ÇÀ» °®´Â °÷¿¡¼­´Â º¯°æ »çÇ×À» ÃßÀûÇÒ ¼ö ÀÖµµ·Ï sudo¸¦ ¾²µµ·Ï ÇÏ´Â °ÍÀÌ ÁÁ´Ù. 4.6.3 Æ®·ÎÀÌÀÇ ¸ñ¸¶ Æ®·ÎÀÌÀÇ ¸ñ¸¶´Â È£¸ÓÀÇ À§´ëÇÑ ¹®ÇÐÀÛÇ°¿¡ ³ª¿À´Â Àü¼³ÀûÀΠå·«¿¡¼­ ºñ·ÔµÈ À̸§ÀÌ´Ù. ±×·²µíÇØ º¸ÀÌ´Â ¾î¶² ÇÁ·Î±×·¥À̳ª ÀÌÁø ÆÄÀÏÀ» ¾÷·ÎµåÇØ ³õ°í, ´Ù¸¥ »ç¶÷µéÀÌ ±×°ÍÀ» ´Ù¿î ¹Þ¾Æ¼­ ·çÆ®·Î¼­ µ¹¸®µµ·Ï ÇÑ´Ù´Â ¾ÆÀ̵ð¾î´Ù. ±×·¸°Ô µÇ¸é ´ç½ÅÀº ÆÄÀÏÀ» ½ÇÇà½ÃŲ »ç¶÷µéÀÌ ÁÖÀǸ¦ ±â¿ïÀÌÁö ¾Ê´Â µ¿¾È ±×µéÀÇ ½Ã½ºÅÛÀ» ¼Õ»ó½Ãų ¼ö ÀÖ´Ù. °ü¸®ÀÚµéÀÌ ¹æ±Ý ¹Þ¾Æ¿Â ÀÌÁø ÆÄÀÏÀÌ ÇÑ °¡Áö ÀÏÀ» (¾Æ¸¶µµ ¸Å¿ì Àß) ÇÑ´Ù°í »ý°¢ÇÏ°í ÀÖ´Â µ¿¾È, ±× ÆÄÀÏÀº ±×µéÀÇ º¸¾ÈÀ» ¼Õ»ó½ÃŲ´Ù. ´ç½ÅÀº ÄÄÇ»ÅÍ¿¡ ¼³Ä¡ÇÑ ÇÁ·Î±×·¥ÀÌ ¾î¶² °ÍÀÎÁö¿¡ ÁÖÀǸ¦ ±â¿ï¿©¾ß ÇÑ´Ù. ·¹µåÇÞÀº md5 checksum°ú pgp Ç¥½Ã°¡ µÈ rpm ÆÄÀϵéÀ» Á¦°øÇϹǷΠ¼³Ä¡ÇÏ°í ÀÖ´Â ÇÁ·Î±×·¥ÀÌ ÁøÂ¥ÀÎÁö È®ÀÎÇÒ ¼ö ÀÖ´Ù. ¼Ò½º¸¦ °®°í Àְųª ¸Å¿ì À¯¸íÇÑ °ÍÀÌ ¾Æ´Ñ ÇÑ, ¾î¶² ÀÌÁø ÆÄÀϵµ ·çÆ®·Î¼­ ½ÇÇà½ÃÄѼ­´Â ¾È µÈ´Ù! ¼Ò½º¸¦ °ø°³ÇÏ¿© ´ëÁßÀûÀÎ °Ë»ç¸¦ ¹Þµµ·Ï Çϴ ħÀÔÀÚ´Â °ÅÀÇ ¾ø´Ù. º¹ÀâÇÒ ¼öµµ ÀÖÁö¸¸, ¾î¶² ÇÁ·Î±×·¥ÀÇ ¼Ò½º¸¦ ¿Ã¹Ù¸¥ ¹èÆ÷ó¿¡¼­ °¡Á®¿Ô´ÂÁö È®ÀÎÇϵµ·Ï Ç϶ó. ÇÁ·Î±×·¥À» ·çÆ®·Î¼­ ½ÇÇà½Ãų ¿¹Á¤À̶ó¸é, ´ç½ÅÀ̳ª ¹ÏÀ» ¸¸ÇÑ ´©±º°¡°¡ ¼Ò½º¸¦ ÈȾ°í È®ÀÎÇϵµ·Ï ÇØ¾ß ÇÑ´Ù. 4.6.4 Æнº¿öµå º¸¾È & ¾Ïȣȭ ¾ÏÈ£´Â ¿À´Ã³¯ ¾²ÀÌ°í ÀÖ´Â °¡Àå Áß¿äÇÑ º¸¾È ±â¹ý °¡¿îµ¥ Çϳª´Ù. ¾ÈÀüÇÏ°í ÃßÃøÇÒ ¼ö ¾ø´Â Æнº¿öµå¸¦ °®´Â °ÍÀº ´ç½Å¿¡°Ô³ª ´ç½ÅÀÇ »ç¿ëÀڵ鿡°Ô³ª Áß¿äÇÑ ÀÏÀÌ´Ù. ¿äÁòÀÇ ¸®´ª½º ¹èÆ÷º»µéÀº ´ëºÎºÐ ½±°Ô ÃßÃøÇÒ ¼ö ÀÖ´Â Æнº¿öµå´Â ¼³Á¤ÇÒ ¼ö ¾øµµ·Ï ÇÏ´Â 'passwd' ÇÁ·Î±×·¥À» Æ÷ÇÔÇÏ°í ÀÖ´Ù. ´ç½ÅÀÇ passwd ÇÁ·Î±×·¥ÀÌ ÀÌ·± Ư¼ºÀ» °¡Áö°í ÀÖ´Â ÃÖ½ÅÆÇÀÎÁö È®ÀÎÇϵµ·Ï Ç϶ó. ¾Ïȣȭ¿¡ ´ëÇÑ ±íÀº Åä·ÐÀº ÀÌ ¹®¼­ÀÇ ¹üÀ§¸¦ ¹þ¾î ³ª´Â °ÍÀÌÁö¸¸, ¼Ò°³´Â ÇÊ¿äÇÏ´Ù. ¾Ïȣȭ´Â ¸Å¿ì À¯¿ëÇϸç, ¿äÁò °°Àº ½Ã´ë¿¡´Â ÇʼöÀûÀ̱â±îÁö ÇÏ´Ù. ¼¼»ó¿¡´Â ÀڷḦ ¾ÏȣȭÇÏ´Â ¼ö¸¹Àº ¹æ¹ýÀÌ ÀÖÀ¸¸ç, °¢°¢ ³ª¸§ÀÇ °áÇÔ°ú ¾àÁ¡ÀÌ ÀÖ´Ù. ´ç½ÅÀÌ ¾Ë°í ÀÖ¾î¾ß ÇÒ ¸¸ÇÑ ÈçÈ÷ ¾²ÀÌ´Â ¹æ¹ý¿¡´Â ¾Æ·¡¿Í °°Àº °ÍµéÀÌ ÀÖ´Ù. À¯´Ð½º ¾ÏÈ£ ¾Ïȣȭ(unix password encryption): ´ëºÎºÐÀÇ À¯´Ð½º üÁ¦µéÀº (¸®´ª½ºµµ ¿¹¿Ü°¡ ¾Æ´Ï´Ù) ´ç½ÅÀÇ Æнº¿öµå¸¦ ¾ÏȣȭÇϱâ À§ÇØ DES(ÀÚ·á ¾Ïȣȭ Ç¥ÁØ, Data Encryption Standard)¸¦ »ç¿ëÇÑ´Ù. ÀÌ·¸°Ô ¾ÏȣȭµÈ Æнº¿öµå´Â (ÈçÈ÷) /etc/passwd (ȤÀº ´ú ÈçÇÏ°Ô´Â) /etc/shadow ¿¡ ÀúÀåµÈ´Ù. ´ç½ÅÀÌ ·Î±×ÀÎ ÇÏ·Á°í ½ÃµµÇϸé, ´ç½ÅÀÌ ÀÔ·ÂÇÑ °ÍÀº ´Ù½Ã ¾ÏȣȭµÇ¾î passwd ÆÄÀÏ ³»ÀÇ ±âÀç»çÇ×°ú ºñ±³µÈ´Ù. µÑÀÌ ÀÏÄ¡ÇÏ¸é °°Àº Æнº¿öµåÀÓÀÌ ºÐ¸íÇϹǷΠ´ç½ÅÀÇ Á¢±ÙÀº Çã°¡µÈ´Ù. DES´Â ÀϹæÅëÇà ½ÄÀÇ ¾Ïȣȭ ¹æ¹ýÀÌ´Ù. DES´Â ºü¸¥ ÄÄÇ»ÅÍ°¡ ¸¹Àº ¿äÁò °°Àº ½Ã´ë¿¡´Â »ó´çÈ÷ Ãë¾àÇÏ´Ù°í ¾Ë·ÁÁ® ÀÖ´Ù. ´ç½ÅÀÇ Æнº¿öµå°¡ ÃæºÐÈ÷ ºÒ±ÔÄ¢ÀûÀÎ °ÍÀÌ ¾Æ´Ï¶ó¸é, crackÀ̳ª John the ripper (¾Æ·¡¸¦ º¸½Ã¿À) °°Àº ³­ÆøÇÑ °ø°Ý¿¡ ÀÇÇØ Æнº¿öµå¸¦ °£ÆÄ ´çÇÏ´Â °æ¿ì°¡ ÀÖÀ» ¼ö ÀÖ´Ù. PAM ¸ðµâÀº Æнº¿öµå¸¦ ÁöÅ°±â À§ÇØ (MD5³ª ±× ºñ½ÁÇÑ) ´Ù¸¥ ¾Ïȣȭ ¹æ¹ýÀ» »ç¿ëÇÒ ¼ö ÀÖµµ·Ï ÇØÁØ´Ù. (¾Æ·¡¸¦ º¸½Ã¿À) PAM - Pluggable Authentication Modules ·¹µåÇÞ ¸®´ª½º ¹èÆ÷º»ÀÇ »õ·Î¿î ¹öÀüÀº "PAM"À̶ó´Â »õ·Î¿î °ÍÀ» Æ÷ÇÔÇÏ°í ÀÖ´Ù. PAMÀº ½Ã½ºÅÛ ½ÇÇà Áß¿¡ ÀÎÁõ ¹æ¹ý°ú ¿ä±¸¸¦ ¹Ù²Ü ¼ö ÀÖµµ·Ï ÇØÁØ´Ù. ¾î¶² ¹ÙÀ̳ʸ® ÆÄÀϵµ ´Ù½Ã ÄÄÆÄÀÏÇÒ ÇÊ¿ä°¡ ¾ø´Ù. PAMÀÇ ¼³Á¤ ¹æ¹ýÀº ÀÌ ¹®¼­ÀÇ ¹üÀ§¸¦ ³Ñ¾î¼­¹Ç·Î ´õ ÀÚ¼¼ÇÑ Á¤º¸°¡ ÇÊ¿äÇÏ´Ù¸é PAMÀÇ À¥»çÀÌÆ®¸¦ »ìÆ캸±â ¹Ù¶õ´Ù. http://www.kernel.org/pub/linux/libs/pam/index.html PAMÀ¸·Î ÇÒ ¼ö ÀÖ´Â ÀÏ °¡¿îµ¥ ¸î °¡Áö ¸¸ µé¾îº¸¸é ¾Æ·¡¿Í °°´Ù. DES ¾Æ´Ñ ¾Ïȣȭ ¹æ¹ýÀ» Æнº¿öµå¿¡ ¾´´Ù. (Æнº¿öµå¸¦ ³­ÆøÇÑ ¾ÏÈ£ Çص¶ ½Ãµµ¿¡ ´õ °ß°íÇÏ°Ô ¸¸µç´Ù) ¸ðµç »ç¿ëÀڵ鿡°Ô »ç¿ë °¡´ÉÇÑ ÀÚ¿øÀÇ Á¦ÇÑÀ» ¼³Á¤ÇÔÀ¸·Î½á, ±×µéÀÌ ¼­ºñ½º °ÅºÎ °ø°ÝÀ» °¡ÇÒ ¼ö ¾øµµ·Ï ÇÑ´Ù.(ÇÁ·Î¼¼½ºÀÇ ¼ýÀÚ, ¸Þ¸ð¸®ÀÇ ¾ç µî) ½ÇÇà Áß¿¡ ½¦µµ¿ì Æнº¿öµå¸¦ °¡´ÉÇÏ°Ô ÇÑ´Ù.(¾Æ·¡¸¦ º¸½Ã¿À) ƯÁ¤ÇÑ »ç¿ëÀÚ°¡ ƯÁ¤ÇÑ ½Ã°£¿¡ ƯÁ¤ÇÑ Àå¼Ò¿¡¼­¸¸ ·Î±×ÀÎÇÒ ¼ö ÀÖµµ·Ï ÇÑ´Ù. 4.6.5 Crack°ú John the Ripper ¾î¶² ÀÌÀ¯·Î ½±°Ô ÃßÃøÇÒ ¼ö ¾ø´Â Æнº¿öµå¸¦ ¾²µµ·Ï ÇÏ´Â »õ ¹öÀüÀÇ passwd¸¦ ¾²Áö ¾Ê´Â´Ù¸é, Æнº¿öµå Å©·¡Å· ÇÁ·Î±×·¥À» ½ÇÇà½ÃÄѼ­ ´ç½ÅÀÇ »ç¿ëÀÚµéÀÌ ¾ÈÀüÇÑ Æнº¿öµå¸¦ ¾²°í ÀÖ´ÂÁö È®ÀÎÇÏ°íÀÚ ÇÒ ¼ö ÀÖ´Ù. Æнº¿öµå Å©·¡Å· ÇÁ·Î±×·¥Àº °£´ÜÇÑ ¾ÆÀ̵ð¾î¿¡ ÀÇÇØ ÀÛµ¿ÇÑ´Ù. ÀÌ·± ÇÁ·Î±×·¥µéÀº »çÀü¿¡ ÀÖ´Â ¸ðµç ´Ü¾î¿Í ±× º¯ÇüµéÀ» ½ÃÇèÇÑ´Ù. ¸ðµç ´Ü¾î¸¦ ¾ÏȣȭÇÏ¿© ½Ã½ºÅÛÀÇ ¾ÏȣȭµÈ Æнº¿öµå¿Í ºñ±³ÇÏ´Â °ÍÀÌ´Ù. ¸¸¾à¿¡ µü µé¾î¸Â´Â ´Ü¾î¸¦ ã°ÔµÇ¸é, ¾ÏÈ£¸¦ ¾Ë¾Æ³½ °ÍÀÌ´Ù. ¼¼»ó¿¡´Â ¸¹Àº Æнº¿öµå Å©·¢ ÇÁ·Î±×·¥µéÀÌ ÀÖ´Ù. ±× Áß¿¡ °¡Àå ¾Ç¸í ³ôÀº µÎ °¡Áö°¡ ¹Ù·Î "Crack"°ú "John the Ripper"´Ù. http://www.false.com/security/john/index.html ÀÌ ÇÁ·Î±×·¥µéÀº cpu¸¦ ¾öû³ª°Ô »ç¿ëÇÏ°ÚÁö¸¸, ´ç½ÅÀÌ ¸ÕÀú Æнº¿öµå Å©·¢ ÇÁ·Î±×·¥µéÀ» ½áº¸°í Ãë¾àÇÑ Æнº¿öµå¸¦ °¡Áø »ç¿ëÀÚµéÀ» ¾Ë¾Æ³¿À¸·Î½á, °ø°ÝÀÚ°¡ ÀÌ·± ÇÁ·Î±×·¥µéÀ» ½á¼­ ½Ã½ºÅÛ¿¡ ħÀÔÇÒ ¼ö ÀÖ´ÂÁö È®ÀÎÇØ¾ß ÇÑ´Ù. °ø°ÝÀÚ´Â ´ç½ÅÀÇ passwd (À¯´Ð½º¿¡¼­´Â /etc/passwd) ÆÄÀÏÀ» ¾ò±â À§Çؼ­ ¸ÕÀú ´Ù¸¥ ÇãÁ¡À» ÀÌ¿ëÇÏ¿©¾ß ÇÏ°ÚÁö¸¸, ÀÌ·± ÇãÁ¡µéÀº ´ç½ÅÀÌ »ý°¢ÇÏ´Â °Íº¸´Ù ÈξÀ ÈçÇÏ´Ù´Â Á¡¿¡ ÁÖÀÇÇØ¾ß ÇÑ´Ù. 4.6.6 Tripwire¸¦ ÀÌ¿ëÇÑ ¿ÏÀü¼º °Ë»ç Tripwire °°Àº ¿ÏÀü¼º °Ë»ç ÇÁ·Î±×·¥À» ½ÇÇà½ÃÅ°´Â °Íµµ Áö¿ª »ç¿ëÀÚ¿¡ ÀÇÇÑ (±×¸®°í ³×Æ®¿÷À» ÅëÇÑ) ½Ã½ºÅÛ °ø°ÝÀ» ŽÁöÇس»´Â ¸Å¿ì ÁÁÀº ¹æ¹ýÀÌ´Ù. Tripwire´Â ½Ã½ºÅÛÀÇ Áß¿äÇÑ ÀÌÁø ÆÄÀϵé°ú ¼³Á¤ ÆÄÀϵé ÀüºÎ¿¡ ´ëÇÑ ´ëÁ¶ÀÛ¾÷À» ¼öÇàÇÏ°í ÀÌÀüÀÇ °á°ú °ªµé·Î ÀÌ·ç¾îÁø µ¥ÀÌÅͺ£À̽º¿Í ºñ±³ÇÑ´Ù. µû¶ó¼­ ÆÄÀÏÀÇ ¸ðµç º¯È­¿¡ ´ëÇؼ­ ½ÅÈ£¸¦ ¹Þ°Ô µÈ´Ù. Tripwire¸¦ Ç÷ÎÇÇ¿¡ ¼³Ä¡ÇÏ°í ¾²±â ¹æÁö ÅÇÀ» ºÙ¿©µÎ´Â °ÍÀÌ ÁÁ´Ù. ÀÌ·¸°Ô Çϸé ħÀÔÀÚ´Â tripwire ÀÚü¸¦ º¯Á¶Çϰųª µ¥ÀÌÅͺ£À̽º¸¦ ¹Ù²Ü ¼ö ¾ø°Ô µÈ´Ù. ÀÏ´Ü tripwire¸¦ ¼³Ä¡ÇÏ°í ³ª¸é, ÇÏ·ç¿¡ ÇÑ ¹ø ½ÇÇà½ÃÅ°°Å³ª Çؼ­ ¹º°¡ ¹Ù²ï °ÍÀÌ ÀÖ´ÂÁö È®ÀÎÇØ º¸´Â °ÍÀÌ ÁÁ´Ù. Tripwire´Â °¡Àå ºü¸£°Ô ħÀÔÀÚ¸¦ °¨ÁöÇس¾ ¼ö ÀÖ´Ù´Â Á¡¿¡¼­ ½ÅÀÌ ÁֽŠ¼±¹°ÀÏ ¼ö ÀÖ´Ù. ÇÏÁö¸¸ ´ë°³ ½Ã½ºÅÛÀÇ ¸¹Àº ÆÄÀϵéÀÌ ¹Ù²î¹Ç·Î ¹«¾ùÀÌ Å©·¡Ä¿ÀÇ ÁþÀÌ°í ¹«¾ùÀÌ ´ç½Å ÀÚ½ÅÀÌ ÇÑ ÀÏÀÎÁö ÁÖÀÇÇؼ­ »ìÆì¾ß ÇÑ´Ù. 4.6.7 CFS - Cryptographic File System °ú TCFS -transparent cryptographic File System. CSF´Â ÆÄÀÏ ½Ã½ºÅÛ Àüü¸¦ ¾ÏȣȭÇÏ°í »ç¿ëÀÚµéÀÌ ¾ÏȣȭµÈ ÆÄÀÏÀ» ÀÌ ¾ÏȣȭµÈ ÆÄÀÏ ½Ã½ºÅÛ¿¡ ÀúÀåÇÒ ¼ö ÀÖµµ·Ï ÇØÁÖ´Â ¹æ¹ýÀÌ´Ù. ÀÌ°ÍÀº Áö¿ªÀÇ ÄÄÇ»ÅÍ¿¡¼­ ½ÇÇà ÁßÀÎ NFS ¼­¹ö¸¦ »ç¿ëÇÑ´Ù. rpm ÆÄÀÏÀ» http://www.replay.com/redhat/¿¡¼­ ±¸ÇÒ ¼ö ÀÖ°í, ±× ÀÛµ¿¹æ½Ä¿¡ ´ëÇÑ Á¤º¸´Â ftp://ftp.research.att.com/dist/mab/ ¿¡ ´õ ÀÖ´Ù. TCSF´Â ¾ÏȣȭµÈ ÆÄÀÏ ½Ã½ºÅÛÀÌ ¸ðµç »ç¿ëÀÚ¿¡°Ô ¾²±â ½¬¿î °ÍÀÌ µÇµµ·Ï ´õ ¿Ï¼ºµµ¸¦ ³ô¿©¼­ CSF¸¦ °³·®ÇÑ °ÍÀÌ´Ù. http://edu-gw.dia.unisa.it/tcfs/ ¿¡¼­ ´õ ¸¹Àº Á¤º¸¸¦ ±¸ÇÒ ¼ö ÀÖ´Ù. 4.6.7 X11, SVGA¿Í µð½ºÇ÷¹ÀÌ º¸¾È. ±×·¡ÇÈ µð½ºÇ÷¹ÀÌÀÇ º¸¾ÈÀº Áß¿äÇÏ´Ù. °ø°ÝÀÚ°¡ ´ç½Å ¸ð¸£°Ô ´ç½ÅÀÌ ÀÔ·ÂÇÏ´Â Æнº¿öµå¸¦ °¡·Îä°Å³ª, ´ç½ÅÀÌ ´ç½ÅÀÇ ½ºÅ©¸° »ó¿¡¼­ Àаí ÀÖ´Â ¹®¼­³ª Á¤º¸¸¦ Àаųª, ¼öÆÛÀ¯ÀúÀÇ ±ÇÇÑÀ» ¾ò±â À§ÇØ ÇãÁ¡À» ÀÌ¿ëÇϱâ±îÁö ÇÏ´Â ÀϵéÀ» ¸·±â À§Çؼ­´Ù. ³×Æ®¿÷À» ÅëÇؼ­ ¶³¾îÁ®ÀÖ´Â ÄÄÇ»ÅÍ »óÀÇ X ÀÀ¿ëÇÁ·Î±×·¥À» ¼öÇàÇÏ´Â °Íµµ ¿ª½Ã ½º´ÏÆÛ(sniffer)µéÀÌ ´ç½Å°ú ¿ø°Ý ½Ã½ºÅÛ »çÀÌÀÇ »óÈ£ÀÛ¿ëÀ» ¸ðµÎ º¼ ¼ö Àֱ⠶§¹®¿¡ À§ÇèÀ¸·Î °¡µæÇÏ´Ù. X´Â ¸¹Àº ÅëÁ¦ ¹æ½ÄÀ» °¡Áö°í ÀÖ´Ù. °¡Àå °£´ÜÇÑ °ÍÀº È£½ºÆ®¿¡ ±â¹ÝÇÑ °ÍÀÌ´Ù. ´ç½ÅÀÇ µð½ºÇ÷¹ÀÌ¿¡ Á¢±ÙÇÒ ¼ö Àִ ȣ½ºÆ®¸¦ ÁöÁ¤Çϱâ À§Çؼ­ xhost¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù. ÇÏÁö¸¸ xhost¸¦ ¾²´Â °ÍÀº ¾ÈÀüÇÑ ¹æ¹ýÀº ¾Æ´Ï´Ù. ´©±º°¡°¡ ´ç½ÅÀÇ ÄÄÇ»ÅÍ¿¡ Á¢±ÙÇß´Ù¸é ±×µéÀº "xhost +±×µéÀÇ ÄÄÇ»ÅÍ"¸¦ ÀÔ·ÂÇؼ­ ½±°Ô µé¾î¿Ã ¼ö ÀÖ´Ù. ¾Æ¿ï·¯ ¹ÏÀ» ¼ö ¾ø´Â ÄÄÇ»ÅͷκÎÅÍÀÇ Á¢±ÙÀ» Çã¿ëÇß´Ù¸é, ±×ÂÊ ÄÄÇ»ÅÍÀÇ ´©±¸ ÀÌ°Ç ´ç½ÅÀÇ µð½ºÇ÷¹À̸¦ ´õ·´Èú ¼ö ÀÖ´Ù. ·Î±×ÀÎÀ» À§ÇØ xdm(x display manager)À» ¾´´Ù¸é, ´õ ³ªÀº Á¢±Ù ¹æ¹ýÀÎ MIT-MAGIC-COOKIE-1À» ±¸ÇÒ ¼ö ÀÖ´Ù. 128 ºñÆ®ÀÇ cookie Çϳª°¡ ¸¸µé¾îÁ®¼­ ´ç½ÅÀÇ .Xauthority ÆÄÀÏ¿¡ ÀúÀåµÈ´Ù. ¿ø°Ý ÄÄÇ»ÅÍ¿¡¼­ ´ç½ÅÀÇ µð½ºÇ÷¹ÀÌ¿¡ Á¢±ÙÇÏ´Â °ÍÀ» Çã¿ëÇÒ ÇÊ¿ä°¡ ÀÖ´Ù¸é, ±× ÄÄÇ»ÅͷκÎÅÍÀÇ Á¢±Ù ¸¸À» Á¦°øÇϱâ À§ÇØ xauth ¸í·É°ú ´ç½ÅÀÇ .Xauthority ÆÄÀÏ¿¡ µé¾îÀÖ´Â Á¤º¸¸¦ ¾µ ¼ö ÀÖ´Ù. ¾ÈÀüÇÑ X ¿¬°áÀ» À§Çؼ­ ssh(À§¿¡ ÀÖ´Â ssh ¼³¸íÀ» º¸¶ó)¸¦ ¾µ ¼öµµ ÀÖ´Ù. ssh´Â ¾ÏȣȭµÇÁö ¾ÊÀº ÀÚ·á´Â ³×Æ®¿÷À» ÅëÇØ Èê·¯ ´Ù´Ò ¼ö ¾øµµ·Ï Çϸç, ÃÖÁ¾ »ç¿ëÀÚ¿¡°Ô´Â ¾Æ¹« ´Ù¸¥ ´À³¦À» ÁÖÁö ¾Ê´Â´Ù´Â ÀåÁ¡µµ °®°í ÀÖ´Ù. X º¸¾È¿¡ ´ëÇØ ´õ ¸¹Àº Á¤º¸°¡ ÇÊ¿äÇϸé XsecurityÀÇ man ÆäÀÌÁö¸¦ º¸±â ¹Ù¶õ´Ù. ¾ÈÀüÇÑ ¹æ¹ýÀº Äֿܼ¡ ·Î±×ÀÎÇϱâ À§Çؼ­´Â xdmÀ» ¾²°í, X ÇÁ·Î±×·¥À» ¿ø°Ý ¼öÇà½ÃÅ°°í ½ÍÀº ¿ø°Ý »çÀÌÆ®µé·Î °¡±â À§Çؼ­´Â ssh¸¦ ¾²´Â °ÍÀÌ´Ù. SVGAlib ÇÁ·Î±×·¥µéÀº ´ç½ÅÀÇ ¸®´ª½º ÄÄÇ»ÅÍ¿¡ ÀÖ´Â ¸ðµç ºñµð¿À Çϵå¿þ¾î¿¡ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï Çϱâ À§ÇØ ·çÆ®·Î »ç¿ëÀÚ ¼³Á¤(suid)ÀÌ µÇ¾î ÀÖ´Ù. ¸¸ÀÏ ÀÌ ÇÁ·Î±×·¥µéÀÌ ±úÁö¸é, ´ë°³ ÄܼÖÀ» »ç¿ëÇϱâ À§Çؼ­ ´Ù½Ã ºÎÆýÃÄÑ¾ß ÇÑ´Ù. ´ç½ÅÀÌ ¼öÇà½ÃÅ°°í ÀÕ´Â ¸ðµç SVGA ÇÁ·Î±×·¥µéÀÌ Ãâó°¡ ºÐ¸íÇÑ °ÍÀÎÁö, ÃÖ¼ÒÇÑ ¹ÏÀ» ¸¸ÇÑ °ÍÀÎÁö È®ÀÎÇ϶ó. ´õ ³ªÀº ¹æ¹ýÀº SVGA ÇÁ·Î±×·¥µéÀ» ¾Æ¿¹ ¼öÇà½ÃÅ°Áö ¾Ê´Â °ÍÀÌ´Ù. ¸®´ª½º GGI °èȹÀº ¸®´ª½º¿¡¼­ÀÇ ºñµð¿À ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÑ ¿©·¯ °¡Áö ¹®Á¦µéÀ» ÇØ°áÇÏ°íÀÚ ÇÏ´Â ½ÃµµÀÌ´Ù. GGI´Â ºñµð¿À ÄÚµåÀÇ ÀÛÀº ºÎºÐÀ» ¸®´ª½º Ä¿³Î ¾ÈÀ¸·Î ¿Å°Ü ³õÀ» °ÍÀ̸ç, ºñµð¿À ½Ã½ºÅÛ¿¡ ´ëÇÑ Á¢±ÙÀ» ÅëÁ¦ÇÒ °ÍÀÌ´Ù. ÀÌ°ÍÀº GGI°¡ ¾î´À ¶§°Ç ÄܼÖÀ» ¾î¶² ÀÌ¹Ì ¾Ë·ÁÁø ÁÁÀº »óÅ·Πȸº¹½Ãų ¼ö ÀÖ´Ù´Â °ÍÀ» ¶æÇÑ´Ù. GGI´Â º¸¾È 󸮵µ °¡´ÉÇؼ­ ´ç½ÅÀÇ Äֿܼ¡¼­ ¼öÇàµÇ°í ÀÖ´Â ·Î±×ÀÎ ÇÁ·Î±×·¥¿¡ Æ®·ÎÀÌ ¸ñ¸¶°¡ ¾ø´ÂÁö È®ÀÎÇÒ ¼ö ÀÖ´Ù. http://synergy.caltech.edu/~ggi/ 4.6.8 identd identd´Â ÁÖ·Î inetd ¿ÜºÎ¿¡¼­ ¼öÇàµÇ´Â ÀÛÀº ÇÁ·Î±×·¥À¸·Î, ¾î¶² »ç¿ëÀÚ°¡ ¾î¶² tcp ¼­ºñ½º¸¦ ¼öÇà½ÃÅ°´ÂÁö ÃßÀûÇÏ°í, ´©±¸°Ç ¿ä±¸Çϸé ÃßÀû °á°ú¸¦ º¸°íÇÑ´Ù. ¸¹Àº »ç¶÷µéÀÌ identdÀÇ À¯¿ë¼ºÀ» ¿ÀÇØÇÏ°í, ÀÌ°ÍÀÌ ¼öÇàµÇÁö ¾Êµµ·Ï Çϰųª ¿ÜºÎ·ÎºÎÅÍÀÇ ¸ðµç ¿äûÀ» °ÅºÎÇϵµ·Ï ¸·¾ÆµÐ´Ù. identd´Â ¿ø°Ý »çÀÌÆ®¿¡ µµ¿òÀ» ÁÖ±â À§Çؼ­ ÀÖ´Â °ÍÀÌ ¾Æ´Ï´Ù. ´ç½ÅÀÌ ¿ø°Ý identd·Î ¾òÀº ÀÚ·á°¡ ¿ÇÀºÁö ¾Ë ¹æ¹ýÀº ¾ø´Ù. identd ¿äû¿¡´Â ¾Æ¹«·± ÀÎÁõ ÀýÂ÷°¡ ¾ø´Ù. ±×·¸´Ù¸é ¿Ö ´ç½ÅÀº identd¸¦ ¼öÇà½ÃÄÑ¾ß ÇÒ±î? identd°¡ _´ç½ÅÀ»_ µµ¿ÍÁֱ⠶§¹®ÀÌ°í, ÈçÀûÀ» ã¾Æ³»±â À§ÇÑ ¶Ç ´Ù¸¥ ÀÚ·áÀ̱⠶§¹®ÀÌ´Ù. ´ç½ÅÀÇ identd°¡ º¯Á¶µÇÁö ¾Ê¾Ò´Ù¸é ´ç½ÅÀº tcp ¼­ºñ½º¸¦ ¾²°í ÀÖ´Â »ç¶÷µéÀÇ »ç¿ëÀÚ À̸§À̳ª uid¸¦ identd°¡ ¿ø°Ý »çÀÌÆ®¿¡ ¸»ÇØÁÖ°í ÀÖ´Â °ÍÀ» ¾Ë°Ô µÈ´Ù. ¸¸¿¡ Çϳª ¿ø°Ý »çÀÌÆ®ÀÇ °ü¸®ÀÚ°¡ ´ç½Å¿¡°Ô ã¾Æ¿Í¼­ ´ç½Å ÄÄÇ»ÅÍÀÇ »ç¿ëÀÚ°¡ ÀÚ±âÀÇ »çÀÌÆ®·Î ħÀÔÇÏ·Á°í Çß´Ù°í ÇÑ´Ù¸é, ´ç½ÅÀº ½±°Ô ±× »ç¿ëÀÚ¿¡ ´ëÇؼ­ ÇൿÀ» ÃëÇÒ ¼ö ÀÖ´Ù. ´ç½ÅÀÌ identd¸¦ ½ÇÇà½ÃÅ°°í ÀÖÁö ¾Ê¾Ò´Ù¸é, ¼ö¸¹Àº ±â·ÏµéÀ» »ìÆ캸°í ´©°¡ ±× ¶§ ÀÖ¾ú´ÂÁö ã¾Æ³»¾ß ÇÑ´Ù. ÀÌ·± °æ¿ì ÀϹÝÀûÀ¸·Î ÈξÀ ±ä ½Ã°£ÀÌ °É¸®°Ô µÈ´Ù. ´ëºÎºÐÀÇ ¹èÆ÷ÆÇ¿¡ µé¾îÀÖ´Â identd´Â ¸¹Àº »ç¶÷µéÀÌ »ý°¢ÇÏ´Â °Íº¸´Ù ´õ ´Ù¾çÇÑ ¼³Á¤ÀÌ °¡´ÉÇÏ´Ù. ƯÁ¤ÇÑ »ç¿ëÀڵ鿡 ´ëÇؼ­´Â identd°¡ ÀÛµ¿ÇÏÁö ¾Êµµ·Ï ÇÒ ¼ö ÀÖ°í(ÀÌ·± »ç¿ëÀÚµéÀº .noident ÆÄÀÏÀ» ¸¸µé ¼ö ÀÖ´Ù), ¸ðµç identd ¿äûÀ» ±â·ÏÇϵµ·Ï ÇÒ ¼ö ÀÖÀ¸¸ç(ÇÊÀÚ´Â ÀÌ·¸°Ô Çϱ⸦ ±ÇÇÑ´Ù) »ç¿ëÀÚ À̸§ ´ë½Å uid³ª NO-USER¸¦ ¹ÝȯÇϵµ·Ï ÇÒ ¼öµµ ÀÖ´Ù. 4.7 ³×Æ®À¨ »ó¿¡¼­ÀÇ º¸¾È »ç¶÷µéÀÌ ´õ ¸¹Àº ½Ã°£À» ³×Æ®¿÷¿¡ ¿¬°áµÈ »óÅ·ΠÁö³¿¿¡ µû¶ó ³×Æ®¿÷ º¸¾ÈÀº Á¡Á¡ Áß¿äÇØÁö°í ÀÖ´Ù. ³×Æ®¿÷ º¸¾ÈÀ» ¶Õ´Â °ÍÀº ¹°¸®Àû º¸¾ÈÀ̳ª Áö¿ª º¸¾ÈÀ» ¶Õ´Â °Íº¸´Ù ´ë°³ ÈξÀ ½±°í ¶Ç ÈξÀ ÀÚÁÖ ÀϾ´Ù. ³×Æ®¿÷ º¸¾ÈÀ» µ½´Â ÁÁÀº µµ±¸µéÀÌ ¸¹ÀÌ ÀÖÀ¸¸ç, ¸®´ª½º ¹èÆ÷º»¿¡ Á¡Á¡ ´õ ¸¹ÀÌÆ÷ÇԵǰí ÀÖ´Ù. 4.7.1 ÆÐŶ ½º´ÏÆÛ(Packet Sniffers) ÀÏ´Ü ÇÑ È£½ºÆ®¿¡ ħÅõÇÑ Ä§ÀÔÀÚ°¡ ³×Æ®¿÷¿¡ ¿¬°áµÈ ´õ ¸¹Àº ½Ã½ºÅ۵鿡 Á¢±ÙÇÒ ±ÇÇÑÀ» ¾ò±â À§ÇØ °¡Àå ÈçÇÏ°Ô »ç¿ëÇÏ´Â ¹æ¹ý °¡¿îµ¥ Çϳª°¡ ÀÌ¹Ì Ä§ÀÔÇÑ È£½ºÆ®¿¡¼­ ÆÐŶ ½º´ÏÆÛ¸¦ »ç¿ëÇÏ´Â °ÍÀÌ´Ù. ÀÌ "½º´ÏÆÛ"´Â ÀÌ´õ³Ý Æ÷Æ®¸¦ ÅëÇØ ÆÐŶ È帧 °¡¿îµ¥ "Password", "Login", "su" °°Àº °Í¿¡¸¸ ±Í¸¦ ±â¿ïÀÌ°í´Â, ±× ´ÙÀ½¿¡ ¿À´Â ³»¿ëÀ» ±â·ÏÇصдÙ. ÀÌ·¸°Ô Çؼ­ °ø°ÝÀڴ ħÅõÇÏ·Á°í ½ÃµµÁ¶Â÷ ¾Ê¾Ò´ø ½Ã½ºÅÛÀ¸·Î µé¾î°¡´Â Æнº¿öµå¸¦ ¾ò°Ô µÈ´Ù. ¸í·áÇÑ ÅؽºÆ® Æнº¿öµå´Â ÀÌ·± °ø°Ý¿¡ ¸Å¿ì Ãë¾àÇÏ´Ù. ¿¹: È£½ºÆ® A°¡ ÀÌ¹Ì Ä§ÀÔ ´çÇß´Ù. °ø°ÝÀÚ´Â ½º´ÏÆÛ¸¦ ¼³Ä¡ÇÑ´Ù. ½º´ÏÆ۴ ȣ½ºÆ® C¿¡¼­ È£½ºÆ® B·Î µé¾î°¡´Â °ü¸®ÀÚÀÇ Á¢¼ÓÀ» Áý¾î³»¼­, °ü¸®ÀÚ°¡ B·Î ·Î±×ÀÎÇÒ ¶§ °ü¸®ÀÚÀÇ °³ÀÎ Æнº¿öµå¸¦ ¾ò´Â´Ù. ±× ´ÙÀ½ °ü¸®ÀÚ°¡ ¾î¶² ¹®Á¦¸¦ ÇØ°áÇϱâ À§ÇØ 'su'¸¦ »ç¿ëÇϸé, ½º´ÏÆ۴ ȣ½ºÆ® BÀÇ ·çÆ® Æнº¿öµå¸¦ ¾ò°Ô µÈ´Ù. ³ªÁß¿¡ °ü¸®ÀÚ°¡ Àڱ⠰èÁ¤À¸·ÎºÎÅÍ ´Ù¸¥ »çÀÌÆ®¿¡ Àִ ȣ½ºÆ® Z·Î ÅÚ³Ý Á¢¼ÓÇϸé, °ø°ÝÀڴ ȣ½ºÆ® Z·Î ·Î±×ÀÎÇÒ Æнº¿öµå±îÁö °®°Ô µÈ´Ù. ¿À´Ã³¯¿¡´Â °ø°ÝÀÚ°¡ ÆÐŶ ½º´ÏÆÛ¸¦ ¾²±â À§ÇØ ¾î¶² ½Ã½ºÅÛ¿¡ ħÀÔÇÒ ÇÊ¿äÁ¶Â÷ ¾ø´Ù. °ø°ÝÀÚµéÀº ·¦Å¾À̳ª PC¸¦ °Ç¹° ¾ÈÀ¸·Î °®°í µé¾î¿Í¼­ ³×Æ®¿÷¿¡ ¿¬°áÇÏ¸é µÇ´Â °ÍÀÌ´Ù. ssh³ª ´Ù¸¥ ¾ÏȣȭµÈ Æнº¿öµå ¹æ¹ýÀ» »ç¿ëÇϸé ÀÌ·± °ø°ÝÀ» ¹æÇØÇÒ ¼ö ÀÖ´Ù. pop °èÁ¤À» À§ÇÑ ATOP °°Àº °Íµµ ½º´ÏÆÛ °ø°ÝÀ» ¹æ¾îÇÒ ¼ö ÀÖ´Ù. (À¯¼±À» ÅëÇØ ¸í·áÇÑ ÅؽºÆ® Æнº¿öµå¸¦ Àü¼ÛÇÏ´Â °ÍÀÌ ´Ù ±×·¸µíÀÌ, º¸ÅëÀÇ pop ·Î±×ÀÎÀº ½º´ÏÆÛ¿¡ ´ë´ÜÈ÷ Ãë¾àÇÏ´Ù.) 4.7.2 ½Ã½ºÅÛ ¼­ºñ½º¿Í tcp_wrapper ¾î¶² ³×Æ®¿÷¿¡°Ç ´ç½ÅÀÇ ¸®´ª½º ½Ã½ºÅÛÀ» ¿¬°áÇßÀ» ¶§, °¡Àå ¸ÕÀú °í·ÁÇÒ °ÍÀº ¾î¶² ¼­ºñ½º¸¦ Á¦°øÇÏ¿©¾ß Çϴ°¡ ÀÌ´Ù. Á¦°øÇÒ ÇÊ¿ä°¡ ¾ø´Â ¼­ºñ½º´Â ¸·¾Æ¼­ °ÆÁ¤°Å¸®¸¦ Çϳª ´ú°í, °ø°ÝÀÚ°¡ ±¸¸ÛÀ» ãÀ» ¸¸ÇÑ °÷À» Çϳª ÁÙ¿©¾ß ÇÑ´Ù. ¸®´ª½º ½Ã½ºÅÛ¿¡¼­ ¼­ºñ½º¸¦ ºÒ°¡´ÉÇÏ°Ô ÇÏ´Â ¹æ¹ýÀº ¸¹ÀÌ ÀÖ´Ù. ´ç½ÅÀº /etc/inetd.conf ÆÄÀÏÀ» º¸°í ´ç½ÅÀÇ inetd°¡ ¾î¶² ¼­ºñ½º¸¦ Á¦°øÇÏ°í ÀÖ´ÂÁö ¾Ë¾Æº¼¼ö ÀÖ´Ù. ÇÊ¿ä ¾ø´Â ¼­ºñ½º´Â ¸ðµÎ ÁÖ¼®¹® 󸮸¦ Çؼ­ ¸·¾Æ¹ö¸®°í (# ÁÙÀÇ °¡Àå ¾Õ¿¡), inetd¿¡°Ô SIGHUP ½ÅÈ£¸¦ º¸³»µµ·Ï Ç϶ó. ¾Æ¿ï·¯ ÇØ´çÇÏ´Â ¼­ºñ½º¸¦ /etc/services ÆÄÀÏ¿¡¼­µµ ÁÖ¼®¹® 󸮸¦ Çϰųª »èÁ¦ÇÒ ¼öµµ ÀÖ´Ù. ¾ÕÀ¸·Î ¾î¶² ÆÐÅ°Áö¸¦ ¾µ ÀÏÀÌ ¾øÀ¸¸®¶ó´Â °ÍÀ» ¾È´Ù¸é, ±× ÆÐÅ°Áö¸¦ ¿ÏÀüÈ÷ »èÁ¦ÇÒ¼öµµ ÀÖ´Ù. ·¹µåÇÞ ¹èÆ÷º»¿¡¼­´Â rpm -e ¸í·ÉÀ¸·Î ÇÑ ÆÐÅ°Áö Àüü¸¦ Áö¿ï ¼ö ÀÖ´Ù. µ¥ºñ¾È¿¡¼­´Â dpkg·Î °°Àº ÀÛ¾÷À» ÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù. ´ç½ÅÀº /etc/rc.d/rcN.d¸¦ È®ÀÎÇØ¾ß ÇÑ´Ù. ¿©±â¼­ NÀº ´ç½Å ½Ã½ºÅÛÀÇ ·± ·¹º§ÀÌ´Ù. ±× µð·ºÅ͸® ¾È¿¡¼­ ºÎÆà ¶§¸¶´Ù ½ÇÇàµÇ´Â ¼­¹öµé °¡¿îµ¥ Ȥ½Ã ÇÊ¿ä ¾ø´Â °ÍÀÌ ÀÖ´ÂÁö º¸¶ó. ÇÊ¿ä ¾ø´Â ½ºÅ©¸³Æ®´Â ±×³É Áö¿ö¹ö¸®¸é, ´ÙÀ½¿¡ ºÎÆÃÇÒ ¶§¿¡´Â ±× ¼­¹ö´Â ½ÇÇàµÇÁö ¾Ê´Â´Ù. BSD Çü½ÄÀÇ rc ÆÄÀϵéÀ» °®°í ÀÖ´Ù¸é ÇÊ¿ä ¾ø´Â ÇÁ·Î±×·¥µéÀº /etc/rc*¿¡¼­ È®ÀÎÇØ¾ß ÇÑ´Ù. ´ëºÎºÐÀÇ ¸®´ª½º ¹èÆ÷º»¿¡´Â ´ç½ÅÀÇ ¸ðµç tcp ¼­ºñ½ºµéÀ» "°¨½ÎÁÖ´Â(wrapping)" tcp_wrapper°¡ µé¾îÀÖ´Ù. inetd°¡ ¿ä±¸¸¦ º¸³»¸é ÁøÂ¥ ¼­¹ö ´ë½Å tcp_wrapper (tcpd) Çϳª°¡ ¶á´Ù. tcpd´Â ¼­ºñ½º¸¦ ¿äûÇÑ È£½ºÆ®¸¦ È®ÀÎÇÏ°í, ¿äû¹ÞÀº ¼­ºñ½º¿¡ ÇØ´çÇÏ´Â ¼­¹ö¸¦ ½ÇÇà½ÃÅ°°Å³ª ±× È£½ºÆ®·ÎºÎÅÍÀÇ Á¢±ÙÀ» °ÅºÎÇÑ´Ù. ´ç½ÅÀº tcpd¸¦ ÀÌ¿ëÇؼ­ ´ç½ÅÀÇ tcp ¼­ºñ½º·ÎÀÇ Á¢±ÙÀ» Á¦ÇÑÇÒ ¼ö ÀÖ´Ù. /etc/hosts.allow ÆÄÀÏÀ» ¸¸µé°í, ´ç½Å ÄÄÇ»ÅÍÀÇ ¼­ºñ½º¿¡ Á¢±ÙÇÒ ÇÊ¿ä°¡ Àִ ȣ½ºÆ®µé¸¸À» Ãß°¡Çϵµ·Ï ÇÑ´Ù. ´ç½ÅÀÌ Áý¿¡¼­ ¸ðµ©À» ¾²´Â »ç¿ëÀÚ¶ó¸é, ÇÊÀÚ´Â ¸ðµç ¼­ºñ½º¿¡ ´ëÇÑ Á¢±ÙÀ» °ÅºÎÇϵµ·Ï ±ÇÇÑ´Ù. tcpd´Â ¼­ºñ½º¿¡ Á¢±ÙÇÏ·Á´Ù°¡ ½ÇÆÐÇÑ ½ÃµµµéÀ» ±â·ÏÇϹǷÎ, °ø°ÝÀ» ¹Þ°í ÀÖ´Ù´Â °ÍÀ» ¾Ë·ÁÁÙ ¼öµµ ÀÖ´Ù. tcp¿¡ ±â¹ÝÇÑ »õ·Î¿î ¼­ºñ½º¸¦ Ãß°¡·Î Á¦°øÇÏ°Ô µÇ¸é, ¹Ýµå½Ã tcp wrapperÀÇ ¼³Á¤¿¡ ±× ¼­ºñ½º¸¦ Ãß°¡ÇÏ¿©¾ß ÇÑ´Ù. 4.7.3 SATAN°ú ISS, ±× ¹ÛÀÇ ³×Æ®¿÷ °Ë»ç ÇÁ·Î±×·¥µé ¼¼»ó¿¡´Â Æ÷Æ®¿Í ¼­ºñ½º¸¦ ¹ÙÅÁÀ¸·Î ÄÄÇ»Å͵é°ú ³×Æ®¿÷¿¡ ´ëÇÑ °Ë»ç¸¦ ¼öÇàÇÏ´Â ¸¹Àº ¼ÒÇÁÆ®¿þ¾î ÆÐÅ°ÁöµéÀÌ ÀÖ´Ù. SATAN°ú ISS´Â ±× °¡¿îµ¥ ºñ±³Àû Àß ¾Ë·ÁÁø ÇÁ·Î±×·¥ÀÌ´Ù. ÀÌ ¼ÒÇÁÆ®¿þ¾îµéÀº Ç¥Àû ÄÄÇ»ÅÍÀÇ (ȤÀº ÇÑ ³×Æ®¿÷ »óÀÇ ¸ðµç Ç¥Àû ÄÄÇ»Å͵éÀÇ) °¡´ÉÇÑ ¸ðµç Æ÷Æ®¿¡ ¿¬°áÇÏ·Á°í ½ÃµµÇϸç, ¾î¶² ¼­ºñ½º°¡ ¼öÇàµÇ°í ÀÖ´ÂÁö ã¾Æ³»°íÀÚ ÇÑ´Ù. ÀÌ Á¤º¸¸¦ ¹ÙÅÁÀ¸·Î Ç¥Àû ÄÄÇ»ÅÍ°¡ ¾î¶² °ø°Ý¿¡ Ãë¾àÇÑÁö ãÀ» ¼ö ÀÖ´Ù. SATAN(Security Administrators Tool for Analyzing Networks)´Â À¥ ÀÎÅÍÆäÀ̽º¸¦ °¡Áø Æ÷Æ® °Ë»ç ÇÁ·Î±×·¥ÀÌ´Ù. ÄÄÇ»ÅÍ ÇÑ ´ë³ª ÇϳªÀÇ ³×Æ®¿÷¿¡ ´ëÇÑ °Ë»ç °­µµ´Â °­,Áß, ¾àÀ¸·Î ¼³Á¤ÇÒ ¼ö ÀÖ´Ù. SATANÀ» ±¸Çؼ­ ´ç½ÅÀÇ ÄÄÇ»Åͳª ³×Æ®¿÷À» Á¶»çÇغ¸°í ¹ß°ßµÈ ¹®Á¦¸¦ °íÄ¡´Â °ÍÀÌ ÁÁ´Ù. SATANÀ» ¼±»çÀÌÆ®³ª À¯¸íÇÑ FTP, À¥ »çÀÌÆ®¿¡¼­ ±¸Çϵµ·Ï ÁÖÀÇÇØ¾ß ÇÑ´Ù. ÀÎÅͳݿ¡ SATANÀ» °¡ÀåÇÑ Æ®·ÎÀÌ ¸ñ¸¶°¡ ÀÖ¾ú±â ¶§¹®ÀÌ´Ù. http://www.trouble.org/~zen/satan/satan.html ISS (Internet Security Scanner)´Â Æ÷Æ®¸¦ ¹ÙÅÁÀ¸·Î °Ë»çÇÏ´Â ¶Ç ´Ù¸¥ ÇÁ·Î±×·¥ÀÌ´Ù. SATAN º¸´Ù ºü¸£¸ç, µû¶ó¼­ ´ë±Ô¸ðÀÇ ³×Æ®¿÷À» °Ë»çÇϱ⿡ ´õ ÀûÇÕÇÒ ¼ö ÀÖ´Ù. ÇÏÁö¸¸ SATANÀÌ ´õ ¸¹Àº Á¤º¸¸¦ Á¦°øÇÏ´Â °æÇâÀÌ ÀÖ´Ù. 4.7.4 Æ÷Æ® °Ë»öÀ» °¨ÁöÇϱâ. SATANÀ̳ª ISS µîÀÇ ¼ÒÇÁÆ®¿þ¾î°¡ ´ç½ÅÀÇ ÄÄÇ»Å͸¦ ŽÁöÇÏ°í ÀÖ´Ù´Â °ÍÀ» °æº¸ÇØÁÖµµ·Ï ¸¸µé¾îÁø µµ±¸µéÀÌ ¸î °¡Áö ÀÖ´Ù. ÇÏÁö¸¸ tcp_wrapper¸¦ Àß È°¿ëÇÏ°í ±â·Ï ÆÄÀϵéÀ» Á¤±âÀûÀ¸·Î »ìÆ캸±â¸¸ Çصµ, ±×·± Ž»öÀ» ¾Ë¾ÆÂ÷¸± ¼ö ÀÖ´Ù. tcp_wrapper¸¦ °¡Àå ³·Àº ¼öÁØÀ¸·Î ¼³Á¤ÇØ µÎ´õ¶óµµ SATANÀº º¸ÅëÀÇ ·¹µåÇÞ ½Ã½ºÅÛ ±â·ÏÆÄÀÏ¿¡ ÀÚ±¹À» ³²±ä´Ù. 4.7.5 pgp¿Í public key ¾ÏÈ£ÀÛ¼º/Çص¶¹ý ¸®´ª½º´Â pgp (pretty good privacy)¸¦ Àß Áö¿øÇÑ´Ù. 2.62¿Í 5.0 ¹öÀüÀº Àß ÀÛµ¿ÇÑ´Ù°í ¾Ë·ÁÁ® ÀÖ´Ù. pgp¿¡ ´ëÇÑ ÈǸ¢ÇÑ ÀÔ¹®¼­¿Í »ç¿ë¹ýÀÌ ÇÊ¿äÇÏ´Ù¸é pgp FAQ¸¦ º¸±â ¹Ù¶õ´Ù. http://www.pgp.com/service/export/faq/55faq.cgi 4.7.6 ssh¿Í stelnet ssh (secure shell)¿Í stelnetÀº ¿ø°Ý ½Ã½ºÅÛÀ¸·ÎÀÇ ·Î±×Àΰú ¿¬°áÀ» ¾ÏȣȭÇØ ÁÖ´Â ÇÁ·Î±×·¥µéÀÌ´Ù. ssh´Â È£½ºÆ® spoofing °ø°ÝÀ» ¸·¾Æ³»¸ç (ssh´Â Àü¿¡ ¿¬°áµÇ¾ú´ø È£½ºÆ®·ÎºÎÅÍ Æ¯Á¤ÇÑ Å°°¡ µ¹¾Æ¿À±â¸¦ ±â´ëÇÑ´Ù), ¿ø°Ý ÄÄÇ»ÅÍ¿ÍÀÇ ¸ðµç Åë½ÅÀ» ¾ÏȣȭÇÒ »Ó ¾Æ´Ï¶ó ¾ÐÃà°ú X11 forwarding±îÁö ¼öÇàÇÑ´Ù. ssh´Â packet sniffer °ø°ÝÀ» ÅðÄ¡Çϱ⿡ ¸Å¿ì ÁÁ´Ù. (packet sniffer´Â ¾ÏȣȭµÈ ÆÐŶ¸¸ ÇÑ ´Ù¹ß °¡Áú °ÍÀÌ´Ù) ssh´Â °³ÀÎ »ç¿ëÀÚ¿¡°Ô´Â ¹«·áÀ̹ǷΠ°³ÀÎ »çÀÌÆ®¶ó¸é ¼³Ä¡Çؼ­ »ç¿ëÇϵµ·Ï ±ÇÇÑ´Ù. http://www.cs.hut.fi/ssh/ stelnetÀº ÅÚ³Ý ¿¬°áÀ» ¾ÏȣȭÇØÁÖ´Â ÅÚ³ÝÀÇ º¸¾È ´ëü¹°ÀÌ´Ù. 4.7.7 sendmail, qmail°ú MTAµé. ´ç½ÅÀÌ Á¦°øÇÒ ¼ö ÀÖ´Â °¡Àå Áß¿äÇÑ ¼­ºñ½ºµé °¡¿îµ¥ Çϳª°¡ ¸ÞÀÏ ¼­¹öÀÌ´Ù. ºÒÇàÇÏ°Ôµµ ¸ÞÀÏ ¼­¹ö´Â °ø°Ý¿¡ °¡Àå Ãë¾àÇÑ ¼­ºñ½º ÁßÀÇ ÇϳªÀε¥, ±× ±î´ßÀº ´ÜÁö ±×°ÍÀÌ ¼öÇàÇØ¾ß ÇÏ´Â ÀÛ¾÷ÀÇ ¼ýÀÚ¿Í ÇÊ¿ä·Î ÇÏ´Â ±ÇÇÑÀÌ ¸¹±â ¶§¹®ÀÌ´Ù. sendmailÀ» ¾²°í ÀÖ´Ù¸é, ÃֽŠ¹öÀüÀ» »ç¿ëÇÏ´Â °ÍÀÌ ¸Å¿ì Áß¿äÇÏ´Ù. sendmailÀº ¸Å¿ì ¸Å¿ì ¿À·¡ ÀüºÎÅÍ º¸¾È»óÀÇ ÇãÁ¡À» °ø°Ý´çÇØ ¿Ô´Ù. Ç×»ó °¡Àå ÃÖ±ÙÀÇ ¹öÀüÀ» »ç¿ëÇϵµ·Ï À¯ÀÇÇ϶ó. http://www.sendmail.org ¸ÅÁÖ sendmail ¹öÀüÀ» ¾÷±×·¹À̵åÇϱ⿡ ÁöÃÆ´Ù¸é, qmail·Î ¹Ù²ãº¸´Â °Íµµ °í·ÁÇغ¼¸¸ ÇÏ´Ù. qmailÀº óÀ½ºÎÅÍ º¸¾ÈÀ» ¿°µÎ¿¡ µÎ°í ¼³°èµÇ¾ú´Ù. ÀÌ ÇÁ·Î±×·¥Àº ºü¸£°í¾ÈÁ¤ÀûÀÌ°í ¾ÈÀüÇÏ´Ù. http://www.qmail.org 4.7.8 ¼­ºñ½º °ÅºÎ¸¦ ÀÌ¿ëÇÑ °ø°Ý. ¼­ºñ½º °ÅºÎ¸¦ ÀÌ¿ëÇÑ °ø°ÝÀº ½Ã½ºÅÛ ÀÚ¿øÀÇ ÀϺθ¦ ¸Å¿ì ¹Ù»Ú°Ô ¸¸µé¾î¼­, Á¤´çÇÑ ¿äû¿¡ ´äÇÏÁö ¸øÇÏ°Ô ¸¸µé°Å³ª, Á¤´çÇÑ »ç¿ëÀÚÀÇ ½Ã½ºÅÛ Á¢±ÙÀ» °ÅºÎÇÏ°Ô ¸¸µå´Â °ÍÀÌ´Ù. ÀÌ·± °ø°ÝÀº ±Ù³â¿¡ µé¾î Å©°Ô Áõ°¡ÇØ¿Ô´Ù. ºñ±³Àû ÃÖ±ÙÀÇ °ø°Ý¹æ¹ý °¡¿îµ¥ Àß ¾Ë·ÁÁø °ÍµéÀ» ¾Æ·¡¿¡ ¼Ò°³Çß´Ù. »õ·Î¿î °ø°Ý¹æ¹ýµéÀÌ Ç×»ó ³ªÅ¸³ª°í ÀÖÀ¸¹Ç·Î ¿©±â ¼Ò°³µÈ °ÍµéÀº ±×Àú ¸î °¡Áö »ç·Ê¿¡ ºÒ°úÇÏ´Ù´Â °ÍÀ» ¸í½ÉÇØ¾ß ÇÑ´Ù. ´õ »õ·Î¿î Á¤º¸¸¦ ¾òÀ¸·Á¸é ¸®´ª½º º¸¾È ¸®½ºÆ®¸¦ Àеµ·Ï Ç϶ó. SYN ¹ü¶÷(flooding). SYN ¹ü¶÷À̶õ ³×Æ®¿÷À» ÅëÇÑ ¼­ºñ½º °ÅºÎ °ø°ÝÀÌ´Ù. ÀÌ ¹æ¹ýÀº TCP ¿¬°áÀÌ ¸¸µé¾îÁö´Â ¹æ¹ý¿¡ ÀÖ´Â "ÇãÁ¡"À» ÀÌ¿ëÇÑ´Ù. (2.0.30 ÀÌÈÄÀÇ) »õ·Î¿î ¸®´ª½º Ä¿³ÎµéÀº SYN ¹ü¶÷ °ø°Ý¿¡ ÀÇÇØ »ç¶÷µéÀÌ ´ç½ÅÀÇ ÄÄÇ»Åͳª ¼­ºñ½º¿¡ Á¢±ÙÇÏÁö ¸øÇÏ´Â °ÍÀ» ¸·±â À§ÇØ CONFIG_SYN_COOKIES¿Í CONFIG_RST_COOKIES °°Àº ¼³Á¤ °¡´ÉÇÑ ¿É¼ÇµéÀ» °¡Áö°í ÀÖ´Ù. SYN ¹ü¶÷ °ø°ÝÀÇ À§ÇèÀ» ÁÙÀ̱â À§Çؼ­´Â ÀÌ ¿É¼ÇµéÀ» ¼±ÅÃÇؼ­ Ä¿³ÎÀ» ´Ù½Ã ÄÄÆÄÀÏ Çϵµ·Ï Ç϶ó. ÆæƼ¾ö "FOOF" ¹ö±×. ÀÎÅÚÀÇ Á¤Ç° ÆæƼ¾ö ÇÁ·Î¼¼¼­¿¡ ÀÏ·ÃÀÇ ¾î¼Àºí¸® Äڵ带 º¸³¾ °æ¿ì ÄÄÇ»ÅÍ°¡ µ¿ÀÛÀ» ¸ØÃá´Ù´Â °ÍÀÌ ÃÖ±Ù¿¡ ¹ß°ßµÇ¾ú´Ù. ÀÌ°ÍÀº ¾î¶² ¿î¿µÃ¼Á¦Àΰ¡¿¡ °ü°è¾øÀÌ (¸ðÁ¶Ç°°ú ÆæƼ¾ö ÇÁ·Î, ÆæƼ¾ö2¸¦ Á¦¿ÜÇÑ) ÆæƼ¾ö ÇÁ·Î¼¼¼­¸¦ »ç¿ëÇÏ´Â ¸ðµç ÄÄÇ»ÅÍ¿¡ ¿µÇâÀ» ¹ÌÄ£´Ù. 2.0.32 ÀÌ»óÀÇ ¸®´ª½º Ä¿³Î¿¡´Â ÀÌ ¹ö±×·Î ÀÎÇØ ÄÄÇ»ÅÍ°¡ ´Ù¿îµÇ´Â °ÍÀ» ¸·±â À§ÇÑ ÀÛ¾÷ ¼º°úµéÀÌ Æ÷ÇԵǾî ÀÖ´Ù. ÆæƼ¾öÀ» »ç¿ëÇÏ°í ÀÖ´Ù¸é, Áö±Ý ¾÷±×·¹À̵带 ÇØ¾ß ÇÑ´Ù. Ping ¹ü¶÷. Ping ¹ü¶÷Àº °£´ÜÇÏ°í ³­ÆøÇÑ ¼­ºñ½º °ÅºÎ °ø°ÝÀÇ ÀÏÁ¾ÀÌ´Ù. °ø°ÝÀÚ´Â ICMP ÆÐŶ Çϳª¸¦ "¸ÔÀÌ"·Î ´ç½ÅÀÇ ÄÄÇ»ÅÍ¿¡ º¸³½´Ù. °ø°ÝÀÚ°¡ ÀÌ ÁþÀ» ´ç½ÅÀÇ ÄÄÇ»ÅÍ º¸´Ù ÁÁÀº ÁÖÆļö ´ë¿ªÀ» °®´Â ÄÄÇ»ÅÍ¿¡¼­ ÇÑ´Ù¸é, ´ç½ÅÀÇ ÄÄÇ»ÅÍ´Â ³×Æ®¿÷À¸·Î ¾Æ¹« °Íµµ Àü¼ÛÇÒ ¼ö ¾ø°Ô µÉ °ÍÀÌ´Ù. ÀÌ °ø°Ý¹ýÀÇ º¯Á¾ Áß ÇϳªÀÎ "ÆĵµÅ¸±â"´Â ´ç½Å ÄÄÇ»ÅÍÀÇ IP·Î ¹ÝÀÀÀÌ µ¹¾Æ°¡µµ·Ï Çؼ­ ICMP ÆÐŶÀ» ´Ù¸¥ È£½ºÆ®¿¡ º¸³½´Ù. ÀÌ·¸°Ô Çϸé ã¾Æ³»±â°¡ ´õ ¾î·Á¿öÁø´Ù. Ping ¹ü¶÷ °ø°ÝÀ» ¹Þ°í ÀÖ´Ù¸é, ¾îµð¿¡¼­ ÆÐŶÀÌ ¿À´ÂÁö (ȤÀº ¿À´Â °Íó·³ º¸ÀÌ´ÂÁö) ¾Ë¾Æ³»±â À§Çؼ­ tcpdump °°Àº µµ±¸¸¦ ¾²µµ·Ï Ç϶ó. ±×¸®°í ´ç½ÅÀÇ ³×Æ®¿÷ Á¦°øÀÚ¿¡°Ô ÀÌ »ç½ÇÀ» ¿¬¶ôÇϵµ·Ï Ç϶ó. Ping ¹ü¶÷Àº ¶ó¿ìÅÍ ¼öÁØ¿¡¼­ Â÷´ÜÇÏ´Â °ÍÀÌ °¡Àå ½±´Ù. 4.7.9 NFS (Network File System) º¸¾È. NFS´Â ¸Å¿ì ³Î¸® ¾²ÀÌ´Â ÆÄÀÏ °øÀ¯ ÇÁ·ÎÅäÄÝÀÌ´Ù. NFS¸¦ ÀÌ¿ëÇϸé nfsd¸¦ ½ÇÇà½ÃÅ°´Â ¼­¹öÀÇ Àüü ÆÄÀÏ ½Ã½ºÅÛÀ» mountd¸¦ ½ÇÇàÇÏ´Â ´Ù¸¥ ÄÄÇ»Å͵é°ú °øÀ¯ÇÒ ¼ö ÀÖ´Ù. ¸¹Àº »çÀÌÆ®¿¡¼­ »ç¿ëÀڵ鿡°Ô Ȩµð·ºÅ͸®¸¦ Á¦°øÇϱâ À§ÇØ NFS¸¦ »ç¿ëÇÏ°í ÀÖÀ¸¸ç, ÀÌ·¸°Ô ÇÔÀ¸·Î½á »ç¿ëÀÚµéÀÌ ·Î±×ÀÎÇÑ °ÍÀÌ ¾î´À ÄÄÇ»ÅÍÀÌ°Ç »ç¿ëÀÚµéÀº ±×µéÀÇ ¸ðµç ȨÆÄÀϵéÀ» °®°Ô µÈ´Ù. ÆÄÀϽýºÅÛÀ» °øÀ¯ÇÒ ¶§ »ç¿ëÇÒ ¼ö ÀÖ´Â "º¸¾È" ¼³Á¤ÀÌ ¸î °¡Áö ÀÖ´Ù. ´ç½ÅÀº ¿ø°Ý ÄÄÇ»ÅÍÀÇ ·çÆ® »ç¿ëÀÚ(uid=0)¸¦ nobody »ç¿ëÀÚ·Î ´ëÀÀ½ÃÄѼ­, °øÀ¯µÈ ÆÄÀϽýºÅÛ¿¡ ¿ÏÀüÇÑ Á¢±Ù±ÇÇÑÀ» °®´Â °ÍÀ» °ÅºÎÇϵµ·Ï nsfd¸¦ ¼³Á¤ÇØ¾ß ÇÑ´Ù. ±×·¯³ª °³ÀÎ »ç¿ëÀÚ´Â °¢ÀÚÀÇ (ȤÀº ÃÖ¼ÒÇÑ °°Àº uidÀÇ) ÆÄÀÏ¿¡ ´ëÇÑ Á¢±Ù±ÇÀÌ Àֱ⠶§¹®¿¡, ¿ø°ÝÁöÀÇ ¼öÆÛÀ¯Àú´Â Àڱ⠰èÁ¤À¸·ÎÀÇ ·Î±×ÀÎÀ̳ª su »ç¿ëÀÌ °¡´ÉÇϸç, ÀÚ±â ÆÄÀϵ鿡 ´ëÇؼ­ ¿ÏÀüÇÑ Á¢±Ù±ÇÀ» °¡Áú ¼ö ÀÖ´Ù. ÀÌ·¸°Ô ÇÏ´Â °ÍÀº ¿ø°Ý ÆÄÀϽýºÅÛÀ» ¸¶¿îÆ®ÇÒ ±ÇÇÑÀ» °¡Áø °ø°ÝÀÚ¿¡°Ô´Â »ç¼ÒÇÑ Àå¾Ö¹°¹Û¿¡ µÇÁö ¸øÇÑ´Ù. NFS¸¦ ²À ½á¾ßÇÑ´Ù¸é, ²À °øÀ¯Çؾ߸¸ ÇÏ´Â ÄÄÇ»Å͵é·Î¸¸ °øÀ¯½ÃÅ°µµ·Ï À¯ÀÇÇ϶ó. ·çÆ® µð·ºÅ͸® ÀüºÎ¸¦ °øÀ¯Çؼ­´Â Àý´ë·Î ¾ÈµÇ¸ç, ÇÊ¿äÇÑ µð·ºÅ͸®µé¸¸ °øÀ¯ÇØ¾ß ÇÑ´Ù. NFS¿¡ ´ëÇÑ ´õ ÀÚ¼¼ÇÑ Á¤º¸°¡ ÇÊ¿äÇϸé NFS ÇÏ¿ìÅõ¸¦ º¸µµ·Ï Ç϶ó. NFS HOWTO 4.7.10 NIS (Network Information service) (¿¹ÀüÀÇYP). ³×Æ®¿÷ Á¤º¸ ¼­ºñ½º(Network Information service, ¿¹ÀüÀÇ YP)´Â ÇÑ ¹«¸®ÀÇ ÄÄÇ»Å͵鿡 Á¤º¸¸¦ ³ª´©¾îÁÖ´Â ÇÑ °¡Áö ¹æ½ÄÀÌ´Ù. NIS ¼­¹ö´Â Á¤º¸ÀÇ Ç¥¸¦ °¡Áö°í ÀÖÀ¸¸é¼­ ±×°ÍµéÀ» NIS ´ëÀÀ ÆÄÀϵé·Î º¯È¯ÇÑ´Ù. ÀÌ ´ëÀÀ ÆÄÀϵéÀÌ ³×Æ®¿÷À» ÅëÇØ Á¦°øµÊÀ¸·Î½á NIS Ŭ¶óÀ̾ðÆ® ÄÄÇ»Å͵éÀº ·Î±×Àΰú Æнº¿öµå, Ȩ µð·ºÅ͸®¿Í ¼Ð¿¡ ´ëÇÑ Á¤º¸(Áï º¸ÅëÀÇ /etc/passwd ÆÄÀÏ¿¡ µé¾îÀÖ´Â ¸ðµç Á¤º¸)¸¦ ¾òÀ» ¼ö ÀÖ°Ô µÈ´Ù. NIS¸¦ ÀÌ¿ëÇÏ¸é »ç¿ëÀÚµéÀº Æнº¿öµå¸¦ ÇÑ ¹ø ¹Ù²ÞÀ¸·Î½á ±× NIS ¿µ¿ª¿¡ µé¾îÀÖ´Â ¸ðµç ÄÄÇ»Å͵鿡 ¿µÇâÀ» ÁÙ ¼ö ÀÖ´Ù. NIS´Â °áÄÚ ¾ÈÀüÇÏÁö ¸øÇÏ´Ù. ¾ÈÀüÇϵµ·Ï ÇÏ°íÀÚ Çß´ø ÀûÁ¶Â÷ ¾ø´Ù. NIS´Â °£ÆíÇÏ°í ¾µ¸ð ÀÖµµ·Ï °í¾ÈµÇ¾ú´Ù. (³×Æ®¿÷ »óÀÇ ¾îµð¿¡ ÀÖ°Ç) ´ç½ÅÀÇ NIS ¿µ¿ªÀÇ À̸§À» ÁüÀÛÇÒ ¼ö ÀÖ´Â »ç¶÷Àº ´ç½ÅÀÇ passwd ÆÄÀÏ º¹»çº»À» ¾òÀ» ¼ö ÀÖ°í, ´ç½ÅÀÇ »ç¿ëÀÚ Æнº¿öµå¸¦ ±ú±â À§ÇØ crack°ú john the ripper¸¦ ¾µ ¼ö ÀÖ°Ô µÈ´Ù. NIS¸¦ ¼Ó¿©¼­ ¿Â°® ÃßÀâÇÑ ¼ÓÀÓ¼ö¸¦ ¾µ ¼öµµ ÀÖ´Ù. ²À NIS¸¦ ½á¾ß °º´Ù¸é, ÀÌ·± À§ÇèµéÀ» Àß ¾Ë°í ÀÖ¾î¾ß ÇÑ´Ù. 4.7.11 ¹æÈ­º® ¹æÈ­º®(firewall)Àº ´ç½ÅÀÇ Áö¿ª ³×Æ®¿÷ ¾ÈÆÆÀ¸·Î ¿À°¥ ¼ö ÀÖ´Â Á¤º¸¸¦ ÅëÁ¦ÇÏ´Â ÇÑ °¡Áö ¹æ¹ýÀÌ´Ù. ÀüÇüÀûÀÎ ¹æ½ÄÀº ¹æÈ­º® È£½ºÆ®¸¦ ÀÎÅͳݰú Áö¿ª lan¿¡ ¿¬°á½ÃÅ°°í, lan°ú ÀÎÅÍ³Ý »çÀÌÀÇ Á¢±ÙÀº ¹æÈ­º®À» ÅëÇؼ­¸¸ °¡´ÉÇϵµ·Ï ÇÏ´Â °ÍÀÌ´Ù. ÀÌ·¸°Ô ÇÏ¸é ¹æÈ­º®¿¡¼­ ÀÎÅͳݰú ´ç½ÅÀÇ lan »çÀ̸¦ ¿À°¡´Â Á¤º¸¸¦ Á¦¾îÇÒ ¼ö ÀÖ´Ù. ¹æÈ­º®À» ¼³Á¤ÇÏ´Â ¼ö¸¹Àº À¯Çü°ú ¹æ¹ýµéÀÌ ÀÖ´Ù. ¸®´ª½º ÄÄÇ»ÅÍ´Â »ó´çÈ÷ Àú·ÅÇϸ鼭µµ ÈǸ¢ÇÑ ¹æÈ­º®ÀÌ µÉ ¼ö ÀÖ´Ù. ¹æÈ­º® ÄÚµå´Â ÄÄÆÄÀÏÀ» ÅëÇØ 2.0 ÀÌ»óÀÇ Ä¿³Î¿¡ ¹Ù·Î »ðÀ﵃ ¼ö ÀÖ´Ù. »ç¿ëÀÚ °ø°£ µµ±¸ÀÎ ipfwadmÀ» ¾²¸é, »ç¿ë Áß¿¡µµ Çã¿ëµÇ´Â ³×Æ®¿÷ ¼ÒÅëÀÇ À¯ÇüÀ» ¹Ù²Ü ¼ö ÀÖ´Ù. ¹æÈ­º®Àº ³×Æ®¿÷À» ¾ÈÀüÇÏ°Ô ÇÏ´Â ¸Å¿ì Áß¿äÇÏ°íµµ À¯¿ëÇÑ ±â¼úÀÌ´Ù. ÇÏÁö¸¸ ¹æÈ­º®ÀÌ ÀÖÀ¸´Ï±î ±× µÚÀÇ ³×Æ®¿÷¿¡ ÀÖ´Â ÄÄÇ»Å͵éÀÇ º¸¾ÈÀº ÇÊ¿ä ¾ø´Ù°í »ý°¢Çؼ­´Â Àý´ë·Î ¾È µÈ´Ù. ÀÌ·¸°Ô »ý°¢ÇÏ´Â °ÍÀº Ä¡¸íÀûÀÎ ½Ç¼ö´Ù. ¹æÈ­º®°ú ¸®´ª½º¿¡ ´ëÇÑ Á¤º¸¸¦ ´õ¾ò°í ½ÍÀ¸¸é °¡±î¿î ¼± »çÀÌÆ®¿¡ °¡¼­ ¸Å¿ì ÈǸ¢ÇÑ ¹æÈ­º® ÇÏ¿ìÅõ¸¦ Àоµµ·Ï Ç϶ó. http://sunsite.unc.edu/mdw/HOWTO/Firewall-HOWTO.html 4.7.12 IP Spoofing ±â¼ú ¹Ì ±¹¹æ¼ºÀÇ TCP/IP ÇÁ·ÎÅäÄÝ Ç¥ÁØÀº 1979³â ÀÎÅͳÝÀ» ±¸ÇöÇϱâ À§Çؼ­ µðÀÚÀεǾú´Ù. °¡Àå ¸¹ÀÌ ¾²ÀÌ´Â TCP/IP´Â 4.2BSD ½Ã½ºÅÛ¿¡¼­ ±¸ÇöµÈ °ÍÀ¸·Î Bell Lab°ú ¹Ì±¹¹æ¼º ³×Æ®¿÷¿¡¼­ »ç¿ëµÇ¾ú´Ù. 4.2BSD À¯´Ð½º TCP/IP ÇÁ·Î±×·¥Àº ¸Å¿ì À¯µ¿ÀûÀÌ¸ç »ç¿ëÇϱâ Æí¸®ÇÏÁö¸¸ º¸¾ÈÃø¸é¿¡¼­´Â ¸¹Àº ¾àÁ¡À» °¡Áö°í ÀÖ´Ù. ÀÌ ¾àÁ¡ÀÇ Çϳª¸¦ °ø°ÝÇÏ´Â IP Spoofing AttackÀº 1985³â Morris¿¡ ÀÇÇÏ¿© ¾ÆÀ̵ð¾î°¡ óÀ½ ÁöÀûµÇ¾ú°í, ½ÇÁ¦·Î 1995³âµµ San Diego Supercomputer Center¸¦ ÇØÅ·Çϴµ¥ Kevin MitnickÀÌ »ç¿ëÇϱ⵵ ÇÏ¿´´Ù. 4.7.12.1 ¹®Á¦ÀÇ ½ÃÀÛÁ¡ TCP/IP ÇÁ·ÎÅäÄÝÀº ±¸Çö½ÃÀÇ Á¤È®¼º¿¡µµ ºÒ±¸ÇÏ°í ±× ¼³°èÀÇ °áÁ¡À¸·Î ÀÎÇؼ­ º¸¾È»ó¿¡ Å« Ãë¾àÁ¡À» °¡Áö°í ÀÖ´Ù. ±× ¿äÀÎÀº ´ÙÀ½°ú °°´Ù. È£½ºÆ®ÀÇ ÀÎÁõ ¹®Á¦ È£½ºÆ®¿¡ ´ëÇÑ ÀÎÁõÀ» IPÀÇ ¼Ò½º ÁÖ¼Ò¸¸À¸·Î ¼öÇàÇÑ´Ù. ¾Õ¼­ ¾ð±ÞÇÑ TCPÀÇ ¿¬°á ±¸ºÐ ü°è¿¡¼­µµ º¼ ¼ö ÀÖµíÀÌ °ø°ÝÇÒ ´ë»óÀÇ IP ÁÖ¼Ò¿Í Æ÷Æ® ¹øÈ£´Â ¾Ë·ÁÁ® ÀÖ°í, ¼Ò½º È£½ºÆ®ÀÇ Æ÷Æ®´Â ephemeral Æ÷Æ® ¹øÈ£¸¦ »ç¿ëÇϹǷΠ¼Ò½º È£½ºÆ®ÀÇ IP ÁÖ¼Ò¸¸À» ¼ÓÀÏ ¼ö ÀÖ´Ù¸é ´Ù¸¥ È£½ºÆ®¿¡ ¿¬°áÀ» ¸ÎÀ» ¼ö ÀÖ´Ù. BerkeleyÀÇ `r-utility'µéÀÌ ´ÜÀûÀÎ ¿¹ÀÌ´Ù. ¼ø¼­ ¹øÈ£(sequence number)ÀÇ »ý¼º ¹®Á¦ TCP ½ºÆå¿¡¼­´Â ¼ø¼­ ¹øÈ£°¡ ÃÊ´ç 250,000¹ø, Áï 4 microsecond ¸¶´Ù Çѹø¾¿ Áõ°¡½ÃÅ°µµ·Ï ÇÏ°í ÀÖ´Ù[1]. ±×·¯³ª, Berkeley¿¡¼­ ±¸ÇöµÈ TCPÀÇ ¼ø¼­ ¹øÈ£´Â 4.2BSD¿¡¼­´Â ÃÊ´ç 128¸¸Å­ Áõ°¡ÇÏ°í 4.3BSDÀÇ °æ¿ì¿¡´Â ÃÊ´ç 128,000¸¸Å­¾¿ Áõ°¡ÇÑ´Ù. Áï, ÃÊ´ç Çѹø¾¿¹Û¿¡ º¯È­ÇÏÁö ¾Ê´Â´Ù. 4.7.12.2 IP spoofingÀº ¾î¶»°Ô ¸·À»±î? IP spoofing °ø°ÝÀº SYN °ø°Ý¹ý°ú °°Àº `Denial of Service' °ø°Ý¹ýÀÌ °°ÀÌ »ç¿ëµÇ¹Ç·Î Denial of Service °ø°ÝÀ» ¸·´Â °ÍÀÌ °ð IP spoofing °ø°ÝÀ» ¸·´Â ¹ýÀÌ µÈ´Ù. Áߺ¹µÇ´Â °¨ÀÌ ÀÖÁö¸¸, ´ÙÀ½°ú °°Àº ¹æ¹ýÀ» ¼Ò°³ÇÑ´Ù. ÆÐŶ ÇÊÅ͸µÀÌ °¡´ÉÇÑ ¶ó¿ìÅ͸¦ »ç¿ëÇÏ¿© ¿ÜºÎ¿¡¼­ ³»ºÎ·Î µé¾î¿À´Â ÆÐŶÁß ³»ºÎÀÇ IP ÁÖ¼Ò¸¦ °¡Áø °ÍÀ» ¹«½ÃÇÑ´Ù. ÀÌ·¯ÇÑ ±â´ÉÀÌ °¡Áö°í ÀÖ´Â ¶ó¿ìÅÍ´Â ´ÙÀ½°ú °°´Ù. Bay Networks/Wellfleet routers, version 5 and later Cabletron - LAN Secure Cisco - RIS software all releases of version 9.21 and later Livingston - all versions ±×·¯³ª, ÆÐŶ ÇÊÅ͸µ ±â´ÉÀ» °¡Áø ¶ó¿ìÅ͸¦ ¼³Ä¡ÇÏ°í, ÇÊÅ͸¦ ¼³Á¤ÇÏ¿´´Ù ÇÏ´õ¶óµµ ¶ó¿ìÅÍ ¾ÈÂÊ¿¡ ÀÖ´Â ½Ã½ºÅÛ¿¡¼­ÀÇ IP spoofing °ø°ÝÀº ¸·Áö ¸øÇÑ´Ù. ¼ø¼­ ¹øÈ£ »ý¼ºÀ» ¹«ÀÛÀ§·Î ÇÑ´Ù. ¼ø¼­ ¹øÈ£¸¦ ¾ÏȣȭÇÑ´Ù. À§ÀÇ ¼ø¼­ ¹øÈ£¿¡ °üÇÑ °ø°Ý ¹æÁö¹ýÀº ¸ðµÎ ¾Õ¼­ À§¿¡¼­ ÁöÀû ÇßµíÀÌ ¼ø¼­ ¹øÈ£ÀÇ »ý¼ºÀÌ ³Ê¹« ´Ü¼øÇÏ¿© ¿¹ÃøÀÌ ½¬¿î °áÁ¡À» º¸¾ÈÇÏ´Â °ÍÀÌ ¸ñÀûÀÌ´Ù. »ç½Ç»ó, TCP ½ºÆå¿¡¼­¿¡¼­ Á¦½ÃÇÑ ´ë·Î ÃÊ´ç 250,000¹ø¾¿ ¼ø¼­¹øÈ£¸¦ Áõ°¡½ÃÅ°´Â °ÍÀº ¿î¿µÃ¼Á¦¿¡µµ »ó´çÇÑ ºÎÇϸ¦ ¾ß±âÇÒ °ÍÀ̹ǷÎ, ¼ø¼­ ¹øÈ£ÀÇ »ý¼ºÀº Áö±Ý°ú °°ÀÌ ÇÏ´õ¶óµµ ½±°Ô ³»¿ëÀ» ºÐ¼®ÇÏÁö´Â ¸øÇϵµ·Ï ÇÏÀÚ´Â °ÍÀÌ´Ù. ±×·¯³ª, ¾Ïȣȭ ÇÏ´Â ¹æ¹ýÀº ÇöÀç ¹æ´ëÇÏ°Ô ¼³Ä¡°¡ µÇ¾î »ç¿ëµÇ°í ÀÖ´Â BSD °è¿­ÀÇ TCP ÇÁ·Î±×·¥À» ¸ðµÎ ±³Ã¼ÇÏ¿© ¾ÏÈ£¸¦ Ç® ¼ö ÀÖµµ·Ï ÇØ¾ß ÇϹǷΠ½ÇÇöµÇ±â ¾î·Æ´Ù°í º»´Ù. ·Î±ë(logging)°ú °æ°í ±â´É(alerting)À» °­È­ÇÑ´Ù. ¿¹¸¦µé¸é, ºñÁ¤»óÀûÀÎ ÆÐŶÀ» ¹ß»ý½ÃÅ°´ÂÁö °¨½ÃÇÑ´Ù. ÀÌ ¹æ¹ýÀº IP spoofing °ø°ÝÀÌ °ø°ÝÇÏ°íÀÚ Çϴ ȣ½ºÆ®°¡ ½Å·ÚÇÏ°í ÀÖ´Â ½Ã½ºÅÛÀ» ¹«·ÂÈ­ ÇÏ´Â µ¥¼­ Ãâ¹ßÇÏ´Â Á¡¿¡ Âø¾È ÇÑ °ÍÀÌ´Ù. ¾Õ¼­ ¼³¸íÇÑ °ø°Ý ¿¹Á¦¿¡¼­¿Í °°ÀÌ »ó´ë¹æÀÇ Æ÷Æ® Çϳª¸¦ ¹«·ÂÈ­ Çϱâ À§Çؼ­´Â SYN ÆÐŶÀ» ¿©·¯¹ø º¸³»¾ß ÇÑ´Ù. ÇÏÁö¸¸, ÀϹÝÀûÀÎ »óȲ¿¡¼­ SYN ÆÐŶÀº Çѹø¸¸ º¸³»¸é µÇ±â ¶§¹®¿¡, ÀÌ·¯ÇÑ ÆÐŶµéÀÌ ÀÖ´ÂÁö ¹Ì¸® °¨½Ã ÇÏÀÚ´Â °ÍÀÌ´Ù. ±×·¯³ª, ÀÌ·± ÆÐŶÀ» °¨½ÃÇÏ°íÀÚ ÇÒ¶© Ưº°ÇÑ ¸ñÀûÀ¸·Î ÆÐŶÀ» ÃßÀûÇÏ°í °¨½ÃÇÏ´Â ÀÀ¿ë ÇÁ·Î±×·¥ÀÇ Á¦ÀÛÀÌ ¼±ÇàµÇ¾î¾ß ÇÑ´Ù´Â ¹®Á¦Á¡ÀÌ ÀÖ´Ù. 4.8 À¥¼­¹öÀÇ º¸¾È 4.8.1 °³¿ä À¥¿¡ ´ëÇؼ­´Â ±»ÀÌ ¾ð±ÞÀ» ÇÏÁö ¾Ê¾Æµµ µÉ °ÍÀ̶ó´Â »ý°¢ÀÌ µç´Ù. »ç½Ç, À¥ÀÌ ÀÎÅÍ³Ý È®»êÀÇ ÀÏµî °ø½ÅÀ̶ó°í ¸»ÇÏ´õ¶óµµ ¾î´À ´©±¸ ÀÌ¿¡ ´ëÇؼ­ ¹Ý¹ÚÇÒ »ç¶÷ÀÌ ¾øÀ» °ÍÀ̶ó´Â °ÍÀº ¸í¹éÇÑ »ç½ÇÀÌ´Ù. ¿äÁòÀº À¥À» »ç¿ëÇÏ¿© ÀüÀÚ ¼îÇÎ, ÀüÀÚ »ó°Å·¡±îÁö ÀÌ·ç¾îÁö°í ÀÖ´Â Á¡À» »ý°¢ÇØ º¸¸é À¥ÀÌ ¾ÕÀ¸·Î ¿ì¸®ÀÇ »ýÈ°¿¡ ¾î¶°ÇÑ ¿µÇâÀ» ³¢Ä¥Áö´Â °¡È÷ »ó»óÀ» ºÒÇãÇÒ Á¤µµÀÌ°í ½ÇÁ¦·Î Áö±Ýµµ À¥À» ¸ð¸£¸é ³Ý¸ÍÀ̶ó°í Ä¡±Þ ¹ÞÀ» Á¤µµ·Î ÀÏ»ó »ýÈ°¿¡ Å« ¿µÇâÀ» ³¢Ä¡°í ÀÖ´Ù. ±×¸®°í ´õ ³ª¾Æ°¡¼­ ÀÎÅͳݿ¡¼­ ÇÑ ¹øÀÌ¶óµµ ¿©ÇàÇØ º» »ç¶÷µéÀº Á¦ÀÏ ¸ÕÀú ÀÚ½ÅÀÇ È¨ ÆäÀÌÁö¸¦ °¡Áö°í ½Í¾îÇϸç,±Ù·¡¿¡´Â Ȩ ÆäÀÌÁö Á¦ÀÛ¿¡ °üÇÑ ¿­Ç³¸¶Àú ºÒ°í ÀÖ´Ù. Ȩ ÆäÀÌÁö¸¦ Á¦ÀÛÇÏ´Â ¹æ¹ý¿¡ °üÇÑ Ã¥ÀÌ ¼ö½Ê Á¾·ù³ª µÇ¸ç, Ȩ ÆäÀÌÁö¸¦ Á¦ÀÛÇØ Áִ ȸ»ç³ª ´Üü°¡ »ý°Ü ¼ºÈ²À» ´©¸± Á¤µµ·Î À¥ÀÇ °ü½ÉÀº ³¯·Î Áõ°¡ÇÏ°í ÀÖ´Â Á¡°ú ÇÔ²² ¿äÁò µé¾î À¥ º¸¾È¿¡ ´ëÇÑ °ü½Éµµ Áõ°¡ÇÏ°í ÀÖÀ½ÀÌ ´À²¸Áø´Ù. ÀϹÝÀûÀ¸·Î À¥ º¸¾ÈÀ̶ó°í ÇÏ¸é ´ëºÐÀÌ ÀÚ·á Àü¼Û ½ÃÀÇ ¾Ïȣȭ¿¡ ´ëÇÑ À̽´°¡ º¸¾È °ü·Ã ¼¼¹Ì³ª µî¿¡¼­ ÁÖ¸¦ ÀÌ·ç°í ÀÖ°í, °¡²û¾¿ À¥ ¼­¹ö, CGI, À¥ ºê¶ó¿ìÀú¿Í °ü·ÃµÈ ÇÁ·Î±×·¥»óÀÇ ±¸¸Û(hole)À̳ª »ç½Ç À¥°ú´Â °ü°è¾øÀÌ µ¶ÀÚÀûÀ¸·Î °³¹ßµÇ¾úÁö¸¸ À¥¿¡ Å« ¿µÇâÀ» ¹ÌÄ¡°í ÀÖ´Â Java°¡ À¥°ú °°ÀÌ ÀÌ¿ëµÉ ¶§ ¾ß±âµÉ ¼ö ÀÖ´Â º¸¾È ¹®Á¦°¡ ¼Ò°³°¡ µÇ°í ÀÖ´Â ½ÇÁ¤ÀÌ´Ù. À̹ø ±ÛÀº À§ÀÇ ³»¿ëÀ» ±â´ëÇÑ µ¶Àڵ鿡°Ô´Â Á¶±Ý ¾Æ½±Áö¸¸ ´Ù¸¥ °üÁ¡¿¡¼­ÀÇ À¥ º¸¾ÈÀ» ´Ù·ç°í ÀÖ´Ù. ÀÌ ±Û¿¡¼­´Â À¥ÀÌ µ¿ÀÛÇÏ´Â ±Ùº»ÀûÀÌ ±¸Á¶(working architecture)¿¡ Á¸ÀçÇÏ°í ÀÖ´Â º¸¾ÈÀû À§Ç輺À» ÇØ°áÇÏ¿© º¸´Ù ¾ÈÀüÇÏ°Ô À¥ ¼­¹ö°¡ µ¿ÀÛÇÒ ¼ö ÀÖ°Ô Çϱâ À§Çؼ­ ´ëºÎºÐÀÇ À¯´Ð½º¿¡¼­ Á¦°øÇÏ°í ÀÖ´Â chroot¶ó´Â ½Ã½ºÅÛ ÇÔ¼ö¸¦ ÀÌ¿ëÇÏ¿© À¥ ¼­¹ö¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ýÀ» ¼Ò°³ÇÏ°íÀÚ ÇÑ´Ù. 4.8.1.1 À¥ ¼­¹öÀÇ µ¿ÀÛ ±¸Á¶¿Í ¹®Á¦Á¡ À¥ ¼­ºñ½º¸¦ Á¦°øÇϱâ À§Çؼ­ ¼­¹ö ¸Ó½Å¿¡´Â Ç×»ó À¥ ¼­¹ö µ¥¸óÀÌ ½ÇÇàµÇ°í ÀÖ´Ù. À¥ ¼­¹ö°¡ µ¿ÀÛÇÏ´Â ±âº»ÀûÀÎ ±¸Á¶¸¦ »ìÆ캸¸é ´ÙÀ½°ú °°´Ù. ¼­¹ö ÇÁ·Î¼¼½º´Â Ŭ¶óÀ̾ðÆ®ÀÇ À¥ ¼­ºñ½º ¿äûÀ» ±â´Ù¸®°í ÀÖ´Ù°¡ ¿äûÀÌ µé¾î¿À¸é ÀÌ ¼­ºñ½º¸¦ ó¸®ÇÒ ¼ö ÀÖ´Â »õ·Î¿î ÀÚ½Ä(child) ÇÁ·Î¼¼½º¸¦ »ý¼ºÇÏ¿©¼­ À̸¦ ó¸®ÇÏ°Ô ÇÏ¿© ÁÖ°í ÀÌ ÀÚ½Ä ÇÁ·Î¼¼½º´Â Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÀ» ó¸®ÇÏ°í ³ª¸é ÀÚµ¿À¸·Î ¼Ò¸êµÇ°Ô µÈ´Ù. À¥ ¼­¹ö¿¡ µû¶ó ¾à°£¾¿ µ¿ÀÛ ¹æ¹ýÀÌ ´Þ¶óÁú ¼öµµ ÀÖ°í ¶Ç ¼­¹ö¸¦ ¾î¶»°Ô ¼³Á¤ÇϳĿ¡ µû¶ó¼­µµ Á¶±Ý¾¿ ´Þ¶óÁú ¼ö°¡ ÀÖ°ÚÁö¸¸ Ưº°ÇÑ »ó¿ë Á¦Ç°À» Á¦¿ÜÇÏ°í´Â ÇöÁ¦ÀÇ ±¸ÇöµÈ °ÅÀÇ ´ëºÎºÐÀÇ À¥ ¼­¹öÀÇ µ¿ÀÛ ±¸Á¶°¡ ¾Õ¿¡¼­ À̾߱âÇÑ ½Ã³ª¸®¿À¿¡¼­ Å©°Ô º¯ÇÏÁö´Â ¾Ê´Â´Ù. À¥ ¼­¹ö¸¦ ¼³Ä¡ÇÑ ÈÄ À¥ ¼­¹ö¸¦ ¼­¹ö ¸Ó½Å¿¡¼­ ½ÇÇà½Ãų °æ¿ì ´ëºÎºÐÀÇ À¥ ¼­¹öµéÀÌ ½Ã½ºÅÛÀÌ ºÎÆà ½Ã¿¡ À¥ ¼­¹ö ÇÁ·Î¼¼½º¸¦ ½ÇÇà½ÃÅ°±â ¶§¹®¿¡ ÀÌ À¥ ¼­¹ö´Â ÀÚµ¿À¸·Î ·çÆ® ±ÇÇÑÀ¸·Î µ¿ÀÛÇÏ°Ô µÇ¾î ÀÖ´Ù. ±×·¯¹Ç·Î À§ÀÇ ½Ã³ª¸®¿À¿¡ ÀÇÇϸé Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÀ» ó¸®Çϱâ À§Çؼ­ »ý¼ºµÈ ÀÚ½Ä ÇÁ·Î¼¼½º ¿ª½Ã ·çÆ®ÀÇ ±ÇÇÑÀ¸·Î µ¿ÀÛÇÏ°Ô µÇ´Â °ÍÀÌ´Ù. º¸¾ÈÀûÀÎ °üÁ¡¿¡¼­ º¸¸é ÀÌ·¯ÇÑ µ¿ÀÛ ¹æ¹ýÀº ¸Å¿ì À§ÇèÇÏ´Ù°í º¼ ¼ö ÀÖ´Ù. ¿Ö³ÄÇϸé, À̴ Ŭ¶óÀ̾ðÆ®µéÀÌ ¿äûÀ» ÇØ ¿Ã ¶§ ¸¶´Ù »õ·Î¿î ·çÆ® ±ÇÇÑÀÇ ÇÁ·Î¼¼½º°¡ »ý¼ºµÇ±â ¶§¹®¿¡ ½Ã½ºÅÛÀÌ ºÒÇÊ¿äÇÑ ·çÆ® ÇÁ·Î¼¼½º°¡ ¸¹ÀÌ ¶° ÀÖ´Â È¿°ú¸¦ °¡Á®¿À°Ô µÇ±â ¶§¹®ÀÌ´Ù. ±×·¯¹Ç·Î, ´ëºÎºÐÀÇ À¥ ¼­¹öµéÀº Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÀ» ó¸®Çϱâ À§Çؼ­ ÀÚ½Ä ÇÁ·Î¼¼½º¸¦ »ý¼º½Ãų ¶§ ÀÌ ÇÁ·Î¼¼½ºÀÇ ±ÇÇÑÀ» ·çÆ®°¡ ¾Æ´Ñ ´Ù¸¥ »ç¿ëÀÚ·Î ÇÒ ¼ö ÀÖ´Â ¹æ¹ýÀ» Á¦°øÇÏ°í ÀÖ´Ù. ¾ÆÆÄÄ¡ ¼­¹öÀÇ °æ¿ì¸¦ º¸¸é ¾Æ·¡¿Í °°Àº ºÎºÐÀÌ Àִµ¥ ¿©±â¼­ User¿¡ nobody¶ó°í ÇØÁÖ°í /etc/passwd ÆÄÀÏ¿¡ nobody¶ó´Â »ç¿ëÀÚ¸¦ µî·Ï½ÃÄÑ µÎ¸é »ý¼ºµÇ´Â ÀÚ½Ä ÇÁ·Î¼¼½ºµéÀº nobodyÀ̶ó´Â »ç¿ëÀÚÀÇ ±ÇÇÑÀ¸·Î µ¿ÀÛÇÏ°Ô µÈ´Ù. /conf/httpd.conf file: # User/Group: The name (or #number) of the user/group to run httpd as. # On SCO (ODT 3) use User nouser and Group nogroup User nobody /etc/passwd file: # grep nobody passwd nobody:x:1001:1001:nobody user:: nobody »ç¿ëÀÚ¸¦ ¸¸µé ¶§ ÁÖÀÇÇÒ Á¡Àº Æнº¿öµå ºÎºÐÀº *¿Í °°Àº, ¾ÏȣȭµÈ °á°ú(encrypted result)°¡ µÉ ¼ö ¾ø´Â ¹®ÀÚ·Î ¸·¾Æ µÎ¾î¾ß ÇÑ´Ù. ¸¸ÀÏ shadow passwd¸¦ »ç¿ëÇÑ´Ù¸é shadow passwd ÆÄÀÏ¿¡¼­ ¾ÏȣȭµÈ ºÎºÐÀ» ¸·¾Æ µÎ¾î¾ß ÇÑ´Ù. ÀÌ·¯ÇÑ µ¿ÀÛ ¹æ½ÄÀÇ ½Ã³ª¸®¿À¿¡¼­´Â Ŭ¶óÀ̾ðÆ®´Â Ç×»ó nobody »ç¿ëÀÚ ±ÇÇÑÀÇ À¥ ¼­¹ö¿Í Åë½ÅÀ» Çϱ⠶§¹®¿¡ ÀÌ ¼­¹ö ÇÁ·Î¼¼½º¸¦ °ø°ÝÇÏ¿© Ŭ¶óÀ̾ðÆ®°¡ ¿øÇÏ´Â ÀÛ¾÷À» ÇÏ°Ô ÇÏ´õ¶óµµ ÀÌ ¶§ÀÇ ÀÛ¾÷Àº nobody »ç¿ëÀÚ ±ÇÇÑÀ̹ǷΠ·çÆ® ¼ÒÀ¯ÀÇ ÆÄÀϵé (¿¹ /etc/passwd µî)À» ¼öÁ¤ÇÏ´Â µîÀÇ ÀÛ¾÷Àº ÇÒ ¼ö°¡ ¾ø°Ô µÈ´Ù. ÇÏÁö¸¸ À̰͸¸À¸·Î´Â /etc/passwd µîÀÇ Áß¿äÇÑ ½Ã½ºÅÛ ÆÄÀÏ¿¡ Á¢±ÙÇÏ´Â °ÍÀ» ¿øõÀûÀ¸·Î ºÀ¼âÇÏÁö´Â ¸øÇÑ´Ù. Áï, Àб⠱ÇÇÑÀÌ ºÎ¿©µÈ ½Ã½ºÅÛ ÆÄÀϵéÀº ¿©ÀüÈ÷ Á¢±ÙÀÌ °¡´ÉÇϱ⠶§¹®ÀÌ´Ù. 4.8.1.2 À¥ ¼­¹ö¿¡ ´ëÇÑ º¸¾ÈÀÇ ¹®Á¦Á¡ ¿©±â¼­ ¸»ÇÏ°íÀÚ ÇÏ´Â À¥ ¼­¹öÀÇ º¸¾È¿¡ °üÇÑ ¹®Á¦Á¡Àº ´Ü¼øÈ÷ °¢°¢ÀÇ À¥ ¼­¹ö¿¡ Á¸ÀçÇÒ ¼ö ÀÖ´Â ¹ö±×¿¡ ÀÇÇÑ º¸¾ÈÀÇ ÇãÁ¡À» À̾߱âÇÏ´Â °ÍÀÌ ¾Æ´Ï¶ó À¥ÀÇ µ¿ÀÛ ±¸Á¶¿¡ Á¸ÀçÇÏ°í ÀÖ´Â ±Ùº»ÀûÀÎ º¸¾ÈÀÇ ¹®Á¦Á¡¿¡ ´ëÇؼ­ À̾߱âÇÏ·Á°í ÇÔÀ» °­Á¶ÇÏ°í ½Í´Ù. ¾Õ¿¡¼­ ¾ð±ÞÇÑ ½Ã³ª¸®¿À, Áï ÀÚ½Ä ÇÁ·Î¼¼½ºÀÇ ±ÇÇÑÀ» ·çÆ®°¡ ¾Æ´Ñ ±ÇÇÑÀ¸·Î µ¿ÀÛÇÏ°Ô ÇÏ´Â ¹æ¹ýÀ» Á¶±Ý »ý°¢ÇØ º¸¸é ¿©±â¿¡ ¿ª½Ã ½É°¢ÇÑ º¸¾È ¹®Á¦ÀÇ ¼ÒÁö°¡ Á¸ÀçÇÏ°í ÀÖÀ½À» ¾Ë ¼ö ÀÖ´Ù. Á¦ÀÏ ¸ÕÀú Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÀ» ¹Þ¾Æ µéÀÌ´Â ¼­¹ö µ¥¸óÀº ·çÆ®·Î ½ÇÇàµÇ±â ¶§¹®¿¡ ÀÌ ¼­¹ö µ¥¸óÀÌ ¾Õ ¿¹¿Í °°ÀÌ nobodyÀÇ »ç¿ëÀÚ ±ÇÇÑÀ» °¡Áø »õ·Î¿î ÀÚ½Ä ÇÁ·Î¼¼½º¸¦ »ý¼º½ÃÅ°±â±îÁöÀÇ °úÁ¤Àº ¿ª½Ã ·çÆ®ÀÇ ±ÇÇÑÀ¸·Î ½ÇÇàµÇ°í ÀÖÀ¸¹Ç·Î ÀÌ °úÁ¤¿¡¼­ ħÀÔÀÌ ÀϾ°Ô µÇ´Â °æ¿ì¿¡´Â ·çÆ®ÀÇ ±ÇÇÑÀ¸·Î ¿øÇÏ´Â ÀÏÀ» ó¸®ÇÒ ¼ö ÀÖ°Ô µÇ´Â À§ÇèÀÇ ¼ÒÁö¸¦ °¡Áö°í ÀÖ´Ù°í º¼ ¼ö ÀÖ´Â °ÍÀÌ´Ù. ºñ·Ï ÀÌ·¯ÇÑ ¹ö±×°¡ ¾ÆÁ÷±îÁö ¹ß°ßµÇÁö´Â ¾Ê¾Ò´Ù°í ÇÏ´õ¶óµµ ÀÌ·¯ÇÑ »ç½ÇÀ» Àý´ë·Î °£°úÇؼ­´Â ¾ÈµÈ´Ù. ÀÌÁ¦±îÁöÀÇ ½Ã½ºÅÛ Ä§ÀÔ°ú °ü·ÃµÈ ¹ö±×µéÀÇ ¿ª»ç¸¦ º¸¸é ÀÌ´Â ½±°Ô ÀÌÇØ ÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù. ºñ·Ï ÀÚ½Ä À¥ ¼­¹ö ÇÁ·Î¼¼½ºÀÇ ±ÇÇÑÀÌ ·çÆ®°¡ ¾Æ´Ï´õ¶óµµ ÀÌ ÇÁ·Î¼¼½º´Â Àüü ÆÄÀÏ ½Ã½ºÅÛÀ» ¸ðµÎ Á¢±Ù(access)ÇÒ ¼ö Àֱ⠶§¹®¿¡ ¹®Á¦ÀÇ ¼ÒÁö¸¦ °¡Áö°í ÀÖ´Ù. ÀÌ°ÍÀº À¥À» »ç¿ëÇÔ¿¡ À־ »ç½Ç»ó °ÅÀÇ ÇÊ¿äÇÏÁö ¾ÊÀº ´Ù¸¥ µð·ºÅ丮³ª ÆÄÀϵé(/etcÀÇ ¿©·¯ ½Ã½ºÅÛ ¼³Á¤ ÆÄÀϵé)¿¡ Á¢±Ù ±ÇÇÑÀ» ÁÖ°Ô µÇ´Â ºÒÇÊ¿äÇÑ °á°ú¸¦ ÃÊ·¡ÇÏ°í ÀÖ´Ù. ÀÌ´Â º¸¾È °üÁ¡¿¡¼­ º¸¸é ½Ã½ºÅÛÀÇ Á¤º¸¸¦ À¯Ãâ½Ãų ¼ö ÀÖ´Â ¸Å¿ì ºÒÇÊ¿äÇÑ °ÍÀ̸ç ħÀÔÀÇ ¹ßÆÇÀÌ µÉ ¼öµµ ÀÖ´Â ¿ä¼Ò°¡ µÈ´Ù. ½ÇÁ¦·Î ¿¹Àü¿¡ ÀÌ·¯ÇÑ °æ¿ì·Î ÀÎÇؼ­ ¹®Á¦°¡ µÇ¾ú´ø ¿¹¸¦ Çѹø µé¾îº¸ÀÚ. ÀϹÝÀûÀ¸·Î Æнº¿öµå³ª ±×·ì ÆÄÀÏÀº ¸ðµÎ¿¡°Ô Àб⠱ÇÇÑÀ» ÁÖ°Ô²û ¼³Á¤µÇ¾î ÀÖ¾î¾ß ÇÑ´Ù. ÀÌ·± ÀÌÀ¯·Î CGI ÇÁ·Î±×·¥À» ÀÌ¿ëÇÏ¿© À¥ ¼­¹ö°¡ ÀÖ´Â ¸Ó½Å¿¡ ·Î±äÇÏÁö ¾Ê°íµµ Æнº¿öµå ÆÄÀÏÀ» °¡Á®¿Ã ¼ö ÀÖ´Ù. ÀÌ´Â À¥ ¼­¹ö ÇÁ·Î±×·¥À» ÀνºÅçÇßÀ» ¶§, µðÆúÆ®·Î cgi-bin¿¡ Æ÷ÇÔµÈ CGI ÇÁ·Î±×·¥ Áß phf¶ó´Â ÇÁ·Î±×·¥À¸·Î ÀÎÇؼ­ °¡´ÉÇÏ´Ù. phfÀÇ ¹ö±×´Â Áö±ÝÀº ³Î¸® ¾Ë·ÁÁ® À־ ÆÐÄ¡°¡ °ÅÀÇ µÇ¾úÀ¸¸®¶ó°í »ý°¢µÇÁö¸¸ CGI ÇÁ·Î±×·¥¿¡ ´ëÇØ ÀÌÈÄ¿¡µµ ¾ó¸¶µçÁö ħÀÔ¹ÞÀ» ¼ö ÀÖ´Ù´Â °¡´É¼ºÀ» ½Ã»çÇØ ÁÖ´Â °ÍÀÌ´Ù. Áö±Ý À¥ ¼­¹öÀÇ cgi-bin µð·ºÅ丮ÀÇ phf ÇÁ·Î±×·¥À» °Ë»çÇØ º¸°í ÀÌ CGI°¡ Á¸ÀçÇÑ´Ù¸é Áï½Ã À̸¦ Áö¿ö¹ö¸®°Å³ª ÆÐÄ¡¸¦ Çϱ⠹ٶõ´Ù. 4.8.2 chrootÀÇ ÀÇ¹Ì¿Í °³¿ä chroot´Â »õ·Î¿î ·çÆ® µð·ºÅ丮¸¦ ¼³Á¤ÇÏ¿© ½ÇÁ¦·Î chrootµÈ ÇÁ·Î¼¼½º´Â ÀÌ µð·ºÅ丮ÀÇ »óÀ§ µð·ºÅ丮·Î´Â Á¢±ÙÇÒ ¼ö ¾ø°í ¿ÀÁ÷ ÀÌ ÇÏÀ§ÀÇ µð·ºÅ丮·Î¸¸ Á¢±ÙÇÒ ¼ö ÀÖ°Ô ÇØÁÖ´Â º¸¾È¿¡´Â ¸Å¿ì È¿°úÀûÀÎ ½Ã½ºÅÛ ÇÔ¼öÀÌ´Ù. Áï ÇϳªÀÇ ÇÁ·Î¼¼½º¸¦ ½ÇÇà½Ãų ¶§ ÀÌ ÇÁ·Î¼¼½º°¡ Á¢±ÙÇÒ ¼ö ÀÖ´Â ¿µ¿ªÀ» ÇÁ·Î¼¼½º »ý¼º ½Ã±â¿¡ ¹Ì¸® Á¦ÇѽÃų ¼ö ÀÖ°Ô ÇØÁÖ´Â °ÍÀÌ´Ù. Àß »ìÆì º¸¸é ÀÌ ÇÔ¼ö¸¦ ÀÌ¿ëÇÏ¿© ¸¸µé¾îÁø µ¿¸íÀÇ chroot¶ó´Â ¸í·É¾îµµ Á¸ÀçÇϴµ¥ ÀÌ´Â ÇÁ·ÒÇÁÆ®»ó¿¡¼­ ÇÁ·Î¼¼½º¸¦ ½ÇÇà½Ãų ¶§µµ ÀÌ·¯ÇÑ ÀÛ¾÷À» °¡´ÉÇÏ°Ô ÇØÁÖ±â À§Çؼ­ÀÌ´Ù. ¾ÆÁ÷ chroot°¡ Àß ÀÌÇØ°¡ ¾ÈµÈ´Ù¸é ±ÛÀÇ µÞºÎºÐÀÇ wrapper Äڵ带 º¸¸é ½±°Ô ÀÌÇØ ÇÒ ¼ö ÀÖÀ¸¸®¶ó°í »ý°¢µÈ´Ù. 4.8.2.1 ÀåÁ¡ ÀÌÀü¿¡ ¼Ò°³ Çß´ø À¥ ¼­¹öÀÇ ¹®Á¦Á¡À» ÇØ°áÇØ ÁÖ°í ÀÖ´Ù. chrootµÈ µð·ºÅ丮°¡ À¥ ¼­¹ö ÇÁ·Î¼¼½ºÀÇ ·çÆ® µð·ºÅ丮·Î ÀνĵDZ⠶§¹®¿¡ ºÒÇÊ¿äÇÑ ÆÄÀÏÀ̳ª µð·ºÅ丮·ÎÀÇ Á¢±ÙÀ» Á¦ÇÑÇÒ ¼ö ÀÖ´Ù. ¾Õ¿¡¼­ ¼Ò°³ÇßµíÀÌ ·çÆ® ±ÇÇÑÀÇ ÇÁ·Î¼¼½º°¡ nobody ±ÇÇÑÀÇ ÀÚ½Ä ÇÁ·Î¼¼½º¸¦ »ý¼º½ÃÄѼ­ ÄÁÆ®·ÑÀ» ³Ñ±â±â Àü¿¡ °ø°Ý ´çÇÏ¿© ·çÆ®ÀÇ ±ÇÇÑÀ¸·Î ÀÛ¾÷À» ÇÑ´Ù°í ÇÏ´õ¶óµµ ÀÌ·¯ÇÑ ÀÛ¾÷ÀÌ chrootµÈ µð·ºÅ丮¸¦ ¹þ¾î ³¯ ¼ö ¾ø±â ¶§¹®¿¡ ½Ã½ºÅÛ¿¡ Å« ¿µÇâÀ» ¹ÌÄ¡Áö ¸øÇÑ´Ù. ¹°·Ð ÀÌ´Â chrootµÈ µð·ºÅ丮 ÀÌÇÏ¿¡´Â ½Ã½ºÅÛÀ» ħÀÔÇϴµ¥ »ç¿ëÇÒ¸¸ÇÑ ÆÄÀÏÀ̳ª µð·ºÅ丮°¡ ¾ø°í ´Ü¼øÈ÷ htmlÆÄÀÏ, ±×¸² ÆÄÀÏ, CGIÆÄÀÏ µîÀÌ ÀÖÀ» »ÓÀ̱⠶§¹®ÀÌ´Ù. ±âÁ¸ÀÇ À¥ ¼­¹öÀÇ °æ¿ì »ç¿ëÀÚµéÀÇ È¨ ÆäÀÌÁöµéÀ̳ª À¥ ¼­ºñ½º¸¦ Çϱâ À§ÇÑ ÇÁ·Î±×·¥(À¥ BBS, DB¿Í ¿¬µ¿µÈ À¥ ¼­ºñ½ºÀÇ DB)µéÀÌ µð½ºÅ©¿¡ Èð¾îÁ® ÀÖ¾ú´Ù. ÀÌ´Â ¹°·Ð ±âÁ¸ÀÇ À¥ ¼­¹ö³ª »ý¼ºµÈ ÀÚ½Ä ÇÁ·Î¼¼½º°¡ µð½ºÅ©ÀÇ ¾îµðµçÁö Á¢±ÙÇÒ ¼ö ÀÖ¾ú±â ¶§¹®ÀÌ´Ù. ±×·¯³ª chroot¸¦ ÀÌ¿ëÇÏ¿© À¥ ¼­ºñ½º¸¦ ÇÏ°Ô µÉ °æ¿ì¿¡´Â ÇϳªÀÇ Å« µð½ºÅ© ÆÄƼ¼ÇÀ» Áö½ÃÇÏ´Â µð·ºÅ丮¸¦ chrootÇÏ¿© ¸¸µé±â ¶§¹®¿¡ ¸ðµç À¥ ¼­ºñ½º °ü·Ã ÆÄÀϵéÀ» ÀÌ µð½ºÅ© ÆÄƼ¼Ç¿¡ ¸ð¾Æ µÎ°Ô µÈ´Ù. ±×·¯¸é ½ÇÁ¦·Î À¥ ¼­¹ö´Â ÀÌ µð½ºÅ© ÆÄƼ¼Ç, Á¤È®ÇÏ°Ô´Â ÀÌ µð½ºÅ© ÆÄƼ¼ÇÀ» Áö½ÃÇÏ´Â chrootµÈ µð·ºÅ丮 ¹ÛÀ» ¸ø ¹þ¾î ³ª¸é¼­ µ¿ÀÛÇ߱⠶§¹®¿¡ ÀÌ µð½ºÅ©¸¸ Á¤±âÀûÀ¸·Î ¹é¾÷À» ¹Þ¾Æ µÐ´Ù¸é ½Ã½ºÅÛÀÌ Áװųª µð½ºÅ©°¡ ¸Á°¡Áö´õ¶óµµ ´Ù¸¥ È£½ºÆ®ÀÇ ºó µð½ºÅ©¿¡ ¹é¾÷À» Ç®¾î¼­ Áï½Ã À¥ ¼­¹ö¸¦ º¹±¸½Ãų ¼ö ÀÖ°Ô µÈ´Ù. À̶§ÀÇ º¹±¸ ½Ã°£Àº ´Ü¼øÈ÷ ¹é¾÷ µ¥ÀÌÅ͸¦ »õ·Î¿î µð½ºÅ©¿¡ º¹»çÇÏ´Â ½Ã°£¸¸ÀÌ ¼Ò¿äµÇ°Ô µÉ °ÍÀÌ´Ù. ¹°·Ð »õ·ÎÀÌ ¿Å±ä È£½ºÆ®ÀÇ DNS entry¿¡ ¹®Á¦°¡ »ý±ä È£½ºÆ®ÀÇ À̸§À» alias½ÃÄÑ ³õÀ¸¸é ±âÁ¸¿¡ À¥ ¼­ºñ½º¸¦ ÀÌ¿ëÇÏ´ø »ç¶÷µéÀº ÀüÇô ¹®Á¦¸¦(È£½ºÆ®°¡ ¿Å°ÜÁö°í µ¥ÀÌÅ͸¦ ÀúÀåÇÏ°í ÀÖ´ø µð½ºÅ©°¡ ¹Ù²î¾ú´Ù´Â »ç½Ç) ´À³¢Áö ¸øÇÒ °ÍÀÌ´Ù. Áï Åõ¸í¼º(transparency)À» º¸ÀåÇÒ ¼ö ÀÖ´Ù´Â °ÍÀÌ´Ù. ¸¸ÀÏ ÀÌ¿Í °°ÀÌ ÇÏÁö ¾Ê°í À¥ ÀÚ·áµéÀÌ ¿©·¯ µð½ºÅ©¿¡ ºÐ»êµÇ¾î ÀÖ´Ù°í °¡Á¤Çϸé ÀÌÁß ¾î´À ÇϳªÀÇ µð½ºÅ©°¡ ¸Á°¡Áö°Ô µÇ¸é ÀÌ µð½ºÅ©¿¡ ÀÖ´Â À¥ ÀڷḸ º¹±¸½ÃÅ°´Â ¹®Á¦µµ ÁöÀúºÐÇÒ »Ó¸¸ ¾Æ´Ï¶ó ½Ã½ºÅÛÀÌ Æı«µÉ °æ¿ì¿¡´Â ´õ¿í ´õ Àüü À¥ ¼­ºñ½ºÀÇ º¹±¸ ½Ã°£Àº ±æ¾îÁú °ÍÀÌ¸ç °ü¸®Àڵ鿡°Ô Å« ºÎ´ãÀ» ÁÖ°Ô µÉ °ÍÀÌ´Ù. 4.8.2.2 ´ÜÁ¡ chroot¸¦ »ç¿ëÇÏ´Â ¹æ¹ýÀº º¸¾ÈÀ» À§Çؼ­´Â ¸Å¿ì ÈǸ¢ÇÑ ¹æ¹ýÀÌÁö¸¸ ÀÌ ¶ÇÇÑ ¾à°£ÀÇ ¹®Á¦¸¦ ³»Æ÷ÇÏ°í ÀÖ´Â °ÍÀÌ »ç½ÇÀÌ´Ù. À̸¦ ¿©±â¼­ °£´ÜÈ÷ ¾ð±ÞÇÏ°í ³Ñ¾î°¡µµ·Ï ÇÏÀÚ. ¼³Ä¡ÇϱⰡ ±î´Ù·Ó´Ù°í ¸»ÇÒ ¼ö ÀÖ´Ù(¹°·Ð ³ë·ÃÇÑ °ü¸®ÀÚ¶ó¸é Å« ¹®Á¦´Â µÇÁö ¾ÊÀ» °ÍÀÌ´Ù). µÞ ºÎºÐ¿¡¼­ ¾ð±ÞÇÏ°ÚÁö¸¸ ÀÌÁø ÆÄÀϵéÀ» binµð·ºÅ丮¿¡ °¡Á®´Ù ³õÀ» ¶§ ±×³É ½Ã½ºÅÛ¿¡ ÀÖ´Â °ÍÀ» º¹»çÇÏ°Ô µÇ¸é À̵éÀº ¸ðµÎ °øÀ¯ ¶óÀ̺귯¸®¸¦ »ç¿ëÇÏ°í Àֱ⠶§¹®¿¡ À̵éÀÌ ÇÊ¿ä·Î ÇÏ°í ÀÖ´Â ¸ðµç ¶óÀ̺귯¸®¸¦ usr/lib¿¡ º¹»ç ÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. ƯÈ÷ À¥¿¡¼­´Â CGI¸¦ ÀÌ¿ëÇÏ°í Àֱ⠶§¹®¿¡ ÀÌ·¯ÇÑ ÀÏÀº ¸Å¿ì ÇÇ°ïÇÏ´Ù. ±×·¡¼­ ´ëºÎºÐÀÇ °æÇèÀÚµéÀº ÀÌÁø ÆÄÀϵéÀº Á¤ÀûÀ¸·Î ÄÄÆÄÀÏ ÇÏ´Â °ÍÀ» ÃßõÇÏ°í ÀÖ´Ù. ÀÌ °æ¿ì¿¡´Â °øÀ¯ ¶óÀ̺귯¸®¸¦ »ç¿ëÇÒ ÇÊ¿ä°¡ ÀüÇô ¾ø±â ¶§¹®¿¡ °ü¸®ÇϱⰡ ±ò²ûÇÏ°í Æí¸®ÇÏ´Ù. ¹°·Ð À¥¿¡¼­ ÀÌ¿ëµÉ ¸ðµç ÀÌÁø ÆÄÀϵéÀ» Á¤ÀûÀ¸·Î ´Ù½Ã ÄÄÆÄÀÏÇØÁÖ¾î¾ß ÇϹǷΠÃʱ⠼³Ä¡ ½Ã¿¡ Á» ½Ã°£ÀÌ ¼Ò¿äµÇ´Â ´ÜÁ¡ÀÌ ÀÖ´Ù. µÚ¿¡¼­ º¸ÀÏ ¿¹Á¦´Â Á¤ÀûÀ¸·Î ÄÄÆÄÀÏÇÏÁö ¾Ê´Â ¹æ¹ýÀ» ¼Ò°³ÇÏ°í ÀÖ´Ù. ±âÁ¸¿¡ ÀÌ¹Ì À¥ ¼­¹ö°¡ ¼³Ä¡ µÇ¾î ÀÖ´Â »óÅ¿¡¼­ chroot¸¦ ÀÌ¿ëÇÑ ¼­¹ö¸¦ ¼³Ä¡ÇÒ °æ¿ì¿¡´Â chroot¸¦ ÀÌ¿ëÇÏ´Â ÀåÁ¡À» »ì¸®±â Èûµé ¼ö ÀÖ´Ù. ÇÏÁö¸¸ °ü¸®ÀÚÀÇ Àç·®¿¡ µû¶ó ºÒ°¡´ÉÇÑ °ÍÀº ¾Æ´Ï´Ù. ÀÌ ¸»Àº ÀÌ¹Ì ±âÁ¸ÀÇ À¥ ¼­¹ö°¡ ÀÖ´Ù¸é °³ÀεéÀÌ °¢°¢ÀÇ È¨ µð·ºÅ丮¿¡ ÀÚ½ÅÀÇ È¨ ÆäÀÌÁö¸¦ ¸¸µé¾î ³õ¾ÒÀ» °ÍÀε¥ ÀÌ È¨ ÆäÀÌÁöµéÀÌ chroot¿¡¼­ ÀÌ¿ëÇÏ´Â ÆÄÀÏ ½Ã½ºÅÛÀ̳ª chrootÀÇ tree ¹Ù±ù¿¡ ÀÖÀ» ¼ö ÀÖ´Ù´Â °ÍÀÌ´Ù. ÀÌ¿¡ ´ëÇÑ ÇØ°áÃ¥À» ¼Ò°³ÇÏ¸é ´ÙÀ½°ú °°´Ù. ¸¸ÀÏ »ç¿ëÀÚµéÀÇ È¨ ÆäÀÌÁö°¡ chroot¸¦ ÀÌ¿ëÇÏ´Â tree ¹Ù±ù¿¡ ÀÖÁö¸¸ °°Àº ÆÄÀÏ ½Ã½ºÅÛ »ó¿¡ ÀÖ´Ù¸é ÇÏµå ¸µÅ©¸¦ ÀÌ¿ëÇؼ­ ÇØ°á ÇÒ ¼ö ÀÖ´Ù(chroot treeÀÌÇÏ¿¡¼­ ¹Ù±ùÀ¸·ÎÀÇ ¼ÒÇÁÆ® ¸µÅ©´Â µ¿ÀÛÇÏÁö ¾Ê´Â´Ù). ÇÏÁö¸¸ ¿ÏÀüÈ÷ ´Ù¸¥ ÆÄÀÏ ½Ã½ºÅÛ¿¡ »ç¿ëÀÚµéÀÇ È¨ ÆäÀÌ°¡ ÀÖÀ» °æ¿ì¿¡´Â loop back ¸¶¿îÆ®(·ÎÄà ÆÄÀÏ ½Ã½ºÅÛ¿¡¼­ ´Ù¸¥ ·ÎÄà ÆÄÀÏ ½Ã½ºÅÛÀ¸·ÎÀÇ ¸¶¿îÆ®)¸¦ ÀÌ¿ëÇÏ¿© ÇØ°á ÇÒ ¼ö ÀÖ´Ù. loop back ¸¶¿îÆ®¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸íÀº »ý·«Çϵµ·Ï ÇÏ°Ú´Ù. 4.8.2.3 chroot¸¦ ÀÌ¿ëÇÑ À¥ ¼­¹ö ¼³Ä¡ °úÁ¤ ÀÌÁ¦ chrootÀ» ÀÌ¿ëÇÏ¿© »õ·Î¿î À¥ ¼­¹ö ÇÁ·Î±×·¥À» ¼³Ä¡ÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¼Ò°³ÇØ º¸µµ·Ï ÇÏ°Ú´Ù. ¾Æ·¡ÀÇ ¿¹Á¦´Â ¼Ö¶ó¸®½º 2.5 ¸Ó½Å¿¡¼­ ¸ðµç ÇÁ·Î±×·¥Àº °øÀ¯ ¶óÀ̺귯¸®¸¦ ÀÌ¿ëÇÏ°Ô ÄÄÆÄÀÏÇÏ¿´´Ù´Â °¡Á¤ÇÏ¿¡¼­ Á÷Á¢ ¼³Ä¡ÇÑ °úÁ¤À» Á¤¸®ÇÏ¿© º» °ÍÀÌ´Ù. ÀÌ °úÁ¤Àº ¼Ö¶ó¸®½º 2.5ÀÇ °æ¿ìÀ̹ǷΠ¸ðµç ¿î¿µÃ¼Á¦¿¡ Àû¿ëµÇ´Â °ÍÀº ¾Æ´ÏÁö¸¸ ±âº»ÀûÀÎ °úÁ¤À» Àß ÀÌÇØÇÑ´Ù¸é ´Ù¸¥ ¿î¿µÃ¼Á¦¶óµµ Å« ¹®Á¦°¡ µÇÁö´Â ¾ÊÀ» °ÍÀ̶ó ¹Ï°í, ¶Ç ¹ß»ýÇÒ ¼ö ÀÖ´Â »ç¼ÒÇÑ ¹®Á¦µéÀº °ü¸®ÀÚÀÇ Àç·®À¸·Î ÇØ°áÇÒ ¼ö ÀÖÀ» °ÍÀ̶ó°í »ý°¢µÈ´Ù. chroot´Â ÀÓÀÇÀÇ µð·ºÅ丮¸¦ »õ·Î¿î ·çÆ® µð·ºÅ丮·Î ¸¸µå´Â °ÍÀ̱⠶§¹®¿¡ µð½ºÅ©¿¡ ´ëÇÑ ¿ë·®ÀÌ ÃæºÐÇÑ µð½ºÅ©¸¦ Çϳª ¼±Á¤ÇÑ´Ù. # df -k ÆÄÀϽýºÅÛ K¹ÙÀÌÆ® »ç¿ë °¡¿ë ¿ë·® ¼³Ä¡ÁöÁ¡ /dev/dsk/c0t0d0s0 86879 21416 56783 28% / /dev/dsk/c0t0d0s6 480919 417695 15134 97% /usr /proc 0 0 0 0% /proc fd 0 0 0 0% /dev/fd /dev/dsk/c0t1d0s7 1952573 135576 1621747 6% /WWW /dev/dsk/c0t0d0s5 288855 212963 47012 82% /opt /dev/dsk/c0t0d0s7 724031 227921 423710 35% /usr1 swap 409672 224 409448 1% /tmp ¿©±â¼­´Â /WWW¶ó´Â µð·ºÅ丮¿¡ chroot¸¦ Çϱâ·Î ÇÏ°Ú´Ù. ¸ÕÀú ¾Æ·¡¿Í °°Àº µð·ºÅ丮¸¦ ¸¸µéµµ·Ï ÇÏÀÚ. # pwd /WWW # ls ÃÑ 28 2 cgi-bin/ 2 etc/ 2 logs/ 2 HOME_PAGE/ 2 conf/ 2 home/ 6 src/ 2 bin/ 2 dev/ 4 icons/ 2 usr/ À§ÀÇ µð·ºÅ丮µéÀ» °£´ÜÈ÷ ¼³¸íÇÏ¸é ´ÙÀ½°ú °°´Ù. HOME_PAGE ÀÌ À¥ ¼­¹ö¿¡ Á¢±ÙÇßÀ» ¶§ ±âº»ÀûÀ¸·Î ã´Â µð·ºÅ丮·Î ¼³Á¤ bin ÀÌÁø ÆÄÀϵéÀ» °¡Á®´Ù ³õÀ» µð·ºÅ丮 cgi-bin CGI ÇÁ·Î±×·¥À» °¡Á®´Ù ³õÀ» µð·ºÅ丮 conf httpdÀÇ ¼³Á¤ ÆÄÀÏÀ» °¡Á®´Ù ³õÀ» µð·ºÅ丮 dev µð¹ÙÀ̽º ÆÄÀÏÀ» °¡Á®´Ù ³õÀ» µð·ºÅ丮 etc passwd³ª groupÆÄÀÏÀ» °¡Á®´Ù ³õÀ» µð·ºÅ丮 home °³ÀΠȨÆäÀÌÁö³ª À¥ ¼­ºñ½º °ü·Ã DBµîÀÇ ÀÚ·áµéÀ» °¡Á®´Ù ³õÀ» µð·ºÅ丮 icons ¾ÆÀÌÄÜÀ» ³õÀ» µð·ºÅ丮 logs httpd°¡ ¸¸µé ·Î±× ÆÄÀÏÀ» ÀúÀåÇÒ µð·ºÅ丮 usr usr/lib³ª usr/tmp¸¦ À§ÇÑ µð·ºÅ丮 src httpd¸¦ ÄÄÆÄÀÏ ÇÒ µð·ºÅ丮 ÀÚ½ÅÀÌ ¿øÇÏ´Â À¥ ¼­¹ö ÇÁ·Î±×·¥À» °¡Á®¿Í /WWW/src ¹Ø¿¡¼­ ÄÄÆÄÀÏÇÏÀÚ. º»ÀÎÀÌ »ç¿ëÇÑ ¾ÆÆÄÄ¡ À¥ ¼­¹ö ¼Ò½º ÇÁ·Î±×·¥Àº ´ÙÀ½¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Ù. http://www.apache.org ±âº»ÀûÀÎ ¼³Ä¡ °úÁ¤Àº À¥ ¼­¹ö¸¦ ¼³Ä¡ÇÒ ¶§¿Í µ¿ÀÏÇÏÁö¸¸, ´ÙÀ½ÀÇ ¼³Ä¡ °úÁ¤¿¡¸¸ ÁÖÀÇÇÏ¸é µÈ´Ù. ¾Õ¿¡¼­ ¸¸µé¾îÁø conf¶ó´Â µð·ºÅ丮¿¡ ¾Æ·¡ÀÇ ÆÄÀϵéÀ» °¡Á®´Ù ³õ´Â´Ù. # ls conf ÃÑ 36 12 httpd.conf 14 srm.conf 4 access.conf 6 mime.types conf¹Ø¿¡ ÀÖ´Â httpd.conf¿¡¼­´Â ´ÙÀ½°ú °°ÀÌ ÇØÁÖ¾î¾ß ÇÑ´Ù. #ServerRoot /usr/local/etc/httpd # for chroot() ServerRoot / ÀÌ°Í ÀÌ¿ÜÀÇ ¼³Á¤Àº ±âÁ¸ÀÇ ¼³Á¤°ú µ¿ÀÏÇÏ´Ù. Á»´õ ÀÚ¼¼ÇÑ ¾ÆÆÄÄ¡ ¼­¹öÀÇ ±âº»ÀûÀÎ ¼³Á¤ ¹æ¹ýÀº ¿ù°£ Internet 1996³â 10¿ù È£¸¦ Âü°íÇϱ⠹ٶõ´Ù. src¿¡¼­ ÄÄÆÄÀÏÇÑ httpd¸¦ bin¹ØÀ¸·Î ¿Å°ÜµÎ°í ÀÌ httpd°¡ ÀÌ¿ëÇÏ´Â °øÀ¯ ¶óÀ̺귯¸®µéÀ» ½ÇÁ¦ /usr/lib¿¡¼­ /WWW/usr/lib¹Ø¿¡ º¹»çÇØ µÐ´Ù. httpd°¡ »ç¿ëÇÏ´Â ÀÌÁø ÆÄÀÏÀº ldd¶ó´Â ¸í·É¾î·Î Á¶»çÇÑ´Ù. # ldd httpd libsocket.so.1 =>/usr/lib/libsocket.so.1 libnsl.so.1 => /usr/lib/libnsl.so.1 libc.so.1 => /usr/lib/libc.so.1 libdl.so.1 => /usr/lib/libdl.so.1 libintl.so.1 => /usr/lib/libintl.so.1 libw.so.1 => /usr/lib/libw.so.1 ÀÌ°ÍÀ» ÇÏ´Â ÀÌÀ¯´Â ±âÁ¸ÀÇ ¶óÀ̺귯¸® ÆÄÀÏÀÌ ÀÖ´ø /usr/lib¶ó´Â µð·ºÅ丮´Â httpd µ¥¸ó¿¡°Ô´Â ´õ ÀÌ»ó º¸ÀÌÁö ¾Ê±â ¶§¹®ÀÌ´Ù. µû¶ó¼­, httpd µ¥¸ó¿¡°Ô ·çÆ® µð·ºÅ丮ÀÎ /WWW¹Ø¿¡ »õ·Î¿î usr/libÀ» ¸¸µé¾î ÇÊ¿äÇÑ ¶óÀ̺귯¸®µéÀ» º¹»çÇØ µÎ¾î¾ß ÇÏ´Â °ÍÀÌ´Ù. etc ¹Ø¿¡´Â /etc/passwd, /etc/group, /etc/netconfig¸¦ º¹»çÇÑ´Ù. ÀÌ ¶§, ÁÖÀÇÇØ¾ß ÇÒ Á¡Àº Æнº¿öµå ÆÄÀÏÀÇ Æнº¿öµå ºÎºÐÀ» x·Î ¸·¾Æ ³õ´Â´Ù. ¼Ö¶ó¸®½º´Â shadow passwd¸¦ »ç¿ëÇϱ⠶§¹®¿¡ »ç½Ç ÀÌ·¸°Ô ÇÒ ÇÊ¿ä´Â ¾øÁö¸¸ À̸¦ ÀÌ¿ëÇÏÁö ¾ÊÀº °æ¿ì´Â Æнº¿öµåÀÇ ¾ÏȣȭµÈ ºÎºÐÀº ¹Ýµå½Ã »èÁ¦ ½ÃÄÑ¾ß ÇÑ´Ù. ±×¸®°í ºÒÇÊ¿äÇÑ »ç¿ëÀÚ´Â »èÁ¦ÇÏ´Â °ÍÀÌ ÁÁ´Ù. dev ¹Ø¿¡´Â ÇÊ¿äÇÑ µð¹ÙÀ̽º ÆÄÀÏÀ» ¸¸µé¾î ³õ´Â´Ù. ¼Ö¶ó¸®½ºÀÇ °æ¿ì¿¡´Â ´ÙÀ½°ú °°ÀÌ ¸¸µé ¼ö Àִµ¥ ÀÌ´Â ¿î¿µÃ¼Á¦¿¡ µû¶ó¼­ ´Þ¶óÁú ¼ö ÀÖ´Â ¿ä¼Ò°¡ °¡Àå Å©±â ¶§¹®¿¡ ´Ù¸¥ ¿î¿µÃ¼Á¦¸¦ ÀÌ¿ëÇÏ´Â °æ¿ì¿¡´Â Á¶½ÉÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. # mknod /www/httpd/dev/ip c 11 3 # mknod /www/httpd/dev/tcp c 11 42 # mknod /www/httpd/dev/ticotsord c 105 1 # mknod /www/httpd/dev/udp c 11 41 # mknod /www/httpd/dev/zero c 13 12 # mknod /www/httpd/dev/null 13 2 # ls ÃÑ 0 0 null 0 ticotsord 0 zero 0 ip 0 tcp 0 udp ÀÌ·¸°Ô ÇÏ¸é µð¹ÙÀ̽º ÆÄÀÏÀ» »ý¼ºÇÒ ¼ö ÀÖ´Ù. ¸¸¾à¿¡ major, minor ¼ýÀÚ¸¦ ¸ð¸£´Â °æ¿ì¿¡´Â ½ÇÁ¦ /dev ¹Ø¿¡ ÀÖ´Â ÆÄÀÏÀ» ¾Æ·¡¿Í °°ÀÌ »ìÆ캸¸é µÈ´Ù. # ls -lL /dev/zero 0 crw-rw-rw- 1 root sys 13, 12 5¿ù 8ÀÏ 04:48 /dev/zero Âü°í·Î zero´Â µ¿Àû ·Î´õ(dynamic loader)¿¡ ÀÇÇؼ­ »ç¿ëµÇ´Â °ÍÀÌ¸ç ³ª¸ÓÁö´Â ³×Æ®¿÷(network)¿¡ »ç¿ëµÇ´Â °ÍÀÌ´Ù. CGI ÇÁ·Î±×·¥À» À¥ ¼­¹ö°¡ Á¦°øÇÒ Áö¿¡ ´ëÇØ °áÁ¤ÇÑ ÈÄ CGI ÇÁ·Î±×·¥À» »ç¿ëÀÚµéÀÌ ÀÌ¿ëÇÒ ¼ö ÀÖ°Ô ÇÏ·Á¸é, CGI ÇÁ·Î±×·¥ÀÌ »ç¿ëÇÏ´Â ÀÌÁø ÆÄÀÏÀ» Á¶»çÇÑ ÈÄ, CGI ÇÁ·Î±×·¥ÀÌ »ç¿ëÇÏ´Â ÀÌÁø ÆÄÀÏ°ú ±×¿¡ µû¸¥ ¶óÀ̺귯¸®¸¦ /WWW/bin, /WWW/usr/lib¿¡ °¢°¢ ³Ö¾î ÁÖ¿©¾ß ÇÑ´Ù. ±×·¸Áö ¾ÊÀ¸¸é CGI ÇÁ·Î±×·¥¿¡ ÇÊ¿äÇÑ ÀÌÁø ÆÄÀϵé(sh, perlµî)À» chrootµÈ »õ·Î¿î ·çÆ® µð·ºÅ丮¿¡¼­ ãÁö ¸øÇÏ°Ô µÇ¹Ç·Î CGI ÇÁ·Î±×·¥À» ÀÌ¿ëÇÒ ¼ö ¾ø°Ô µÈ´Ù. ¿ì¼± ±âº»ÀûÀÎ sh°ú perlÀ» ÄÄÆÄÀÏÇÑ ÈÄ bin ¹Ø¿¡ ³Ö¾î ÁØ´Ù. ¿©±â¼­´Â Á¤ÀûÀ¸·Î ÄÄÆÄÀÏÇÏÁö ¾Ê´Â °æ¿ìÀ̹ǷΠsh¿Í perlÀÌ ÀÌ¿ëÇÏ´Â ¶óÀ̺귯¸®µéÀ» È®ÀÎÇÏ¿© usr/lib¿¡ º¹»çÇÏ¿© µÐ´Ù. ´ÙÀ½Àº ±âº»ÀûÀ¸·Î ³Ö¾î µÎ¸é CGI »ç¿ë¿¡ À¯¿ëÇÑ ÇÁ·Î±×·¥µéÀÌ´Ù. cat comm cp csplit cut du expand find fmt fold grep head join locate ls mkdir mv nl od paste pr rm rmdir sort split sum tail touch tr unexpand uniq wc xargs º»ÀÎÀÇ °æ¿ì´Â bin¿¡ csh, sh, perl, httpd¸¸À» ³Ö¾î µÎ¾ú´Âµ¥ À̵éÀÌ ÇÊ¿ä·Î ÇÏ´Â ¶óÀ̺귯¸®µéÀº ´ÙÀ½°ú °°¾Ò´Ù. # pwd /WWW # ls usr ÃÑ 4 2 lib/ 2 tmp/ # ls usr/lib ÃÑ 3322 2 libmapmalloc.so@ 78 libw.so.1* 48 ld.so* 14 libmapmalloc.so.1* 32 nss_compat.so.1* 288 ld.so.1* 2 libmp.so@ 22 nss_dns.so.1* 2 libc.so@ 32 libmp.so.1* 42 nss_files.so.1* 1312 libc.so.1* 2 libnsl.so@ 48 nss_nis.so.1* 2 libdl.so@ 1136 libnsl.so.1* 58 nss_nisplus.so.1* 6 libdl.so.1* 2 libsocket.so@ 2 straddr.so@ 2 libintl.so@ 136 libsocket.so.1* 20 straddr.so.2* 32 libintl.so.1* 2 libw.so@ ¸¶Áö¸·À¸·Î httpd µ¥¸óÀ» ½ÇÇà½ÃÅ°±â À§ÇÑ wrapper¸¦ ¸¸µç´Ù. ´ÙÀ½Àº wrapperÀÇ ¼Ò½º ÄÚµåÀÌ´Ù. #include main(int argc, char *argv[]) { if (chdir(argv[1])) { fprintf(stderr,"change directory to %s failed !",argv[1]); exit(1); } if (chroot(argv[1])) { fprintf(stderr,"chroot %s failed !",argv[1]); exit(1); } execl("/bin/httpd","httpd","-f","/conf/httpd.conf",(char *)0); exit(0); } ÀÌ ÇÁ·Î±×·¥ÀÇ Àǹ̴ ´ÙÀ½¿¡ ¿À´Â ½ÇÇà ¹æ¹ýÀ» º¸¸é È®½ÇÈ÷ ÀÌÇØ ÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù. ´ÙÀ½ÀÇ °úÁ¤Àº /WWWÀÌÇÏ µð·ºÅ丮¿Í ÆÄÀÏÀÇ ¼ÒÀ¯¸¦ °¡»óÀÇ »ç¿ëÀÚÀÎ wwwÀ¸·Î ÇÑ´Ù. ¹°·Ð wwwÀ̶ó´Â »ç¿ëÀÚ´Â /etc/passwd¿¡ µî·ÏµÇ¾î ÀÖ¾î¾ß ÇÑ´Ù. ÀÌ°ÍÀº nobody¸¦ µî·Ï½ÃŲ °úÁ¤°ú µ¿ÀÏÇÏ°Ô ÇÏ¸é µÈ´Ù. # grep www /etc/passwd www:x:1000:1000:WWW server:/www/httpd: # grep webgroup /etc/group webgroup::1000:web # chown -R www /WWW # chgrp -R webgroup /WWW # chmod -R 755 /WWW ÀÌÁ¦ wrapper ÇÁ·Î±×·¥ ÆÄÀÏÀ» ¸¸µé¾î¼­ ºÎÆà ½ºÅ©¸³Æ®¿¡ Ãß°¡ÇØ Áֱ⸸ ÇÏ¸é µÈ´Ù. # pwd /etc/rc3.d # ls ÃÑ 1258 4 S15nfs.server* 2 S97wrapper* 4 README 2 S98smbd* # cat S97wrapper #!/bin/sh # for httpd wrapper daemon if [ -f /WWW/bin/httpd_wrapper ] then echo "start httpd wrapper" /WWW/bin/httpd_wrapper echo "/WWW/bin/httpd_wrapper" fi 4.8.3 CGIÀÇ Ãë¾àÁ¡°ú º¸¾È¿¡ ´ëÇÑ °³¿ä ¼¼°è´Â ÀÎÅÍ³Ý ¿­Ç³À¸·Î ¹Ù»Ú°Ô ¿òÁ÷ÀÌ°í ÀÖ´Ù. ÀÎÅͳÝÀ» ¸ð¸£¸é ³«¿ÀÀÚ°¡ µÇ´Â ¾ç, ³Êµµ³ªµµ ÀÎÅÍ³Ý ´ë¿­¿¡ ¸ð¿©µé°í ÀÖ´Ù. ÇÏÁö¸¸, ¹ßÀü°ú º¯È­ÀÇ ºü¸¥ ¼Óµµ ¸¸Å­À̳ª Ãë¾àÇÑ ºÎºÐµµ ²ÙÁØÈ÷ »ý°Ü ³ª°í ÀÖ´Ù. ±×·¡¼­, À¥¿¡ ´ëÇÑ º¸¾È¸¦ ´õ¿í ½Å°æ½á¾ß ÇÒ ½Ã±â°¡ ¾Æ´Ñ°¡ ÇÑ´Ù. ÀÌ ¹®¼­¿¡¼­´Â À¥ º¸¾È¿¡ °ü·ÃµÇ¾î CertAdvisory¿Í 8lgmÀ» Âü°í·Î ÇÏ¿© Ãë¾àÁ¡°ú º¸¾ÈÀ» ¼³¸íÇÏ°í ÀÖ´Ù. »ç¿ëÀÚ°¡ CGI¸¦ »ç¿ëÇÒ ¶§ »ç¿ëÀÚ°¡ À¥ ¼­¹ö ½Ã½ºÅÛ¿¡ ħÀÔÇÏ´Â È¿°ú¸¦ ³¾ ¼ö ÀÖ´Â Ãë¾àÇÑ ºÎºÐ°ú ±×¿¡ ´ëÇÑ º¸¾ÈÃ¥À» ¼³¸íÇÏ°í, ±× Áß¿¡¼­ ÀÌ¹Ì ¹®Á¦°¡ µÇ¾ú´ø ¿¹¸¦ Á¦½ÃÇÏ°íÀÚ ÇÑ´Ù. ÀÌ ³»¿ëÀº 1.Interpreters in CGI bin Directories 2.Vulnerability in NCSA/Apache CGI example code 4.8.3.1 CGI Çؼ®±â À¥À» ÅëÇØ È¨ ÆäÀÌÁö¸¦ µé¾î°¡º¸¸é ¹æ¹® Ƚ¼ö°¡ ³ª¿À´Â Ȩ ÆäÀÌÁö°¡ ÀÖ´Ù. ÀÌ°ÍÀº »ç¿ëÀÚ¿Í À¥ ¼­¹ö°¡ »óÈ£ ÀÛ¿ëÇÏ´Â CGI¸¦ ÅëÇØ °¡´ÉÇÑ °ÍÀÌ´Ù. ÀÌ CGI ½ºÅ©¸³Æ®¸¦ ¼öÇàÇϱâ À§Çؼ­´Â Çؼ®±â°¡ À¥ ¼­¹ö ½Ã½ºÅÛ¿¡ Á¸ÀçÇØ¾ß ÇÑ´Ù. »ç¿ëÀÚ°¡ À¥À» ÅëÇØ CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇà½ÃÅ°±â À§Çؼ­ À¥ ¼­¹ö´Â Çؼ®±â¿¡ ´ëÇÑ Á¢±Ù ±ÇÇÑÀÌ ÀÖ¾î¾ß ÇÑ´Ù. ±×·¡¼­, Ãʱ⿡´Â »ç¿ëÀÚ°¡ CGI ½ºÅ©¸³Æ®¸¦ ÀÌ¿ëÇÒ ¼ö ÀÖ´Ù´Â °ÍÀ» È®½Å½ÃÄÑÁÖ±â À§Çؼ­ CGI bin µð·ºÅ丮»ó¿¡ Çؼ®±â¸¦ À§Ä¡½ÃÄ×´Ù. ±×·¯³ª, CGI binµð·ºÅ丮»ó¿¡ ÀÖ´Â ¸ðµç ÇÁ·Î±×·¥µé(interpreters)Àº ÀÓÀÇÀÇ º¯¼ö(argument)·Î ½ÇÇàµÉ ¼ö Àֱ⠶§¹®¿¡ CGI ÇÁ·Î±×·¥ÀÌ ÀǵµµÈ ¸ñÀûÀ¸·Î¸¸ ½ÇÇàµÉ ¼ö ÀÖµµ·Ï µðÀÚÀÎÇÏ´Â °ÍÀÌ Áß¿äÇÏ´Ù. 4.8.3.2 ¹®Á¦Á¡ µû¶ó¼­ Çؼ®±âµé(/bin/sh ¶Ç´Â PERL µîµî)ÀÌ CGI bin µð·ºÅ丮¿¡ À§Ä¡ÇØ ÀÖ´Ù¸é ħÀÔÀÚ´Â Çؼ®±â¸¦ Á÷Á¢ÀûÀ¸·Î Á¢±ÙÇÒ ¼ö ÀÖ°í À¥ ¼­¹ö ½Ã½ºÅÛ¿¡¼­ ÀÓÀÇÀÇ ¸í·É¸¦ ¼öÇàÇÒ ¼ö ÀÖ´Ù. ÀÌ ÈÄ¿¡ ¼Ò°³µÇ´Â ³»¿ëÀº ÀÌ·Î ÀÎÇؼ­ »ý°å´ø ¹®Á¦ÀÌ°í, ÀÌ ¹®Á¦¸¦ ÇØ°áÇϱâ À§ÇÑ ¸î °¡Áö ¹æ¹ýÀ» Á¦½ÃÇÏ°íÀÚ ÇÑ´Ù. 4.8.4 NCSA/Apache CGI ¿¹Á¦ ÄÚµåÀÇ Ãë¾à¼ºÀÇ °³¿ä À¥ ¼­¹ö ÇÁ·Î±×·¥À» ÀνºÅç ÇÑ ´ÙÀ½¿¡ src¶ó´Â µð·¹Å丮¸¦ º¸¸éÀº util.c¶ó´Â ÆÄÀÏÀ» ¹ß°ßÇÒ ¼ö ÀÖÀ» °ÍÀÌ´Ù. ±× ÆÄÀÏÀÇ ÇÔ¼ö Áß¿¡¼­ escape_shell_cmd()¶ó´Â ÇÔ¼ö°¡ Ãë¾à¼ºÀ» º¸À¯ÇÏ°í ÀÖ´Ù. ÀÌ ÇÔ¼ö´Â system(), popen()°ú °°Àº shell-based ¶óÀ̺귯¸®¸¦ ÇÊÅ͸µÇÏ¿© È£ÃâÇÏ´Â ¿ªÈ°À» ÇÑ´Ù. Áï, escape_shell_cmd()¿¡ ÀÇÁ¸ÇÏ¿© shell-based ¶óÀ̺귯¸®¸¦ È£ÃâÇÏ´Â ÇÁ·Î±×·¥Àº °ø°Ý´çÇÏ´Â Ãë¾àÁ¡À» °¡Áú ¼ö ÀÖ 4.8.4.1 ÇÁ·Î±×·¥ÀÇ ¿¹ phf¶ó´Â CGI ÇÁ·Î±×·¥ÀÌ ±×·¯ÇÑ ¿¹ÀÌ´Ù. ÁÖÀÇÇØ¾ß ÇÒ Á¡Àº Ãë¾àÁ¡Àº httpd ±× ÀÚü¿¡ ÀÖ´Â °ÍÀÌ ¾Æ´Ï¶ó, escape_shell_cmd()¿¡ ÀÇÁ¸ÇÏ´Â CGI ÇÁ·Î±×·¥¿¡ ÀÖ´Ù¶ó´Â °ÍÀÌ´Ù. µû¶ó¼­, Ãë¾àÇÑ escape_shell_cmd()¸¦ »ç¿ëÇÏ´Â ÇÁ·Î±×·¥Àº ¸ðµÎ ±¸¸ÛÀÌ ÀÖÀ» ¼ö ÀÖ´Ù´Â »ý°¢À» °¡Á®¾ß ÇÑ´Ù. µû¶ó¼­, escape_shell_cmd()¸¦ ÀûÀýÈ÷ °íÃÄÁÖ¸é µÈ´Ù. 4.8.4.2 ¹®Á¦Á¡ phf ÇÁ·Î±×·¥ÀÌ ÀÖ´Â À¥ ¼­¹ö¿¡¼­´Â ÀÏ¹Ý »ç¿ëÀÚ°¡ /etc/passwd¸¦ º¼ ¼ö ÀÖ´Â ´É·ÂÀÌ ÀÖ°í ½Ã½ºÅÛ»ó¿¡¼­ ´Ù¸¥ »óÈ£ÀûÀÎ ½©(shell) ¸í·É¾î¸¦ ½ÇÇàÇÒ ¼ö ÀÖ´Â °¡´É¼ºÀÌ ÀÖ´Ù´Â Á¡ÀÌ´Ù. ¸¹Àº CGI ÇÁ·Î±×·¥¿¡¼­ util.cÀ» ÆÄÀÏ ½Ã½ºÅÛ°ú ¿¬°áÇÏ´Â ¹æ¹ýÀ¸·Î »ç¿ëÇÑ´Ù. ƯÈ÷ escape_shell_cmd()Àº CGI ÇÁ·Î±×·¥¿¡ ÀÇÇØ ¹ß»ýµÈ ½©(shell)ÀÌ Ãß°¡ÀÇ ¸í·ÉÀ» °¡Áö°í ¸í·É¾î¸¦ ½ÇÇàÇÒ ¼ö ÀÖ°Ô ÇÏ´Â Á¦¾î ¹®ÀÚ(control characters)À» ÇÊÅ͸µÇÑ´Ù. /* In util.c */ void escape_shell_cmd(char *cmd) { register int x,y,l; l=strlen(cmd); for(x=0;cmd[x];x++) { if(ind("&;`'\"|*?~<>^()[]{}$\\",cmd[x]) != -1){ /*the line above is the filter for control chars*/ for(y=l+1;y>x;y--) cmd[y] = cmd[y-1]; l++; /* length has been increased */ cmd[x] = '\\'; x++; /* skip the character */ } } } À§ÀÇ ¼Ò½º Äڵ带 »ìÆì º¸¸é , ´ëºÎºÐÀÇ Á¦¾î ¹®ÀÚ(control characters)À» ÇÊÅ͸µ½ÃÅ°´Â µ¥¿¡ ºñÇØ `n'¸¸ÀÌ ÇÊÅ͸µµÇÁö ¾Ê´Â´Ù. ÀÌ·± ÀÌÀ¯·Î ±¸¸ÛÀÌ »ý±â°ÔµÇ¾ú´Ù. ´ÙÀ½ÀÇ Ã¹ ¹ø°´Â À¥ »ó¿¡¼­ »ç¿ëµÇ°í ÀÖ´Â ÀϹÝÀûÀÎ phf Áú¹®ÀÇ ÇüÅÂÀÌ´Ù. ÀÌ°ÍÀ» ÅëÇؼ­ ¾ÆÀ̵ð¿Í ½Ç¸íÀ» µî·ÏÇÏ´Â °ÍÀÌ´Ù. ÇÏÁö¸¸, µÎ ¹ø°´Â ù ¹ø°¿Í´Â ´Ù¸¥ ÇüÅÂÀÌ´Ù. ÀÚ¼¼È÷ »ìÆ캸¸é ÀÌ°ÍÀº /etc/passwdÀ» º¸¿©ÁÖ´Â(cat) Áú¹® ÇüÅÂÀÓÀ» ¾Ë ¼ö ÀÖ´Ù. ÀǹÌÇϸç ÀϹÝÀûÀÎ phf Áú¹®ÀÇ ÇüÅ ¼Ó¿¡ Æнº¿öµå ÆÄÀÏÀ» º¸¿©ÁÖ´Â ¸í·ÉÀÌ»ðÀԵǾî ÀÖÀ½À» ½±°Ô ¹ß°ßµÈ´Ù. http://aaa.bb/cgi-bin/phf?Pserver=xxx.xx.xx.xx&Qalias=morphy &name=ChrisTerry http://aaa.bb/cgi-bin/phf?Jserver=xxx.xx.xx.xx%0Acat%20/etc/passwd%0A&Qalias=&Qname=foo 4.8.4.3 ħÀÔ °úÁ¤ 1.´©±º°¡ ´ç½ÅÀÇ È£½ºÆ®¸¦ ¸ñÇ¥·Î Á¤ÇÑ´Ù. 2.phfÀÇ ¹öÀüÀÌ ºÒ¾ÈÀüÇÑÁö¸¦ º»´Ù. Áï,`n'ÀÌ ÇÊÅ͸µÀÌ ¾È µÇ´ÂÁö¸¦ È®ÀÎÇÑ´Ù. 3.À§ÀÇ Áú¹® ¹æ¹ýÀ¸·Î /etc/passwdÀ» °¡Á®¿À°Å³ª, ¼¿À» ½ÇÇà½ÃŲ´Ù. 4.ÀÌ °úÁ¤Àº ¹°·Ð httpd ·Î±×¿¡ ³²´Â´Ù. 4.8.4.4 ÇØ°áÃ¥ C ¶óÀ̺귯¸® ÇÔ¼ö(system()°ú popen() µîµî)À» »ç¿ëÇÏÁö ¾Ê´Â´Ù. CGI ÇÁ·Î±×·¥À» Á¦°ÅÇÑ´Ù. Áï, escape_shell_cmd() ÇÔ¼ö¸¦ »ç¿ëÇÏ´Â CGI ÇÁ·Î±×·¥À» ÀÌ¿ëÇÒ ¼ö ¾ø°Ô ÇÑ´Ù. ÀÌ°ÍÀº ÇÁ·Î±×·¥¿¡¼­ ½ÇÇà ±ÇÇÑÀ» Á¦°ÅÇϰųª, ÇÁ·Î±×·¥ ±× ÀÚü¸¦ Á¦°ÅÇÑ´Ù. Ưº°È÷, phf°¡ ¼³Ä¡µÇ¾î ÀÖ´Â »çÀÌÆ®³ª ÇÊ¿äÇÏÁö ¾ÊÀº »çÀÌÆ®´Â ±×°ÍÀ» ÀÌ¿ëÇÒ ¼ö ¾ø°Ô ÇÑ´Ù. CGI ÇÁ·Î±×·¥À» ´Ù½Ã ¾´´Ù. escape_shell_cmd()ÀÇ Àǵµ´Â shell meta-characters¸¦ ºÎ¸£±â ½¬¿î ÇÔ¼ö¿¡ ´ëÇؼ­ shell meta-characters¸¦ ÇÊÅ͸µÇÏ¿© È£ÃâÇÏ´Â ¿ªÈ°À» ÇÑ´Ù. µû¶ó¼­, Á» ´õ ¾ÈÀüÇÑ ¹æ¹ýÀº ÀÌ·¯ÇÑ ¶óÀ̺귯¸® ÇÔ¼öÀÇ »ç¿ëÀ» ÇÇÇÏ´Â °ÍÀÌ´Ù. ÀÌ¹Ì shell-based ¶óÀ̺귯¸® ÇÔ¼ö(system() , popen())À» »ç¿ëÇÏ´Â CGI ÇÁ·Î±×·¥À» »ç¿ëÇÏ°í ÀÖ´Â »çÀÌÆ®´Â ÀÌ·¯ÇÑ ÇÁ·Î±×·¥À» ´Ù½Ã ½á¾ß ÇÑ´Ù. ÆÐÄ¡µÈ util.cÀ» °¡Áö°í CGI ÇÁ·Î±×·¥(cgi-bin ¿¡ ÀÖ´Â ¸ðµç ÇÁ·Î±×·¥)À» ´Ù½Ã ÄÄÆÄÀÏÇÑ´Ù. ´Ü¼øÇÑ ÆÐÄ¡ ¹æ¹ý 1) if(ind("&;`'\"|*?~<>^()[]{}$\\",cmd[x]) != -1){ 2) if(ind("&;`'\"|*?~<>^()[]{}$\\\n",cmd[x]) != -1){ util.cÀÇ escape_shell_cmd()ÀÇ ³»¿ëÀ» 1)¿¡¼­ 2)·Î ¹Ù²Ù¸é µÈ´Ù. ±×¸®°í, ¼Ò½º ÇÁ·Î±×·¥À» ´Ù½Ã make¸¦ ½ÇÇà½ÃÅ°¸é µÈ´Ù. 4.9 ĨÀÔÀÚÀÇ ¹ß°ß½Ã¿¡ °ü¸®ÀÚÀÇ ÀÓ¹« 4.9.1 ħÀÔÀ» ¹Þ°í ÀÖÀ» ¶§³ª ¹ÞÀº ÈÄ¿¡ ÇؾßÇÒ °Íµé. ÀÌÁ¦ ħÀÔÀ» °¨ÁöÇßÀ» ¶§¿¡ ´ëºñÇÑ ¸î °¡Áö Á¶¾ðÀ» ÇÏ°íÀÚ ÇÑ´Ù. ù ¹ø° ÇÒ ÀÏÀº ³ÃÁ¤À» À¯ÁöÇÏ´Â °ÍÀÌ´Ù. ¼º±ÞÇÑ ÇൿÀº °ø°ÝÀÚ°¡ ÀúÁö¸¦ ¼ö ÀÖ´Â °Íº¸´Ù ´õ Å« Çظ¦ ³¢Ä¥ ¼ö ÀÖ´Ù. 4.9.1.1 ÁøÇà ÁßÀÎ º¸¾È °ø°Ý. ÁøÇà ÁßÀÎ º¸¾È °ø°ÝÀ» ¾Ë¾ÆÂ÷¸®´Â °ÍÀº ±äÀåµÇ´Â ÀÏÀÏ ¼ö ÀÖ´Ù. ´ç½ÅÀÌ ¾î¶»°Ô ´ëÀÀÇϴ°¡¿¡ µû¶ó Áß¿äÇÑ °á°ú¸¦ °¡Á®¿Ã ¼ö ÀÖ´Ù. °ø°ÝÀÌ ¹°¸®ÀûÀÎ °ÍÀ̶ó¸é, ´ç½ÅÀÌ ¾Ë¾ÆÂ÷¸° ÀÌ»óÀº ´©±º°¡ ´ç½ÅÀÇ ÁýÀ̳ª »ç¹«½Ç, ¿¬±¸½Ç¿¡ ħÀÔÇß´Ù´Â »ç½ÇÀÏ °ÍÀÌ´Ù. ´ç½ÅÀº Áö¿ª Ã¥ÀÓÀÚ¿¡°Ô ¾Ë·Á¾ß ÇÑ´Ù. ¿¬±¸½Ç¿¡¼­¶ó¸é ´©±º°¡ ÄÉÀ̽º¸¦ ¿­·Á Ç߰ųª ÄÄÇ»Å͸¦ ÀçºÎÆÃÇÏ·Á°í Çß´Ù´Â °ÍÀ» ¾Ë¾ÆÂ÷·ÈÀ» °ÍÀÌ´Ù. ´ç½ÅÀÇ ±ÇÇÑ°ú ÀýÂ÷¿¡ µû¶ó, ´ç½ÅÀº ±×µé¿¡°Ô ÁßÁöÇϵµ·Ï ¿ä±¸Çϰųª Áö¿ª º¸¾È Ã¥ÀÓÀÚ¿¡°Ô ¿¬¶ôÇÒ ¼ö ÀÖ´Ù. Áö¿ª »ç¿ëÀÚ°¡ º¸¾ÈÀ» ÈѼÕÇÏ°íÀÚ ÇÏ´Â °ÍÀ» °¨ÁöÇßÀ» °æ¿ì, °¡Àå ¸ÕÀú ÇØ¾ß ÇÒ ÀÏÀº ±× »ç¿ëÀÚ°¡ ½ÇÁ¦ º»ÀÎÀÎÁö È®ÀÎÇÏ´Â °ÍÀÌ´Ù. ±× »ç¿ëÀÚ°¡ ¾îµð¿¡¼­ ·Î±×ÀÎÇÏ·Á°í ÇÏ°í ÀÖ´ÂÁö È®ÀÎÇØ º¸µµ·Ï Ç϶ó. ±× °÷ÀÌ Æò»ó½Ã¿¡ ·Î±×ÀÎÇØ µé¾î¿À´Â °÷Àΰ¡? ±×·¸Áö ¾ÊÀº°¡? ´ÙÀ½¿¡´Â ÄÄÇ»Å͸¦ ÅëÇÏÁö ¾ÊÀº Á÷Á¢ÀûÀÎ ¿¬¶ôÀ» ÃëÇغ¸µµ·Ï Ç϶ó. ¿¹¸¦ µé¾î ÀüÈ­¸¦ °É°Å³ª ±× »ç¿ëÀÚÀÇ Áý ȤÀº »ç¹«½Ç·Î Á÷Á¢ °¡¼­ À̾߱⸦ ³ª´­ ¼öÀÖ´Ù. ¸¸ÀÏ ±× »ç¿ëÀÚ°¡ ÀÚ±âÀÇ ÇàÀ§¸¦ ½ÃÀÎÇÑ´Ù¸é, ´ç½ÅÀº ±×ÀÇ ÇàÀ§¿¡ ´ëÇؼ­ ¼³¸íÇϵµ·Ï ¿ä±¸ÇÒ ¼ö ÀÖ°í ±×·± ÇàÀ§¸¦ ÁßÁöÇ϶ó°í ¸»ÇÒ ¼öµµ ÀÖ´Ù. ±×°¡ ºÎÀÎÇÏ°í, ´ç½ÅÀÌ ¸»ÇÏ´Â »ç°Ç¿¡ ´ëÇؼ­ ¸ð¸¥´Ù¸é Á» ´õ Á¶»ç¸¦ ÇØ¾ß ÇÑ´Ù. ºñ½ÁÇÑ »ç°ÇµéÀ» ¾Ë¾Æº¸°í ¾î¶² °í¹ßÀ̳ª ºñ³­ ÀÌÀü¿¡ ¸¹Àº Á¤º¸¸¦ È®º¸Çϵµ·Ï Ç϶ó. ³×Æ®¿÷À» ÅëÇÑ Ä§Åõ¸¦ °¨ÁöÇß´Ù¸é, óÀ½ ÇÒ ÀÏÀº (´ç½ÅÀÌ ÇÒ ¼ö ÀÖ´Ù¸é) ³×Æ®¿÷ ¿¬°áÀ» ²÷´Â °ÍÀÌ´Ù. ħÀÔÀÚ°¡ ¸ðµ©À¸·Î Á¢¼ÓÇß´Ù¸é ¸ðµ© ¼±À» »Ì¾Æ¹ö¸®µµ·Ï ÇÏ°í, ÀÌ´õ³ÝÀ» ÅëÇØ Á¢¼ÓÇß´Ù¸é ÀÌ´õ³Ý ¼±À» »Ì¾Æ¶ó. ÀÌ·¸°Ô Çϸé ħÀÔÀÚ°¡ ´õ Å« ÇÇÇظ¦ ÀÔÈ÷´Â °ÍÀ» ¸·À» ¼ö ÀÖ°í, ħÀÔÀÚ´Â ¾Æ¸¶ ÀÚ½ÅÀÌ µéÅë³µ´Ù°í »ý°¢Çϱ⺸´Ù´Â ³×Æ®¿÷¿¡ ¹®Á¦°¡ »ý±ä ¸ð¾çÀ̶ó°í ¿©±æ °ÍÀÌ´Ù. ´ç½ÅÀÌ ³×Æ®¿÷ ¿¬°áÀ» ²÷À» ¼ö ¾ø´Ù¸é (Á¢¼ÓÀÌ ºó¹øÇÑ »çÀÌÆ®À̰ųª, ÄÄÇ»ÅÍ¿¡ ´ëÇÑ ¹°¸®Àû °ü¸®±ÇÇÑÀÌ ¾ø´Ù¸é), Â÷¼±Ã¥Àº ħÀÔÀÚÀÇ »çÀÌÆ®·ÎºÎÅÍ Á¢¼ÓÇØ µé¾î¿À´Â °ÍÀ» ¸·±â À§ÇØ tcp_wrapper³ª ipfwadm °°Àº ÇÁ·Î±×·¥À» »ç¿ëÇÏ´Â °ÍÀÌ´Ù. ħÀÔÀÚÀÇ »çÀÌÆ®¿¡¼­ µé¾î¿À´Â ¸ðµç »ç¶÷µéÀÇ Á¢±ÙÀ» °ÅºÎÇÒ ¼ö ¾ø´Ù¸é, »ç¿ëÀÚµéÀÇ °èÁ¤À» Æó¼âÇÏ¿©¾ß ÇÑ´Ù. ÇϳªÀÇ °èÁ¤À» Æó¼âÇÏ´Â °ÍÀº ½¬¿î ÀÏÀÌ ¾Æ´Ï¶ó´Â Á¡¿¡ ÁÖÀÇÇ϶ó. ´ç½ÅÀº .rhosts ÆÄÀÏ°ú FTP¸¦ ÅëÇÑ Á¢±Ù, È£½ºÆ® »óÀÇ µÞ¹®(backdoor)À» ¿°µÎ¿¡ µÎ¾î¾ß ÇÑ´Ù. À§ÀÇ Á¶Ä¡µé (³×Æ®¿÷ Àý´Ü, °ø°ÝÀÚÀÇ »çÀÌÆ®·ÎºÎÅÍ ¿À´Â Á¢±Ù ½Ãµµ °ÅºÎ, ±×¸®°í/ȤÀº ±×µéÀÇ °èÁ¤ Æó¼â) °¡¿îµ¥ ÇÑ °¡Áö¸¦ ÇÏ°í ³ª¸é, °ø°ÝÀÚÀÇ ¸ðµç »ç¿ëÀÚ ÇÁ·Î¼¼½º¸¦ Á×ÀÌ°í ±×µéÀ» ·Î±× ¿ÀÇÁ ½ÃÄÑ¾ß ÇÑ´Ù. °ø°ÝÀÚ´Â ´Ù½Ã µé¾î¿À·Á°í ½ÃµµÇÒ °ÍÀ̹ǷÎ, ´ÙÀ½ ¸î ºÐ µ¿¾ÈÀº ´ç½ÅÀÇ »çÀÌÆ®¸¦ ÀÚ¼¼È÷ °¨½ÃÇØ¾ß ÇÑ´Ù. °ø°ÝÀÚ´Â ¾Æ¸¶µµ ´Ù¸¥ °èÁ¤À» ¾µ °ÍÀÌ°í, ´Ù¸¥ ³×Æ®¿÷ ÁÖ¼Ò¸¦ ¾µ ¼öµµ ÀÖ´Ù. 4.9.2 ÀÌ¹Ì ÀϾ º¸¾È ÈѼÕ. ´ç½ÅÀº ÀÌ¹Ì ÀϾ »ç°í¸¦ µÚ´Ê°Ô ¾Ë¾ÆÂ÷·ÈÀ» ¼öµµ ÀÖ°í Á¦¶§ °¨ÁöÇÏ°í (¹Ù¶ó±â·Î´Â)°ø°ÝÀÚ¸¦ ´ç½ÅÀÇ ½Ã½ºÅÛ¿¡¼­ ¸ô¾Æ³ÂÀ» ¼öµµ ÀÖ´Ù. ÀÌÁ¦´Â ¹«¾ùÀ» ÇØ¾ß ÇÒ±î? 4.9.2.1 ±¸¸Û ¸·±â °ø°ÝÀÚ°¡ ´ç½ÅÀÇ ½Ã½ºÅÛ¿¡ µé¾î¿À±â À§ÇØ »ç¿ëÇÑ ¹æ¹ýÀÌ ¹«¾ùÀÎÁö ¾Ë ¼ö ÀÖ´Ù¸é, ±× ±¸¸ÛÀ» ¸·µµ·Ï ÇØ¾ß ÇÑ´Ù. ¿¹¸¦ µé¾î °ø°ÝÀÚ°¡ ·Î±×ÀÎ ÇÑ ´ÙÀ½¿¡ FTP »ç¿ë»çÇ×µéÀÌ ¿©·¯ °³ »ý±ä °ÍÀ» ¹ß°ßÇÒ ¼ö ÀÖ´Ù. ÀÌ ¶§¿¡´Â FTP ¼­ºñ½º¸¦ ÁßÁöÇÏ°í °³Á¤ ¹öÀüÀ̳ª ¾Ë·ÁÁø ±³Á¤ »çÇ× ¸ñ·ÏÀÌ ÀÖ´ÂÁö ã¾ÆºÁ¾ß ÇÑ´Ù. ±â·Ï(log) ÆÄÀϵéÀ» È®ÀÎÇÏ°í, ÀÚÁÖ Ã£´Â º¸¾È »çÀÌÆ®¿¡ °¡¼­ ´ç½ÅÀÌ °íÄ¥ ¼ö ÀÖ´Â »õ·Ó°í ÈçÇÑ »ç·Ê°¡ ÀÖ´ÂÁö ¸ñ·ÏÀ» »ìÆ캸µµ·Ï Ç϶ó. °ø°ÝÀÚ¸¦ ¿ÏÀüÈ÷ Â÷´ÜÇÏÁö ¾Ê¾Ò´Ù¸é, ±×´Â ´ë°³ ´Ù½Ã µ¹¾Æ¿Â´Ù. ´ç½ÅÀÇ ÄÄÇ»ÅÍ·Î ¹Ù·Î µ¹¾Æ¿ÀÁö´Â ¾ÊÀ»Áö¶óµµ, ´ç½ÅÀÇ lan ¾ÈÀÇ ¾îµò °¡·Î ¸»ÀÌ´Ù. °ø°ÝÀÚ°¡ ÆÐŶ ½º´ÏÆÛ¸¦ ÀÛµ¿½ÃÅ°°í ÀÖ¾ú´Ù¸é, ±×´Â Áö¿ª ³»ÀÇ ´Ù¸¥ ÄÄÇ»ÅÍ·Î Á¢±ÙÇÒ ¼ö ÀÖ´Ù. 4.9.2.2 ÇÇÇØ Æò°¡ ù ¹ø° ÇÒ ÀÏÀº ÇÇÇظ¦ Æò°¡ÇÏ´Â °ÍÀÌ´Ù. ¹«¾ùÀÌ ÈѼյǾú´Â°¡? Tripwire °°Àº ¿ÏÀü¼º °Ë»ç ÇÁ·Î±×·¥À» »ç¿ëÇÏ°í ÀÖ´Ù¸é, tripwire¸¦ ½ÇÇà½ÃÄѼ­ ¾Ë¾Æº¼ ¼ö ÀÖ´Ù. ÀÌ·± ÇÁ·Î±×·¥ÀÌ ¾ø´Ù¸é, ¸ðµç Áß¿äÇÑ ÀÚ·áµéÀ» ÀÏÀÏÀÌ »ìÆ캸¾Æ¾ß ÇÑ´Ù. ¸®´ª½º ½Ã½ºÅÛÀÌ °¥¼ö·Ï ¼³Ä¡Çϱ⠽¬¿öÁö°í ÀÖÀ¸¹Ç·Î, ¼³Á¤ ÆÄÀϵéÀ» ÀúÀåÇØ µÎ°í µð½ºÅ©¸¦ Áö¿ö¹ö¸° ´ÙÀ½ ¸®´ª½º¸¦ ´Ù½Ã ¼³Ä¡ÇÑ µÚ ¹é¾÷À¸·ÎºÎÅÍ »ç¿ëÀÚ ÆÄÀÏ°ú ¼³Á¤ ÆÄÀϵéÀ» º¹±¸ÇÏ´Â °ÍÀ» °í·ÁÇØ º¼ ¼öµµ ÀÖ´Ù. ÀÌ·¸°Ô ÇÏ¸é ±ú²ýÇÑ ½Ã½ºÅÛÀ» »õ·Î °®°Ô µÈ´Ù. 4.9.2.3 ¹é¾÷, ¹é¾÷, ¹é¾÷! Á¤±âÀûÀ¸·Î ¹é¾÷À» Çصδ ½À°üÀº º¸¾È ¹®Á¦¿¡ À־´Â ½ÅÀÇ ¼±¹°ÀÌ´Ù. ´ç½ÅÀÇ ½Ã½ºÅÛÀÌ ¸Á°¡Á³À» ¶§, ¹é¾÷µÈ °ÍÀ¸·ÎºÎÅÍ ´ç½ÅÀÌ ¿øÇÏ´Â ÀڷḦ º¹±¸ÇÒ ¼ö ÀÖ´Ù. ¹°·Ð °ø°ÝÀÚ¿¡°Ôµµ °¡Ä¡ ÀÖ´Â ÀÚ·á´Â ÈÉÃÄ°¡¼­ ÀÚ±âÀÇ »çº»À» ¸¸µé¾î µÐ ´ÙÀ½¿¡ Æı«ÇÏ°ÚÁö¸¸, ÃÖ¼ÒÇÑ ´ç½ÅÀº ÀڷḦ µµ³­ ´çÇÒÁö¾ðÁ¤ ÀÒÁö´Â ¾Ê´Â´Ù. º¯Á¶µÈ ÆÄÀÏÀ» ¹é¾÷µÈ °ÍÀ¸·Î º¹±¸Çϱâ Àü¿¡, ÀÌÀüÀÇ ¿©·¯ ¹é¾÷º»µéÀ» È®ÀÎÇØ º¸¾Æ¾ß ÇÑ´Ù. ħÀÔÀÚ°¡ ÆÄÀÏÀ» ¿À·¡ Àü¿¡ ¸ÁÃijõ¾Ò´Ù¸é, ¾ûÅ͸® ÆÄÀϵ鸸 ÀÜ¶à ¹é¾÷ÇØ ³õ¾ÒÀ» ¼öµµ Àֱ⠶§¹®ÀÌ´Ù. ¹°·Ð ¹é¾÷º»µé¿¡ ´ëÇؼ­µµ º¸¾È ¹®Á¦°¡ ÀÖ´Ù. ¹é¾÷º»µéÀ» ¾ÈÀüÇÑ Àå¼Ò¿¡ µÎ¾ú´ÂÁö È®ÀÎÇÏ¿©¾ß ÇÏ°í, ´©°¡ °Å±â Á¢±ÙÇÒ ¼ö ÀÖ´ÂÁö ¾Ë°í ÀÖ¾î¾ß ÇÑ´Ù. (°ø°ÝÀÚ°¡ ¹é¾÷º»À» ¾òÀ» ¼ö ÀÖ´Ù¸é, ´ç½ÅÀÌ ¸ð¸£´Â »çÀÌ¿¡ ´ç½ÅÀÇ ¸ðµç ÀÚ·á¿¡ Á¢±ÙÇÒ ¼ö ÀÖ°Ô µÇ´Â °ÍÀÌ´Ù.) 4.9.2.4 ħÀÔÀÚ ÃßÀû ħÀÔÀÚ¸¦ ¸ô¾Æ³»°í, ½Ã½ºÅÛÀ» º¹±¸Çß´Ù°í Çؼ­ ¸ðµç ÀÏÀÌ ³¡³­ °ÍÀº ¾Æ´Ï´Ù. ´ë°³ ħÀÔÀÚµéÀº ÀâÈ÷Áö ¾ÊÁö¸¸, ±×·¡µµ °ø°Ý »ç°ÇÀ» º¸°íÇØ¾ß ÇÑ´Ù. ´ç½ÅÀº °ø°ÝÀÚ°¡ ´ç½Å ½Ã½ºÅÛÀ» °ø°ÝÇß´ø »çÀÌÆ®ÀÇ °ü¸®ÀÚ¿¡°Ô ±× »ç°ÇÀ» ¾Ë·ÁÁÖ¾î¾ß ÇÑ´Ù. ¿¬¶ôó´Â "whois"³ª internic µ¥ÀÌÅͺ£À̽º¸¦ ÀÌ¿ëÇؼ­ ã¾Æº¼ ¼ö ÀÖ´Ù. ¸ðµç ÀûÀýÇÑ ±â·Ï »çÇ×°ú ³¯Â¥ ¹× ½Ã°£À» ÷ºÎÇؼ­ ÀúÂÊ °ü¸®ÀÚ¿¡°Ô emailÀ» º¸³»´Â °ÍÀÌ ÁÁ´Ù. ħÀÔÀÚ¿¡ ´ëÇؼ­ ¾î¶² ƯÀÌÇÑ Á¡À» ¹ß°ßÇß´Ù¸é ±×°Íµµ ÇÔ²² ¾Ë·ÁÁÖµµ·Ï Ç϶ó. emailÀ» º¸³½ µÚ¿¡ (ÇÏ°í ½Í´Ù¸é) ÀüÈ­¸¦ Çϵµ·Ï Ç϶ó. ÀúÂÊ °ü¸®ÀÚ°¡ ´Ù½Ã ±× °ø°ÝÀÚ¸¦ ã¾Æ³Â´Ù¸é, ±× °ü¸®ÀÚ°¡ ´Ù½Ã °ø°ÝÀÚ°¡ µé¾î¿Â »çÀÌÆ®ÀÇ °ü¸®ÀÚ¿¡°Ô ¸»ÇÏ°í ¹¹ ±×·¸´Ù. ¶Ù¾î³­ ÇØÄ¿´Â ´ë°³ ¸¹Àº Áß°£ ½Ã½ºÅÛµéÀ» »ç¿ëÇÑ´Ù. ÀÌ ½Ã½ºÅÛµé ÁßÀÇ ¾î¶² (ȤÀº ¸¹Àº) °÷¿¡¼­´Â ħÀÔ ´çÇß´Ù´Â »ç½ÇÁ¶Â÷ ¸ð¸¦ ¼öµµ ÀÖ´Ù. Å©·¡Ä¿ÀÇ ¿ø·¡ ½Ã½ºÅÛ±îÁö ÂѾư¡´Â °ÍÀº ¾î·Á¿î ÀÏÀÌ´Ù. ´ç½ÅÀÌ À̾߱âÇÏ°Ô µÇ´Â °ü¸®Àڵ鿡°Ô °ø¼ÕÇÏ°Ô ´ëÇÏ´Â °ÍÀº ±×µé·ÎºÎÅÍ µµ¿òÀ» ¾ò¾î³»´Âµ¥ ÁÁ´Ù. ´ç½ÅÀÌ °¡ÀÔÇÑ (cert³ª ÀÌ¿Í ºñ½ÁÇÑ) ¸ðµç º¸¾È Á¶Á÷µé¿¡µµ ¾Ë·ÁÁÖ¾î¾ß ÇÑ´Ù. 4.10 º¸¾È °ü·Ã ÀÚ·á ¹× ±âŸ ÀÎÅÍ³Ý ÁÖ¼Ò·Ï À¯´Ð½º º¸¾È ÀϹݿ¡ ´ëÇÑ È¤Àº Ưº°È÷ ¸®´ª½º º¸¾È¿¡ ´ëÇÑ ÈǸ¢ÇÑ »çÀÌÆ®µéÀÌ Á¤¸» ¸¹ÀÌ ÀÖ´Ù. Çϳª ÀÌ»óÀÇ º¸¾È °ü·Ã ¸ÞÀϸµ ¸®½ºÆ®¿¡ °¡ÀÔÇؼ­ ÃÖ½ÅÀÇ º¸¾È ¼öÁ¤»çÇ×µéÀ» µû¶ó°¡´Â °ÍÀº ¸Å¿ì Áß¿äÇÏ´Ù. ÀÌ·± ¸®½ºÆ®µéÀº ´ë°³ ¸Å¿ì ºÐ·®ÀÌ ÀûÀ¸¸é¼­µµ À¯ÀÍÇÏ´Ù. 4.9.1 FTP »çÀÌÆ®µé ¢¼CERT´Â ÄÄÇ»ÅÍ ÀÀ±Þ ´ëÀÀ ÆÀ(Computer Emergency Response Team)ÀÇ ¾àÀÚ´Ù. À̵éÀº Á¾Á¾ ÃÖ±ÙÀÇ °ø°Ý »ç°Ç°ú ¼öÁ¤»çÇ׵鿡 ´ëÇÑ °æº¸¸¦ º¸³»°ï ÇÑ´Ù. cert.org Replay´Â ¸¹Àº º¸¾È ÇÁ·Î±×·¥µéÀ» ÀúÀåÇÏ°í ÀÖ´Ù. Replay´Â ¹Ì±¹ ¾È¿¡ ÀÖÁö ¾Ê±â ¶§¹®¿¡ ¹Ì±¹ÀÇ ¾î¸®¼®Àº ¾ÏÈ£ Á¦ÇÑ¿¡ µû¸¦ ÇÊ¿ä°¡ ¾ø´Ù. replay.com ¢¼Matt Blaze´Â CFSÀÇ ÀúÀÚÀ̸ç Ź¿ùÇÑ º¸¾È Àü¹®°¡ÀÌ´Ù. Matt Blaze's stuff ¢¼Sorosis´Â ¸®´ª½º PAM »çÀÌÆ®ÀÇ °íÇâÀÌ´Ù. ¿©±â¿¡´Â PAM¿¡ ´ëÇÑ ¸¹Àº Á¤º¸¿Í ¸ðµâµéÀÌ ÀÖ´Ù. Linux PAM ftp site ¢¼tue.nlÀº ³×´ú¶õµå¿¡ ÀÖ´Â ÈǸ¢ÇÑ º¸¾È °ü·Ã ftp »çÀÌÆ®ÀÌ´Ù. ftp.win.tue.nl 4.9.2 The Hacker FAQ ¢¼COAST ÀÚ·á½Ç¿¡´Â ¸Å¿ì ¸¹Àº À¯´Ð½º º¸¾È ÇÁ·Î±×·¥µé°ú Á¤º¸µéÀÌ ÀÖ´Ù. COAST ¢¼Rootshell.comÀº Å©·¡Ä¿µéÀÌ ¿äÁò ¾²´Â ħÅõ¹æ¹ý¿¡ ´ëÇØ ¾Ë¾Æº¸±â¿¡ ÁÁÀº »çÀÌÆ®ÀÌ´Ù. rootshell.com exploits ¢¼BUGTRAQÀº º¸¾È °ü·Ã ¹®Á¦¿¡ ´ëÇÑ »óȲº¸°í¸¦ ¹ßÇ¥ÇÑ´Ù. BUGTRAQ archives ¢¼ÄÄÇ»ÅÍ ÀÀ±Þ ´ëÀÀ ÆÀ, CERT´Â À¯´Ð½º ½Ã½ºÅÛ¿¡ ´ëÇØ ÈçÈ÷ °¡ÇØÁö´Â °ø°ÝÀ» º¸°íÇÑ´Ù. CERT home (http://www.cert.org) ¢¼Dan Farmer´Â SATAN°ú ¸¹Àº ´Ù¸¥ º¸¾È µµ±¸µéÀÇ ÀúÀÚÀ̸ç, ±×ÀÇ È¨»çÀÌÆ®¿¡´Â º¸¾È µµ±¸µé »Ó ¾Æ´Ï¶ó º¸¾È¿¡ ´ëÇÑ Èï¹Ì·Î¿î °³°ý ±Ûµéµµ ÀÖ´Ù. Dan Farmers trouble.org ¢¼¸®´ª½º º¸¾È WWW´Â ¸®´ª½º ½Ã½ºÅÛÀÇ º¸¾È¿¡ ´ëÇÑ ÁÁÀº ÀÚ·á¿øÀÌ´Ù. Linux Security WWW ¢¼ReptileÀÇ °³ÀÎ »çÀÌÆ®¿¡´Â ¸®´ª½º º¸¾È¿¡ °üÇÑ ÁÁÀº Á¤º¸µéÀÌ ¸¹ÀÌ ÀÖ´Ù. Reptiles Linux Security Page ¢¼Infilsec¿¡´Â ¾î¶² Ãë¾àÁ¡ÀÌ Æ¯Á¤ÇÑ Ç÷§Æû¿¡ ¿µÇâÀ» ÁÖ´ÂÁö ¾Ë·ÁÁÖ´Â Ãë¾àÁ¡ ¿£Áø(vulnerability engine)ÀÌ ÀÖ´Ù. Infilsec vunerability engine ¢¼CIAC´Â ÈçÇÑ Ä§ÀÔ »ç°Çµé¿¡ ´ëÇØ Á¤±âÀûÀÎ º¸¾È º¸°í¼­µéÀ» º¸³»ÁØ´Ù. CIAC bulitins 4.9.3 ¸ÞÀϸµ ¸®½ºÆ®µé ¢¼Bugtraq: bugtraq¸¦ ±¸µ¶ÇÏ·Á¸é, º»¹®¿¡ subscribe bugtraq¶ó°í ½á¼­ listserv@netspace.org·Î emailÀ» º¸³»¸é µÈ´Ù. ¢¼CIAC: º»¹®¿¡ (Á¦¸ñ¿¡ ¸»°í) subscribe ciac-bulletin¶ó°í ½á¼­ majordomo@tholia.llnl.gov¿¡ e-mailÀ» º¸³»¶ó. 4.9.4 Ã¥µé - ÀμâµÈ ÀÐÀ»°Å¸®. ÁÁÀº º¸¾È °ü·Ã ¼­ÀûµéÀÌ ¸¹ÀÌ ÀÖ´Ù. ÀÌ Àý¿¡¼­´Â ÀÌ·± Ã¥µé °¡¿îµ¥ Á¶±Ý¸¸ ³ª¿­ÇÏ°íÀÚ ÇÑ´Ù. º¸¾ÈÀ» Àü¹®ÀûÀ¸·Î ´Ù·é Ã¥µé »Ó ¾Æ´Ï¶ó, ½Ã½ºÅÛ °ü¸®¿¡ ´ëÇÑ ¸¹Àº Ã¥µéÀÌ º¸¾È¿¡ ´ëÇؼ­ ´Ù·ç°í ÀÖ´Ù. Building Internet Firewalls By D. Brent Chapman & Elizabeth D. Zwicky 1st Edition September 1995 ISBN: 1-56592-124-0 Practical UNIX & Internet Security, 2nd Edition By Simson Garfinkel & Gene Spafford 2nd Edition April 1996 ISBN: 1-56592-148-8 Computer Security Basics By Deborah Russell & G.T. Gangemi, Sr. 1st Edition July 1991 ISBN: 0-937175-71-4 Linux Network Administrator's Guide By Olaf Kirch 1st Edition January 1995 ISBN: 1-56592-087-2 PGP: Pretty Good Privacy By Simson Garfinkel 1st Edition December 1994 ISBN: 1-56592-098-8 Computer Crime A Crimefighter's Handbook By David Icove, Karl Seger & William VonStorch (Consulting Editor Eugene H. Spafford) 1st Edition August 1995 ISBN: 1-56592-086-4 ¡á ¸®´ª½º¿¡¼­ÀÇ ÇÑ±Û ±¸Çö - °³¿ä : ±âÁ¸ÀÇ libc5 ¶óÀ̺귯¸® ÇÏ¿¡¼­ÀÇ XFree86 ÇÑ±Û ¼³Á¤Àº ±¹Á¦È­µÈ ¹öÀüÀ¸·Î½á, ÇÑ±Û ÀÔ¡¤Ãâ·Â¿¡ Å« ¹®Á¦°¡ ¾ø¾úÀ¸³ª, libc6(glibc2)ÇÏ¿¡¼­ÀÇ ÇÑ±Û ÀÔ¡¤Ãâ·ÂÀº XFree86ÀÇ ±¹Á¦È­µÈ(i18) ¹öÀüÀ» Æ÷ÇÔÇÏÁö ¸øÇÏ´Â »óȲÀÌ´Ù. ¾ÆÁ÷Àº ¾ËÆĹöÀüÀ¸·Î½á ¾ÈÁ¤µÇÁö ¸øÇÑ libc6(glibc2) ¶óÀ̺귯¸®ÀÇ ¹®Á¦·Î½á ¾ÆÁ÷ XFree86(X)¿¡¼­ÀÇ i18 Àº ¾ÆÁ÷ ÀÌ·ç¾îÁö±â Èûµç »óȲÀÌ´Ù. ÇöÀç (1998³â ÀÌÈÄ) ÇÑ±Û ÆÐÄ¡ µÈ ¸®´ª½ºÀÇ ¼³Á¤Àº ±âÁ¸ÀÇ XFree86 ¿¡ i18µÈ ÆÐÄ¡¹öÀüÀ» °¡Áö°í ÆÐÄ¡¸¦ °¡ÇÑ °ÍÀ̸ç, ºÒ¾ÈÁ¤ÇÑ »óÅÂÀÌ´Ù. 2¹ÙÀÌÆ® ±Ç¿¡ ¼ÓÇÏ´Â ¿ì¸®´Â ÇÑ±Û »ç¿ëÀÌ ÇʼöÀÌ´Ù. ÀÌ ±ÛÀº ¿µ¹® ¸®´ª½º »óÅ¿¡¼­ÀÇ ÇÑ±Û ±¸Çö¿¡ ´ëÇؼ­ ¼³¸íÇÑ °ÍÀÌ´Ù. ±×·³, ¸®´ª½º¿¡¼­ÀÇ ±âº»ÀûÀ¸·Î ÇÊ¿äÇÑ ÇÑ±Û ±¸Çö¿¡ ´ëÇÏ¿© ¾Ë¾Æº¸ÀÚ. < ¸®´ª½º¿¡¼­ÀÇ ±âº»ÀûÀÎ ÇÑ±Û ¼³Á¤ > ¿µ¹® ¸®´ª½º¿¡¼­ÀÇ ÇÑ±Û Ãâ·ÂÀº ÇÑ±Û ÆùÆ®¸¦ ¼³Ä¡Çϸé Ãâ·Â¿¡´Â ¹®Á¦°¡ ¾ø´Ù. ÇÏÁö¸¸, ÇѱÛÀ» ÀÔ·ÂÇϱâ À§Çؼ­´Â Çѱ۷ÎÄÉÀÏÀÌ ¼³Á¤µÇ¾î¾ß¸¸ ÇÑ´Ù. ¿ì¸®´Â °¡Àå ±âº»ÀûÀÎ ÇÑ±Û ÀÔ¡¤Ãâ·Â¿¡ ´ëÇÏ¿© ¾Ë¾Æº¸±â·Î ÇÏÀÚ. ¸®´ª½º¸¦ ¼³Ä¡ÇÏ°í ³ª¼­ Á¦ÀÏ ¸ÕÀú ¿ì¸®´Â root ±ÇÇÑÀ¸·Î½á ¸®´ª½º¸¦ Á¦ÀÏ ¸ÕÀú ¸¸³ª°Ô µÉ °ÍÀÌ´Ù. ÇÑ±Û È¯°æ¿¡ À־ Á¦ÀÏ Áß¿äÇÑ ¹®Á¦´Â ¹Ù·Î LANG ¹®Á¦Àε¥, ÀÌ LANG(locale) ¼³Á¤À» ¸ÕÀú ¾Ë¾Æº¸ÀÚ. ==================< LANG (locale) ¼³Á¤ >========================= if [ -z "$LANG" ] && [ ! `tty |grep -c 'tty[0-9]'` -eq 1 ]; then export LANG=ko fi if [ -z "$LESSCHARSET" ]; then export LESSCHARSET=latin1 fi ================================================================ ´ÙÀ½ »óȲÀ» Ȩ µð·ºÅ丮ÀÇ .bash_profile ¿¡ Àû¾îÁØ´Ù. (¼³¸í) X¿¡¼­´Â ÇÑÅÒÀ» ÀÌ¿ëÇؼ­ ÇѱÛÀ» º¼¼öµµ ÀÖ°í, ¸¸¾à À¯Àú°¡ ÇÑ±Û ÆÐÄ¡µÈ XFree86 À» ¼³Ä¡ÇÏ¿´´Ù¸é Çѱ۱¸ÇöÀÌ °¡´ÉÇØÁø´Ù. ±×·¯³ª, Äֿܼ¡¼­´Â hanÀ̶ó´Â ÇÁ·Î±×·¥À» ½ÇÇàÇÏÁö ¾Ê´Â ÇÑ ÇѱÛÀº º¸ÀÌÁö ¾Ê´Â´Ù. ÀÌ·± °æ¿ì¸¦ »ý°¢Çؼ­ X ¿¡¼­´Â ±âº»°ªÀ» LANG=ko ·Î ¼³Á¤À» ÇÏ°í, Äֿܼ¡¼­´Â ±âº»°ªÀ» LANG=C ·Î ¼³Á¤Çϴµ¥, ¸¸¾à À¯Àú°¡ han À» ½ÇÇàÇÏ°Ô µÈ´Ù¸é LANG=ko ·Î ¹Ù²îµµ·Ï ÇÏ´Â ½ºÅ©¸³Æ®ÀÌ´Ù. ¸®´ª½º³ª À¯´Ð½º¿¡¼­´Â Å͹̳ΠÀåÄ¡¸¦ tty1~12 ±îÁö ÀÌ·±½ÄÀ¸·Î »ç¿ëÀ» ÇÏ°Ô µÇ´Âµ¥, ÇÑÅÒÀ̳ª han, telnet, ftp µîÀ» »ç¿ëÇÏ°Ô µÈ´Ù¸é ttyp1 ÀÌ·±½ÄÀ¸·Î ¸íĪÀ» ºÎ¿©¹Þ°í ÀÏÀ» ½ÃÀÛÇÏ°Ô µÈ´Ù. Áï, tty ¸í·ÉÀ» ½ÇÇàÇؼ­ Ç¥ÁØÃâ·ÂÀ¸·Î ³ª¿À°Ô µÇ´Â ÇÁ·Î±×·¥µé Áß¿¡¼­ tty0-9 ±îÁöÀÇ ÀϷùøÈ£°¡ ÀÖ´ÂÁö È®ÀÎÇغ¸°í ¾øÀ¸¸é LANG=ko ·Î ¼³Á¤ÇÏ°í ÀÖÀ¸¸é LANG=C ·Î ¼³Á¤ÇÏ°Ô µÇ´Â ¹æ¹ýÀÌ´Ù. bash ÀÇ ¸ðµç ¼³Á¤À» ÀоîµéÀÌ°Ô Çϱâ À§Çؼ­´Â ´ÙÀ½°ú °°Àº ¸í·ÉÀ» ³»·ÁÁØ´Ù. # source .bash_profile ÀÌ·¯¸é root »ç¿ëÀÚÀÇ ÇÑ±Û ÀÔ¡¤Ãâ·ÂÀÇ ±âº»¼³Á¤Àº ³¡³ª°ÔµÈ´Ù. < ±âº»ÀûÀÎ Çѱۻç¿ëÀ» À§ÇÑ ÇÑÅÒ ¼³Ä¡ > °¢ ÇØ´ç Åë½Å¸ÁÀÇ ÀÚ·á½ÇÀ̳ª FTP »çÀÌÆ®·ÎºÎÅÍ ÇÑÅÒÀÇ ¹ÙÀ̳ʸ® ÆÄÀÏ ¶Ç´Â ¼Ò½º ÆÄÀϵéÀ» ±¸ÇؾßÇÑ´Ù. ´ë°³ ¼Ò½º ÇüÅ·Π¾ÐÃàÀÌ µÇ¾î ¹èÆ÷°¡ µÇÁö¸¸ ¸¸ÀÏ ÀÚ½ÅÀÇ ½Ã½ºÅÛ¿¡ ¸Âµµ·Ï ¹Ì¸® ÄÄÆÄÀÏ µÇ¾î ¾ÐÃàÀÌ µÇ¾îÀÖ´Â ¹ÙÀ̳ʸ® ÆÄÀÏÀÎ °æ¿ì¿¡ ½½·¢¿þ¾îÀÎ °æ¿ì¿¡´Â pkgtoolÀ» ÀÌ¿ëÇÏ¿© ¼³Ä¡¸¦ ÇÒ ¼ö ÀÖ°í, ·¹µåÇÞÀÎ °æ¿ì¿¡´Â rpmÀ» ±¸Çؼ­ ¼³Ä¡¸¦ ÇÒ ¼ö ÀÖ°í, µ¥ºñ¾ÈÀÇ °æ¿ì¿¡´Â debÀ» ±¸Çؼ­ ¼³Ä¡¸¦ ÇÒ ¼ö ÀÖ´Ù. ¸¸¾à, ÇÑÅÒ ¼Ò½º¸¦ ±¸ÇÏ¿´´Ù¸é Á÷Á¢ ÀÚ½ÅÀÇ ½Ã½ºÅÛ¿¡¼­ ÄÄÆÄÀÏ ÇÏ¿© »ç¿ëÇÏ¿©¾ß ÇÑ´Ù. =================< ÇÑ±Û Å͹̳Î(ÇÑÅÒ) »çÀÌÆ® >===================== 1. source: http://pseudo.snu.ac.kr/~hwang/ 2. rpm: ftp://ftp.kreonet.re.kr/pub/hangul/linux/AlzzaLinux 3. deb: ftp://ftp.kreonet.re.kr/pub/hangul/linux/Debian-KR ================================================================ ¼³Ä¡´Â ´ÙÀ½°ú °°Àº ÀýÂ÷·Î ÁøÇàµÈ´Ù. # tar xvfz hanterm-xf-p15.tar.gz ÇÏ¸é ¾ÐÃàÀÌ Ç®¸®¸é¼­ ÇÑÅÒ ¼Ò½ºÄڵ尡 µé¾îÀÖ´Â µð·ºÅ丮°¡ »ý¼ºµÈ´Ù. # cd <ÇÑÅÒ ¼Ò½º µð·ºÅ丮> ÇÏ¿© µð·ºÅ丮¸¦ À̵¿ÇÑ ÈÄ, # xmkmf ÇÏ¿© imagefileÀ» makefile·Î º¯È¯ÇÑ´Ù. # make ÇÏ¿© ÄÄÆÄÀÏÀ» ÇÑ´Ù. ÀÌ·¸°Ô ÄÄÆÄÀÏÀÌ ¼º°øÀûÀ¸·Î ¼öÇàµÇ¸é hantermÀ̶õ ½ÇÇàÆÄÀÏÀÌ »ý¼ºµÈ´Ù. # cp hanterm /usr/X11R6/bin º¹»ç¸¦ ÇÑ´Ù. # cp Hanterm.ad /usr/X11R6/lib/X11/app-defaults/Hanterm : Hanterm.ad ¶ó´Â ÆÄÀÏÀ» HantermÀ̶ó´Â ÆÄÀÏ·Î º¹»ç¸¦ ÇÑ´Ù. =================<ÇÑÅÒ¿¡ ÇÊ¿äÇÑ ÆùÆ® ±¸Çϴ°÷ >=================== * ftp.kornet.nm.kr: ftp://ftp.kornet.nm.kr/pub/Hangul/fonts/ ================================================================ ¢Ñ ±âº»ÀûÀÎ ÇÑÅÒ¿¡ ÇÊ¿äÇÑ ÆùÆ®´Â..? : hanyang-font-pcf.tar.gz, iyagi.pcf.Z, iyagi16.pcf.Z, johabg16 - johabsm16.pcf.Z # dir *.bdf¸¦ Çϸé ÃÑ 11°³ÀÇ ÆùÆ®ÆÄÀÏÀÌ ³ª¿À´Âµ¥ ÀÌ ÆÄÀϵéÀ» .pcf Æ÷¸ËÀ¸·Î ¹Ù²Ù¾îÁÖ´Â ÀÛ¾÷À» ÇÏ¸é µÈ´Ù. ¿¹¸¦ µé¾î, iyagi16.bdf ÆÄÀÏÀ» º¯È¯ÇÏ´Â ¹æ¹ýÀº, # bdftopcf iyagi16.bdf > iyagi16.pcf ÃÑ 11°³ÀÇ ÆùÆ®ÆÄÀÏ¿¡ ´ëÇÏ¿© ¶È°°Àº ¹æ½ÄÀ¸·Î ÀÛ¾÷À» ÇÏ¸é µÈ´Ù. ÀÛ¾÷ Á¾·á ÈÄ *.pcf ÆÄÀÏÀÌ Á¤È®È÷ »ý¼ºµÇ¾ú´ÂÁö È®ÀÎÀ» ¸¶Ä£ ÈÄ, # cp *.pcf /usr/X11R6/lib/X11/fonts/misc # mkfontdir /usr/X11R6/lib/X11/fonts/misc # xset fp rehash /usr/X11R6/lib/X11/fonts/misc Áï, ÇÑÅÒÀÇ x-window ÆùÆ® ÆÄÀÏ À» x-windowÀÇ ÇØ´çµð·ºÅ丮·Î º¹»çÇÏ°í, ÇØ´çµð·ºÅ丮ÀÇ ÆùÆ® ÆÄÀϵ鿡 ´ëÇÑ À妽º¸¦ »ý¼ºÇÏ´Â °ÍÀ¸·Î ÀÛ¾÷Àº ³¡³­´Ù. < ³Ý½ºÄÉÀÌÇÁ¿¡¼­ÀÇ ÇÑ±Û ÀÔ¡¤Ãâ·Â ±¸Çö > ¸®´ª½º¿¡¼­ÀÇ À¥ ¼­ÇÎÀ» Çϱâ À§Çؼ­ »ç¿ëÀÚµéÀº ³Ý½ºÄÉÀÌÇÁ¸¦ ÁÖ·Î ¸¹ÀÌ ÀÌ¿ëÇÏ°Ô µÈ´Ù. ¹°·Ð, lynx ¶ó´Â ÅؽºÆ® ºê¶ó¿ìÀú¸¦ ÀÌ¿ëÇÏ¿© ºü¸¥ À¥ ¼­ÇÎÀ» ÇÏÁö¸¸, ¿äÁò ´ëºÎºÐÀÇ È¨ÆäÀÌÁö¸¦ °¡´õ¶óµµ À̹ÌÁö ¾ø´Â ȨÆäÀÌÁö´Â °ÅÀÇ ¾ø´Ù. lynx ¸¦ ÀÌ¿ëÇÑ À¥ ¼­ÇÎÀº ¾î´À Á¤µµ ÇÑ°è°¡ ÀÖ´Ù. ±×·¡¼­, ³Ý½ºÄÉÀÌÇÁ¸¦ ¸¹ÀÌ ÀÌ¿ëÇϴµ¥ ¸®´ª½º¿ë ÇÑ±Û ³Ý½ºÄÉÀÌÇÁ´Â ½ÇÁ¦ÀûÀ¸·Î ¾ø´Â »óÅÂÀÌ´Ù. ÇÑ±Û ÆÐÄ¡¸¦ ÇÑ ³Ý½ºÄÉÀÌÇÁ°¡ ÀÖ´õ¶óµµ ¼ø¼ö ÇÑ±Û ³Ý½ºÄÉÀÌÇÁ´Â ¾ø±â ¶§¹®¿¡, ÇÑ±Û ¾²´Â ¸®´ª½º À¯ÀúµéÀº ³Ý½ºÄÉÀÌÇÁ¿¡¼­ÀÇ ÇÑ±Û ÀÔ¡¤Ãâ·Â¿¡ ¸¹Àº °ü½ÉÀÌ °¡°Ô µÈ´Ù. ¿©±â¼­´Â ÇÑ±Û ÆÐÄ¡°¡ µÈ ³Ý½ºÄÉÀÌÇÁ°¡ ¾Æ´Ñ ¼ø¼ö ¿µ¹® »óÅÂÀÇ ³Ý½ºÄÉÀÌÇÁ¸¦ °¡Áö°í ÇÑ±Û ÀÔ¡¤Ãâ·ÂÀÌ °¡´ÉÇϵµ·Ï º¸¿©ÁÖ±â À§ÇÔÀÌ´Ù. ¸ÕÀú, ³Ý½ºÄÉÀÌÇÁ°¡ ¼³Ä¡°¡ µÇ¾îÀÖ´Ù°í °¡Á¤ ÇÏ¿¡ ¼³¸íÀÌ µé¾î°©´Ï´Ù. ===================================== ftp.netscape.com: ftp://ftp.netscape.com/ =============================================================== ¸ÕÀú, ³Ý½ºÄÉÀÌÇÁ¸¦ ¼Ò½º¸¦ ¹Þ°í ³ª¼­ ´ÙÀ½°ú °°Àº ÆÄÀÏÀ» ¸¸µç´Ù. ===================================================== #include #include char *_Xsetlocale (int, const char *); #undef setlocale char *setlocale (int c, const char *l) { if ((c == LC_ALL || c == LC_CTYPE) && l != NULL && !(*l == 'C' && l[1] == '\0')) { XtSetLanguageProc(NULL, NULL, NULL); l = NULL; } return _Xsetlocale(((c == LC_ALL || c == LC_CTYPE) ? 2 : 3), l); } =============================================================== ÀÌ ÆÄÀÏÀ» ´ÙÀ½°ú °°Àº Çü½ÄÀ¸·Î ÄÄÆÄÀÏÀ» ÇÑ´Ù. # gcc -fPIC -shared -Wl,-rpath=/usr/X11R6/lib,-soname,liblocale.so \ -o liblocale.so locale.c -L/usr/X11R6/lib -lX11 -lXt ±×·¯¸é, liblocale.so ¶ó´Â ¶óÀ̺귯¸®°¡ ¸¸µé¾îÁø´Ù. ±×¸®°í ³ª¼­, /usr/X11R6/lib/X11/locale¿¡ ko¶ó´Â µð·ºÅ丮¸¦ ¸¸µçÈÄ¿¡ ´ÙÀ½°ú °°Àº »çÇ×À» Àû¾îÁØ´Ù. =============================================== XLC_FONTSET # fs0 class (7 bit ASCII) fs0 { charset { name ISO8859-1:GL } font { primary ISO8859-1:GL vertical_rotate all } } # fs1 class fs1 { charset { name KSC5601.1987-0:GL } font { primary KSC5601.1987-0:GL substitute KSC5601.1987-1:GR } } END XLC_FONTSET XLC_XLOCALE encoding_name ko.euc mb_cur_max 2 state_depend_encoding False wc_encoding_mask \x30000000 wc_shift_bits 7 # cs0 class cs0 { side GL:Default length 1 wc_encoding \x00000000 ct_encoding ISO8859-1:GL } # cs1 class cs1 { side GR:Default length 2 wc_encoding \x30000000 ct_encoding KSC5601.1987-0:GL; KSC5601.1987-0:GR } END XLC_XLOCALE ============================================================== ´ÙÀ½°ú °°Àº ³Ý½ºÄÉÀÌÇÁ ½ÇÇà ÆÄÀÏÀ» ¸¸µçÈÄ¿¡ liblocale.so ¶óÀ̺귯¸®¸¦ ¶È °°Àº °æ·Î·Î º¹»ç¸¦ ÇØÁÖ¸é ³Ý½ºÄÉÀÌÇÁ¿¡¼­ÀÇ ÇÑ±Û ÀÔ.Ãâ·ÂÀÌ µÈ´Ù. =======================< netscape2 >=========================== #!/bin/sh NS_EXE=/usr/lib/netscape/netscape NS_LIB=/usr/lib/netscape LD_PRELOAD="/usr/lib/netscape/liblocale.so:/lib/libc.so.5.3.12" export LD_PRELOAD ## exec $NS_EXE $* >/tmp/netscape.log1 2>/tmp/netscape.log2 & exec $NS_EXE $* =============================================================== ÀÌ È­ÀÏÀ» path °¡ °É¸° /usr/X11R6/bin ¿¡ º¹»çÇÏ°í ³ª¼­ »ç¿ëÀ» ÇÏ¸é µÈ´Ù. < ³Ý½ºÄÉÀÌÇÁ¿¡¼­ÀÇ ÇÑ±Û ÀԷ±⠼³Ä¡ > * hanIMÀÇ ¼³Ä¡ hanIM ÀÇ ¼³Ä¡¿¡ ÇÊ¿äÇÑ ÆÄÀϵé : xfntmizi-1.1-1.noarch.rpm hanIM-0.9-1.i386.rpm ¸ÕÀú, ÆùÆ®¸¦ ¼³Ä¡ÇÑ´Ù. # rpm -ivh xfntmizi-1.1-1.noarch.rpm # rpm -ivh hanIM-0.9-1.i386.rpm ±×¸®°í ³ª¼­, /usr/X11R6/lib/X11/fonts/misc·Î À̵¿Çؼ­ ÆùÆ® Á¤º¸¸¦ ¸¸µç´Ù. # cd /usr/X11R6/lib/X11/fonts/misc # mkfontdir # xset fp rehash ¶ó°í ¸í·É¾î¸¦ ½ÇÇà½ÃÅ°¸é, ÆùÆ® Á¤º¸°¡ ¸¸µé¾îÁø´Ù. ¸ÕÀú, ¸¸µé¾ú´ø ³Ý½ºÄÉÀÌÇÁ¿¡¼­ÀÇ ÇÑ±Û ¶óÀ̺귯¸®¿Í hanIM, kims´Â µ¿ÀÏÇÑ locale.so·Î ÀÔ·Â ·ÎÄÉÀÏÀ» Áö¿øÇϹǷΠ¸ÕÀú ³Ý½ºÄÉÀÌÇÁ¸¦ ½ÇÇà½ÃÅ°±â Àü¿¡ hanIMÀ» ½ÇÇà½ÃÅ°¸é, ÇÑ±Û ÀÔ·ÂÀÌ Áö¿øµÈ´Ù. * kimsÀÇ ¼³Ä¡ kims¿¡ ÇÊ¿äÇÑ ÆÄÀÏ : kims.1.0a-971009.tar.gz ¸ÕÀú, kims À» ¹Þ¾Æ¿Í¼­ ¾ÐÃàÀ» Ç®ÀÚ. root µð·ºÅ丮¿¡ ¾ÐÃàÀ» Ǭ´Ù°í °¡Á¤ÇÏ¿¡ ¼³Ä¡¸¦ Çغ¸°Ú´Ù. # tar xvfz kims.1.0a-971009.tar.gz # cd usr/X11R6/lib/X11/fonts/misc Çϸé, ÇÊ¿äÇÑ 3°³ÀÇ ÆùÆ®°¡ ÀÖ´Ù. 3°³ÀÇ ÆùÆ®¸¦ /usr/X11R6/lib/X11/fonts/misc ¿¡ º¹»ç¸¦ ÇÏÀÚ. # cp *.gz /usr/X11R6/lib/X11/fonts/misc # mkfontdir /usr/X11R6/lib/X11/fonts/misc # xset fp rehash /usr/X11R6/lib/X11/fonts/misc ÀÌ·¸°Ô Çϸé kims ¿¡ ÇÊ¿äÇÑ ÆùÆ®¸¦ ¼³Ä¡¸¦ ÇÏ¿´´Ù. # cd /root/usr/X11R6/lib/X11/app-defaults Çϸé CHtermÀ̶ó´Â kims¿¡¼­ »ç¿ëÇÏ´Â ÇÑ±Û Ä®¶ó Å͹̳ÎÀÇ ¼³Á¤ ÆÄÀÏÀÌ ÀÖ´Ù. ÀÌ°ÍÀ» /usr/X11R6/lib/X11/app-defaults ¿¡ º¹»ç¸¦ ÇÑ´Ù. # cp CHterm /usr/X11R6/lib/X11/app-defaults ±×¸®°í ³ª¼­, /root/usr/X11R6/bin À¸·Î °¡¸é kims ¿Í chterm À̶ó´Â ½ÇÇàÆÄÀÏ µÎ°³°¡ ÀÖ´Ù. ÀÌ°ÍÀ» /usr/X11R6/bin ¿¡ º¹»ç¸¦ Çغ¸ÀÚ. # cd /root/usr/X11R6/bin # cp kims chterm /usr/X11R6/bin ±×¸®°í ³ª¼­, /root/usr/local/lib µð·ºÅ丮·Î °¡¸é kims¿¡ ÇÊ¿äÇÑ ÇÑÀÚ»çÀüÀÌ ÀÖ´Ù.(µð·ºÅ丮¸¦ Åë°·Î º¹»çÇÑ´Ù) # cd /root/usr/local/lib # cp -r dic /usr/local/lib ±×·¯¸é ÀÏ´Ü kimsÀÇ ¼³Ä¡´Â ¸¶¹«¸® µÈ´Ù. ´ÙÀ½Àº ¼³Á¤À¸·Î µé¾î°¡º¸µµ·Ï ÇÏÀÚ. ´ÙÀ½ »çÇ×À» Ȩ µð·ºÅ丮¿¡ ÀÖ´Â .bash_profile¿¡ ±âÀÔÇÑ´Ù. =========================<.bash_profile >======================== export LANG=ko export XMODIFIERS="@im=kims" =============================================================== ÀúÀåÇÏ°í ³ª¼­, source .bash_profileÀ̶ó´Â ¸í·ÉÀ¸·Î ¼³Á¤À» ÀÐ¾î µéÀÌ°Ô²û ÇØÁØ´Ù. ±×¸®°í, kimsÀÇ ¾ÐÃàÀ» Ǭ µð·ºÅ丮¿¡ º¸¸éÀº .Xdefults_kims¶ó´Â ÆÄÀÏÀÌ Àִµ¥ ±× ³»¿ëÀ» Ȩ µð·ºÅ丮¿¡ ÀÖ´Â .Xdefaults¿¡ Àû¾îÁØ´Ù. ´ÙÀ½Àº ÀúÀÚÀÇ kims¿¡ ´ëÇÑ .XdefaultsÀÇ ³»¿ëÀÌ´Ù. ========================< .Xdefaults >========================== kims.hangulEnglishToggle: Shift_space kims.hanja: Meta_g kims.hanjaBack: Meta_e kims.hanjaWindowPopup: Meta_c kims.special: Control_p kims.fontSet:\ -schumacher-clean-bold-r-normal--16-160-75-75-c-80-iso8859-1,\ -kaist-myeongjo-bold-r-normal--16-160-75-75-c-160-ksc5601.1987-1 kims.foreground: black kims.background: white !! !!chterm !! CHterm*Title: ÇÑ±Û ÀÔ·Â Å͹̳¯ CHterm*scrollBar: on CHterm*foreground: black CHterm*background: white CHterm*jumpScroll: on CHterm*saveLines: 1000 CHterm*fontSet:\ -schumacher-clean-bold-r-normal--16-160-75-75-c-80-iso8859-1,\ -kaist-myeongjo-bold-r-normal--16-160-75-75-c-160-ksc5601.1987-1 Netscape*international: true Netscape*inputMethod: kims Netscape*preeditType: Root ============================================================== ÀÌ·¯ÇÑ ³»¿ëÀ» ÀÚ½ÅÀÇ È¨µð·ºÅ丮¿¡ ÀÖ´Â .Xdefaults ¿¡ Àû¾îÁÖ°í ³ª¼­ # xrdb -load .Xdefaults¶ó´Â ¸í·ÉÀ¸·Î ¼³Á¤À» ÀоîµéÀÌ°Ô ÇÏ¸é ´ÙÀ½ ½ÇÇàºÎÅÍ Àû¿ëÀÌ µÈ´Ù. * ÁÖÀÇ»çÇ× : ³Ý½ºÄÉÀÌÇÁ¿¡¼­ ÇÑ±Û ÀԷ±⸦ ÅëÇØ ÇѱÛÀ» ÀÔ·Â ÇÏ·Á¸é ¸ÕÀú, kims ³ª hanIM °°Àº ÇÑ±Û ÀԷ±⸦ ¸ÕÀú ½ÇÇà½ÃŲ ÈÄ ³Ý½ºÄÉÀÌÇÁ¸¦ ½ÇÇà½ÃÅ°¸é µÈ´Ù. * Âü°í»çÇ× : kims ³ª hanIM ¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ Á¤º¸´Â ´ÙÀ½ÀÇ È¨ÆäÀÌÁö¸¦ Âü°íÇÑ´Ù. @ kims : http://members.iworld.net/bumchul/kims.html @ hanIM : http://www.mizi.co.kr/hanIM/hanIM-right.htm < ÇÑ±Û ±Û¾¾°¡ ±úÁö´Â °æ¿ì > LinuxÀÇ Å͹̳Π¸ðµå¿¡¼­ Çѱ۸ðµå·Î Àüȯ ÈÄ ÇѱÛÀÌ ±úÁö´Â °ÍÀ» ÇØ°áÇÏ´Â ¹æ¹ýÀº ´ÙÀ½°ú °°ÀÌ ¸î°¡Áö°¡ ÀÖ´Ù. ÀÌ·¯ÇÑ °æ¿ì´Â °£È¤ LINUX¿¡¼­ Å͹̳θðµå¸¦ ¾µ °æ¿ì, Çѱ۸ðµå·Î Àüȯ ÈÄ¿¡ ÇѱÛÀ» Ã常é ÀÌ»óÇÏ°Ô ±úÁú °æ¿ì°¡ Àִµ¥ ÀÌ·² ¶§´Â STTY¸í·ÉÀ» ÅëÇÏ¿© 8ºñÆ®ÀÇ EUCÄڵ尡 ÀÔÃâ·ÂµÇµµ·Ï ¼³Á¤ÇØ ÁÖ´Â ¹æ¹ýÀÌ ÀÖ´Ù. # stty cs8 -parenb -istrip ¶Ç´Â # stty pass8 À» ¼³Á¤ÇØÁÖ¸é µÈ´Ù. ¶Ç Çϳª´Â ¹Ù·Î ÇѱÛȯ°æ¼³Á¤À» ÇØ ÁÖ´Â ¹æ¹ýÀÌ´Ù. bash »ç¿ëÀÚ : # vi /etc/profile Çϸé -------------------------------------------------------------- export LESSCHARSET=latin1 export LANG=ko -------------------------------------------------------------- ¸¦ »ðÀÔÇÑ´Ù. ¹°·Ð ÀÚ½ÅÀÇ È¨µð·ºÅ丮¿¡ ÀÖ´Â .bashrc¿¡ ¾ÕÀÇ ³»¿ëÀ» »ðÀÔÇÏ¿©µµ »ó°ü¾ø´Ù. csh »ç¿ëÀÚ : ÀÚ½ÅÀÇ È¨µð·ºÅ丮¿¡ ÀÖ´Â .cshrc ¸¦ ÆíÁýÇÑ´Ù. # vi .cshrc Çϸé ------------------------------------------------------------- setenv LANG ko setenv LC_TYPe iso_8859_1 setenv LESSCHARSET latin1 stty cs8 -istrip -parenb -------------------------------------------------------------- ¸¦ »ðÀÔÇÑ´Ù. < Han ¼³Ä¡ ¹× »ç¿ë»ó ÁÖÀÇ»çÇ× > han2´Â ¸®´ª½º ÄܼÖÀ̳ª À¯´Ð½º »óÀÇ Äֿܼ¡¼­ ÇѱÛÀ» Ãâ·ÂÇϱâ À§ÇÑ µµ±¸ÀÌ´Ù. SVGA ¸ðµå¸¦ »ç¿ëÇÏ¸ç ºñµð¿À Ä«µå¿¡ µû¸¥ Ư¼ºÀ» Ÿ´Â °æÇâÀÌ ÀÖ´Ù. S3 virge, S3 Trio64V+, TGUI 9680, Milenium I, Cyber 9683(ThinkPad) ÀÌ»óÀÇ ºñµð¿À Ä«µå¿¡¼­ ¹®Á¦ ¾øÀÌ µ¹¾Æ°£´Ù. ¼³Ä¡°úÁ¤Àº ´ÙÀ½°ú °°´Ù. # tar xvfz han2-0.3.7.tar.gz # cd han2-0.3.7H # make config # make # make install : han À̶ó´Â ½ÇÇà ÆÄÀÏÀÌ »ý¼ºµÈ´Ù. ÆùÆ®´Â /usr/share/fonts¿¡ À§Ä¡Çϸç, 8x16pc.bdf.gz(¿µ¹®ÆùÆ®), h16m.bdf.gz(ÇѱÛÆùÆ®)¸¦ »ç¿ëÇÏ°í ÀÖ´Ù. minix-zcat:Startup gzip -d < /usr/local/share/fonts/han/h16m.bdf.Z | /usr/local/bin/hanfld gzip -d < /usr/local/share/fonts/han/8x16pc.bdf.Z | /usr/local/bin/hanfl * Startup ÀÌ ºÙ¾îÀִ°ÍÀÌ ÇöÀç ÀоîµéÀÌ´Â ÆùÆ® ºÎºÐÀÌ´Ù. han ÀÇ ¼³Á¤ ÆÄÀÏÀº /etc/han.cfg ¿¡ ÀÖ´Ù. ÇÑ±Û ÀÚÆÇ : 2¹ú½Ä »ç¿ëÀÚ¶ó¸é HangulKeyboard: 2 3¹ú½Ä »ç¿ëÀÚ¶ó¸é HangulKeyboard: 3 ÇÑ/¿µ Àüȯ : han¿¡¼­ ÇÑ/¿µ ÀüȯÀ» shift+space·Î ÇÏ·Á¸é /etc/han.cfg¿Í keymapÀÇ ¼³Á¤À» ¼öÁ¤ÇÏ¸é µÈ´Ù. # cp /usr/lib/kbd/keytables/us.map /usr/lib/kbd/keytables/han.map ÉÝ ÀÌ°ÍÀº us.mapÀ» han.mapÀ̶õ À̸§À¸·Î º¹»çÇÏ´Â °ÍÀÌ´Ù. han.map¿¡¼­ "keycode 57 = space space"¶õ ±ÛÀ» ãÀº ÈÄ µÚ¿¡ ÀÖ´Â space¸¦ "Contorl_underscore"·Î ¹Ù²Û´Ù. Áï, "keycode 57 = space Control_underscore"ó·³ ¹Ù²Ù¸é µÈ´Ù. ±×¸®°í ³­ ÈÄ, /etc/han.cfg¿¡¼­ --------------------------------------------------------------- # Show "NO warranty" message StartupMessage: on HanguelToggleChar: 31 HanguelKeyboard: 2 --------------------------------------------------------------- ÀÌ¿Í °°ÀÌ ¼³Á¤ÇØ ÁÖ¸é µÈ´Ù. ¿©±â¼­ "loadkeys han"À̶ó°í ½ÇÇàÇϸé han.map¿¡¼­ Á¤ÀÇÇÑ keymapÀ¸·Î ¹Ù²î¸é¼­ ÇÑ/¿µ ÀüȯÀ» shift+space·Î ÇÒ ¼ö ÀÖ°í, ³¡¸¶Ä¡·Á¸é "loadkeys us"·Î ¿ø»óº¹±ÍÇÏ¸é µÈ´Ù. < MC(Midnight Commander) ¿¡¼­ÀÇ ÇÑ±Û Ãâ·Â > ¸®´ª½º¸¦ »ç¿ëÇÏ´Â »ç¶÷Àº MC ¸¦ Àû¾îµµ Çѹø ÀÌ»óÀº »ç¿ëÇÒ °ÍÀÌ´Ù. Æí¸®ÇÑ ±â´ÉÀ» °¡Áø MC ¿¡¼­ÀÇ ÇÑ±Û Ãâ·ÂÀº °£´ÜÇÏ´Ù. MC ¸¦ ½ÇÇà½ÃÅ°¸é, ¸ÇÀ§¿¡ Options ¶ó´Â Ç׸ñÀÌ º¸ÀÏ °ÍÀÌ´Ù. Options ¶ó´Â Ç׸ñÀ» ¼±ÅÃÇϸé, Display bits ¶ó´Â Ç׸ñÀÌ ³ªÅ¸³ª´Âµ¥ ¼±ÅÃÇÏ°í µé¾î°¡¼­, * Full 8 bits output À̶ó´Â Ç׸ñ°ú Full 8 bits input À̶ó´Â Ç׸ñÀ» ¼±ÅÃÇÑ µÚ¿¡, Save setup ¸¦ ¼±ÅÃÇϸé 2¹ÙÀÌÆ®±ÇÀ» Áö¿øÇØÁØ´Ù. ±× ´ÙÀ½¿¡ ÀÌ Ç׸ñÀ» /etc/profile.d ¿¡ mc.sh À̶ó´Â ÆÄÀÏ·Î ¸¸µé¾î¼­ ÀúÀåÀ» ÇÑ´Ù. =====================< mc.sh >============================= mc() { MC=/tmp/mc$$-"$RANDOM" /usr/bin/mc -P "$@" > "$MC" cd "`cat $MC`" rm -f "$MC" unset MC; } =========================================================== ÀúÀåÀ» ÇѵÚ, ´ÙÀ½°ú °°Àº ½ÇÇà ¸í·É°ú ¼³Á¤À» ³»·ÁÁÖ¸é ÇÑ±Û ±¸ÇöÀÌ µÈ´Ù. # chmod 755 mc.sh # source mc.sh ¼³Á¤À» ÀоîµéÀÌ°Ô µÇ¾î¼­ ´ÙÀ½ ½ÇÇàºÎÅÍ ÇѱÛÀÌ ±¸ÇöÀÌ µÈ´Ù. < lynx(ÅؽºÆ® ºê¶ó¿ìÀú) ¿¡¼­ÀÇ ÇÑ±Û ±¸Çö > lynx ´Â ÅؽºÆ®Çü ºê¶ó¿ìÀú·Î½á ºü¸¥ ¼Óµµ°¡ ÀåÁ¡ÀÎ ºê¶ó¿ìÀúÀÌ´Ù. ±×·³, lynx ¿¡¼­ÀÇ ÇÑ±Û Ãâ·Â¿¡ ´ëÇؼ­ ¾Ë¾Æº¸±â·Î ÇÏÀÚ. lynx¸¦ ½ÇÇàÇÑ ÈÄ "O" Å°¸¦ ¼±ÅÃÇϸé Option ÀÌ ³ª¿À´Âµ¥, display (C)haraster set¸¦ KoreanÀ¸·Î ¹Ù²Û ´ÙÀ½¿¡, Raw 8-bit or CJK m(O)de¸¦ ONÀ¸·Î ÇÏ½Ã¸é µË´Ï´Ù. ±×·¯¸é, ´ÙÀ½ ½ÇÇà ºÎÅÍ´Â ÇѱÛÀ» º¸½Ç¼ö ÀÖ½À´Ï´Ù. < GNU Emacs¿¡¼­ ÇÑ±Û ±¸Çö > GNU Emacs 20.x ¹öÁ¯ºÎÅÍ´Â MuleÀÇ ±â´ÉÀÌ ÅëÇÕµÇ¾î ´Ù±¹¾î(ÇѱÛ, Áß±¹¾î, ÀϾî, º£Æ®³²¾î, ŸÀÏ·£µå¾î, ...)¸¦ Æí¸®ÇÏ°Ô »ç¿ëÀ» ÇÒ ¼ö ÀÖ´Ù. ±×·¯³ª ÇѱÛ/ÇÑÀÚ Àüȯ ±Û¼èÀÇ ¹è¿­ÀÌ ³Î¸® ¾²ÀÌ´Â ±Û¼è°¡ ¾Æ´Ï¶ó ºÒÆíÇÒ ¼ö Àִµ¥, ¾Æ·¡¿Í °°ÀÌ È¨ µð·ºÅ丮ÀÇ .emacs ÆÄÀÏÀ» ¼³Á¤Çϸé SHIFT-SPACE ±Û¼è·Î ÇѱÛ/¿µ¾î ÀüȯÀ» SHIFT-CTRL-SPACE ±Û¼è·Î ÇÑÀÚ/¿µ¾î ÀüȯÀ» ½±°Ô ÇÒ ¼ö ÀÖ´Ù. (CTRL-SPACE´Â Emacs¿¡¼­ ÀÏÁ¤ ºÎºÐÀ» ¼³Á¤Çϴµ¥ »ç¿ëµÇ´Â ±Û¼èÀ̹ǷÎ, ÀÌ ±Û¼è¸¦ ÇÑÀÚ/¿µ¾îº¯È¯¿¡ »ç¿ëÇÏ´Â °ÍÀº È¥¶õÀ» °¡Á®¿Ã ¼ÒÁö°¡ ÀÖÀ¸¹Ç·Î ¿©±â¿¡¼­´Â SHIFT-CTRL-SPACE ±Û¼è·Î ´ë½ÅÇß´Ù.) =========================< .emacs >================================ $HOME/.emacs ÆÄÀÏ ¡Ü ÇÑ±Û È¯°æ ¼³Á¤ (set-language-environment 'Korean) (set-keyboard-coding-system 'korean-iso-8bit) (set-terminal-coding-system 'korean-iso-8bit) ¡Ü ÇѱÛ/¿µ¾î Àüȯ ÇÔ¼ö (defun toggle-hangul-key () "Toggle Hangul Key" (interactive) (cond ((equal current-input-method "korean-hangul") (toggle-input-method)) (t (select-input-method 'korean-hangul)))) ¡Ü ÇÑÀÚ/¿µ¾î Àüȯ ÇÔ¼ö (defun toggle-hanja-key () "Toggle Hanja Key" (interactive) (cond ((equal current-input-method "korean-hanja") (toggle-input-method)) (t (select-input-method 'korean-hanja)))) ¡Ü ±Û¼è ¼³Á¤ ¸¸ÀÏ ÇÑÀÚ/¿µ¾î Àüȯ ±Û¼è¸¦ F9·Î ¹Ù²Ù°í ½ÍÀ¸¸é, [(shift control ?\ )]À» [(f9)]À¸·Î º¯°æÇÏ¸é µÈ´Ù. (define-key global-map [(shift ?\ )] 'toggle-hangul-key) (define-key global-map [(shift control ?\ )] 'toggle-hanja-key) =================================================================== ¡á X-Window ¼³Á¤Çϱ⠰³¿ä : ¸®´ª½º »ç¿ëÀÚ¿¡°Ô ¸®´ª½º¸¦ ½ÃÀÛÇϱ⵵ Àü¿¡ ¸Ç ¸ÕÀú ºÀÂøÇÏ´Â ¹®Á¦°¡ ¹Ù·Î X-Window °¡ ¾Æ´Ñ°¡ ½Í´Ù. MS-Windows ³ª Mac °°Àº ȯ°æ¿¡ Àͼ÷ÇÑ ¿À´Ã³¯ À¯Àú¿¡°Ô ¸®´ª½º¿¡¼­ÀÇ X-Window ÀÇ È­¸éÀº ¸®´ª½ºÀÇ »ç¿ëÀ» À§Çؼ­ ÇʼöÀûÀÎ ¹®Á¦·Î ¹Þ¾ÆµéÀÌ´Â µí ½Í´Ù. LinuX¿¡¼­ÀÇ X-Window ȯ°æ ±¸ÇöÀº XFree86 ÇÁ·ÎÁ§Æ®ÆÀ¿¡¼­ ±¸ÇöÀ» ÇÏ°í ÀÖÁö¸¸, ¸¹Àº ¹®Á¦¿¡ ´ç¸éÇÏ°í ÀÖ´Ù. °¢ VGA Á¦Á¶È¸»ç¿¡¼­ÀÇ µå¶óÀÌºê °ø°³°¡ ½±Áö ¾Ê°í, Linux ¹®Á¦¿¡ ´ëÇؼ­ ±×¸® Å« ¹®Á¦·Î ¹Þ¾ÆµéÀÌÁö ¾Ê±â ¶§¹®ÀÌ´Ù. ±×µé¿¡°Ô MS-Windows¶ó´Â Å« ½ÃÀåÀÌ Àֱ⿡ Linux¶ó´Â ½ÃÀåÀº Å©°Ô º¸Áö ¾Ê°í Àֱ⠶§¹®ÀÌ´Ù. ±×·¡¼­, 2-3³â Àü ¿¡´Â Linux¿¡¼­ÀÇ X-WindowÀÇ µ¥½ºÅ©Å¾À» º¸´Â °æ¿ì´Â ÈçÇÑ ÀÏÀÌ ¾Æ´Ï¾ú´Ù. ±×·¯³ª, ¿äÁò Ãß¼¼´Â ¸¹Àº VGA Á¦Á¶¾÷ü¿¡¼­ µå¶óÀ̺ê Á¤º¸¸¦ ¸¹Àº Linux »ç¿ëÀÚ¿¡°Ô °ø°³ÇÏ°í ÀÖÀ¸¸ç, XFree86 3.3.2¿¡¼­´Â AGP ºñµð¿À Ä«µå¿¡ ´ëÇÑ Áö¿øµµ Çϱ⠽ÃÀÛÇÏ¿´´Ù. ÀÌ ¹®¼­´Â Linux »ç¿ëÀÚ¿¡°Ô óÀ½ ´ç¸éÇÏ°Ô µÇ´Â X-Window ¼³Á¤À» ´Ù¾çÇÑ ½Ã°¢¿¡¼­ º¸¿©ÁÖ°íÀÚ ÇÔÀÌ´Ù. < ¼³Ä¡¿¡ ÇÊ¿äÇÑ XFree86 ÆÐÅ°Áöº° ¸ñ·Ï > preinst.sh : Pre-installation script. Postinst.sh : Post-installation script. extract : XFree86 extraction utility. X332bin.tgz : clients, run-time libs, and app-defaults files. X332doc.tgz : Documentation. X332fnts.tgz : 75dpi, misc and PEX fonts. X332libs.tgz : Data files required at run-time. X332man.tgz : Manual pages. X332set.tgz : XF86Setup utility. X332VG16.tgz : 16 colors VGA server (XF86Setup needs this server). X332upd.tgz : XFree86 3.3.2 patch 2 update. X332cfg.tgz : Sample config files for xinit, xdm. X3328514.tgz : 8514/A server. X332AGX.tgz : AGX server. X332I128.tgz : I128 server. X332Mach32.tgz : Mach 32 server. X332Mach64.tgz : Mach 64 server. X332Ma8.tgz : Mach 8 server. X332Mono.tgz : Mono server. X332P9k.tgz : P9000 server. X332S3.tgz : S3 server. X332S3V.tgz : old S3 VIRGE server (please use SVGA server). X332SVGA.tgz : SVGA server. X332VG16.tgz : 16 colour VGA server (XF86Setup needs this server). X332W32.tgz : ET4000/W32, ET6000 server. X332f100.tgz : 100dpi fonts. X332fcyr.tgz : Cyrillic fonts. X332fnon.tgz : Other fonts (chinese, Japanese, Korean, Hebrew). X332fscl.tgz : Scalable fonts (Speedo and Type1). X332fsrv.tgz : Font server and config files. X332prog.tgz : X header files, config files and compile-time libs. X332nest.tgz : Hested X server. X332vfb.tgz : Virtual framebuffer X server. X332prt.tgz : X Print server. X332ps.tgz : Postscript version of the documentation. X332html.tgz : HTML version of the documentation. X332lkit.tgz : X server LinkKit. X332lk98.tgz : X server LinkKit for PC98 servers. < XFree86 ¼³Ä¡ > ÀÌÀü¿¡ XFree86 ¹öÀüÀÌ ÀÖ´Ù¸é /usr/X11R6/ µð·ºÅ丮¸¦ ÀνºÅçÇϱâ ÀÌÀü¿¡ ¹é¾÷À» Çϱ⠹ٶõ´Ù. # mkdir /home/X11R6 # ln -s /home/X11R6 /usr # cd /usr/X11R6 ±× ´ÙÀ½ ÀνºÅçÇÒ XFree86 ÆÐÅ°Áö¸¦ ÀüºÎ´Ù /var/tmp µð·ºÅ丮·Î º¹»ç¸¦ ÇÑ´Ù. ÆÐÅ°Áö¸¦ ÀνºÅçÇϱâ Àü¿¡ ¸ÕÀú post installation script¸¦ ½ÇÇà½ÃŲ ´ÙÀ½¿¡ # sh /var/tmp/preinst.sh # chmod 755 extract ÀÌÁ¦ XFree86 À» ÀνºÅç Áغñ°¡ µÇ¾ú´Ù. ÀνºÅçÇÒ ÆÐÅ°Áö¸¦ µ¿ÀÏÇÑ µð·ºÅ丮¿¡ Ä«ÇǸ¦ ÇÏ´Â °ÍÀ» ÀØÁö ¸»±â¸¦... # cd /usr/X11R6 # /var/tmp/extract /var/tmp/X332[8-z]*.tgz ±×·¯¸é, ÆÐÅ°ÁöµéÀº ¼³Ä¡°¡ µÇ±â ½ÃÀÛÇÑ´Ù. < XFree86 ÆÐÄ¡ > ÇöÀç XFree86 3.3.2 ÀÇ °¡Àå ÃֽŠÆÐÄ¡ ÆÄÀÏÀº X332upd.tgz ÆÄÀÏÀÌ´Ù. ÀÌ ÆÄÀÏÀ» ¹Þ¾Æ¼­ ÆÐÄ¡¸¦ Çغ¸ÀÚ. extract : XFree86 extraction utility. X3322upd.tgz : XFree86 3.3.2 patch 2 update. ¸ÕÀú, XFree86 3.3.2 ¹öÀüÀÌ ¼³Ä¡ µÇ¾îÀÖ´Ù°í °¡Á¤À» ÇÑ´Ù. # chmod 755 extract ±×¸®°í, X3322upd.tgz ¸¦ /var/tmp µð·ºÅ丮·Î º¹»ç¸¦ ÇÑ´Ù. # cp X3322upd.tgz /var/tmp/ # /var/tmp/extract /var/tmp/X332upd.tgz (ÁÖÀÇ)X3322upd.tgz¸¦ ÀνºÅçÇϱâ Àü¿¡ X3321upd.tgz°¡ ¼³Ä¡°¡ µÇ¾î¾ßÇÑ´Ù. < Xconfigurator·Î ¼³Á¤Çϱâ > ÃֽŠ¸®´ª½º ½Ã½ºÅÛ¿¡¼­´Â X¸¦ ¼³Á¤Çϴµ¥ À־ µÎ °¡Áö ¹æ½ÄÀ» Áö¿øÇÑ´Ù. ù¹ø°´Â, X¸¦ ¼³Á¤Çϱâ ÆíÇÏ°í ½Ã°¢ÀûÀ¸·Î ½±°Ô Á¢±Ù ÇÒ ¼ö ÀÖµµ·Ï Xconfigurator¶ó´Â ÅøÀ» ÀÌ¿ëÇÏ¿© X¸¦ ¼³Á¤ÇÏ´Â ¹æ½Ä°ú, µÎ¹ø°´Â, ¿¹ÀüÀÇ ÅؽºÆ® ¸ðµå·Î½á º¸¿©ÁÖ´Â xf86config°¡ ÀÖ´Ù. ¿©±â¼­´Â »ç¿ëÀÚµéÀÌ ½±°Ô Á¢±Ù ÇÒ ¼ö ÀÖ´Â Xconfigurator¿¡ ´ëÇؼ­ ¾Ë¾Æº¸±â·Î ÇÏÀÚ. Xconfigurator´Â X interface ¿Í ÄÜ¼Ö ¸ðµå¿¡¼­ ¸ðµÎ »ç¿ë °¡´ÉÇÏ´Ù. ´ÙÀ½°ú °°Àº ¸í·ÉÀ» ½ÇÇàÇØ º¸ÀÚ. # Xconfigurator =========================< Xconfigurator >=================================== Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ----------------------------------------------------------------------------- This program will create a basic XF86Config file, based on Menu selections you make. The XF86Config file usually resides in /usr/X11R6/lib/X11 or /etc/X11. A sample XF86Config file is supplied with XFree86; it is confgiured for a standard VGA card and monitor with 640x480 resolution. You can either take the sample XF86Config as a base and edit it for your configuration, or let this program produce a base XF86Config file for your configuration adn fine-tune it. Refer to /usr/X11R6/lib/X11/doc/README.Config for a detailed overview ---- ---------- | OK | | Cancel | ---- ---------- ------------------------------------------------------------------------- / between elements | selects | next screen ========================================================================= ÀÌ·± È­¸éÀÌ ³ª¿Ã °ÍÀÌ´Ù. ¿©±â¼­, OK ¹öÆ°À» ´©¸£°í µé¾î°¡¸é ÀÚ½ÅÀÇ ºñµð¿À Ä«µåÀÇ Ä¨¼ÂÀ» ãÀ¸¸é¼­ ´ÙÀ½ÀÇ È­¸éÀÌ ³ª¿Ã°ÍÀÌ´Ù. ========================================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ------------------------------------------ PCI Probe PCI probing found a: PCI Entry: Mystique X server : SVGA --------- | OK | -------- ------------------------------------------- / between elements | selects | next screen ======================================================================== ¿©±â¼­ ÀâÈù ºñµð¿À Ä«µå´Â ¹Ì½ºÆ¼Å©ÀÌ°í, ¿©±â¿¡ ¸Â´Â X server ´Â SVGA ¶ó´Â ¸Þ½ÃÁö °¡ ³ª¿Â´Ù. ºñµð¿À Ä«µå°¡ ¼³Á¤ÀÌ µÇ¾úÀ¸´Ï, ´ÙÀ½À¸·Î ³Ñ¾î°¡ º¸ÀÚ. ======================================================================== Xconfigurator 3.57 - (C) 1998 Red Hat Software and others -------------------------------------------------------------- Monitor Setup What type of monitor do you have? If you would rather specify the sync frequencies of your monitor, choose "Custom" from the list. Custom Acer Acerview 11D Acer Acerview 33D/33DL Acer Acerview 34T/34TL AOC-15 Apollo 1280x1024-68Hz Apollo 1280x1024-70Hz -------- ----------------- | OK | | Cancel | ------- ----------------- -------------------------------------------------------------- / between elements | selects | next screen ========================================================================= ¿©±â¼­ ÀÚ½ÅÀÌ °¡Áö°í ÀÖ´Â ¸ð´ÏÅ͸¦ ã¾Æº¸±â ¹Ù¶õ´Ù. ±¹»êÀÇ »ï¼º°ú Çö´ë ¸ð´ÏÅ͸¦ °¡Áö°í ÀÖ´Â »ç¿ëÀÚ¶ó¸é ¼³Á¤À» ¸ÂÃ߱⠽¬¿ï °ÍÀÌ´Ù. LG ¸ð´ÏÅÍ´Â ¾ÆÁ÷ µé¾îÀÖÁö ¾Ê´Ù. ÀÚ½ÅÀÌ °¡Áö°í ÀÖ´Â ¸ð´ÏÅÍ°¡ ¸ñ·Ï¿¡ ¾ø´Ù¸é, ¸Ç À§ÀÇ Custom À» ¼±ÅÃÇÑ ÈÄ ¸ð´ÏÅÍÀÇ ¸Å´º¾óÀ» ã¾Æ¼­ ¸ð´ÏÅÍÀÇ ¼öÁ÷ ÁÖÆļö¿Í ¼öÆò ÁÖÆļö¸¦ ¾Ë¾ÆµÎ±â ¹Ù¶õ´Ù. ¸ð´ÏÅ͸¦ ¼±ÅÃÇÏ¿´´Ù¸é ´ÙÀ½À¸·Î ³Ñ¾î °¡º¸ÀÚ. ============================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ----------------------------------------------------------------- Monitor Setup Now we want to set the specifications of the monitor. The two critical parameters are the vertical refresh rate, which is the rate at which the the whole screen is refreshed, and most importantly the horizontal sync rate, which is the rate at which scanlines are displayed. The valid range for horizontal sync and vertical sync should be documented in the manual of your monitor. If in doubt, check the monitor database /usr/X11R6/lib/X11/doc/Monitors to see if your monitor is there. --------- ----------------- | | | | | OK | | Cancel | | | | | -------- ---------------- ----------------------------------------------------------------- / between elements | selects | next screen ========================================================================= ¸ð´ÏÅ͸¦ ¼³Á¤Çϱâ À§ÇÑ ¸Þ½ÃÁöÀÌ´Ù. ¸ð´ÏÅ͸¦ ¼³Á¤ÇÏ·Á¸é OK ÇÏ°í ³Ñ¾î°£´Ù. ========================================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ---------------------------------------------------------------- Monitor Setup (Continued) You must indicate the horizontal sync range of your monitor. You can either select one of the predefined ranges below that correspond to industry-standard monitor types, or give a specific range. It is VERY IMPORTANT that you do not specify a monitor type with a horizontal sync range that is beyond the capabilities of your monitor. If in doubt, choose a conservative setting. Standard VGA, 640x480 @ 60 Hz Super VGA, 800x600 @ 56 Hz 8514 Compatible, 1024x768 @ 87 Hz interlaced (no 800x600) Super VGA, 1024x768 @ 87 Hz interlaced, 800x600 @ 56 Hz Extended Super VGA, 800x600 @ 60 Hz, 640x480 @ 72 Hz Non-Interlaced SVGA, 1024x768 @ 60 Hz, 800x600 @ 72 Hz High Frequency SVGA, 1024x768 @ 70 Hz Monitor that can do 1280x1024 @ 60 Hz Monitor that can do 1280x1024 @ 74 Hz Monitor that can do 1280x1024 @ 76 Hz --------- --------------------- | | | | | OK | | Cancel | | | | | --------- --------------------- -------------------------------------------------------------------- / between elements | selects | next screen ======================================================================= ÀÌ ºÎºÐÀº ¸ð´ÏÅÍ¿¡¼­ Çػ󵵿¡ µû¸¥ ¼öÆò µ¿±â ÁÖÆļö¸¦ ¸ÂÃß´Â Ç׸ñÀÌ´Ù. ÀÚ½ÅÀÇ ¸ð´ÏÅÍ¿¡¼­ ¼öÆò µ¿±â ÁÖÆļö¸¦ ¸Å´º¾ó¿¡¼­ ã¾Æ ¸ÂÃß¾î º¸±â ¹Ù¶õ´Ù. ¼öÆò ÁÖÆļö¸¦ ¸ÂÃß¾úÀ¸¸é ´ÙÀ½Àº ¼öÁ÷ ÁÖÆļö¸¦ ¸ÂÃß´Â ºÎºÐÀÌ´Ù ========================================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ------------------------------------------------------------- Monitor Setup (Continued) You must indicate the vertical sync range of your monitor. You can either select one of the predefined ranges below that correspond to industry-standard monitor types, or give a specific range. For interlaced modes, the number that counts is the high one (e.g. 87 Hz rather than 43 Hz). 50-70 50-90 50-100 40-150 --------- --------------------- | | | | | OK | | Cancel | | | | | --------- --------------------- -------------------------------------------------------------- / between elements | selects | next screen ====================================================================== ¿©±â¼­´Â ¸ð´ÏÅÍÀÇ ¼öÁ÷ µ¿±â ÁÖÆļö¸¦ ¸ÂÃß´Â ºÎºÐÀÌ´Ù. ====================================================================== Xconfigurator 3.57 - (C) 1998 Red Hat Software and others --------------------------------------------- Probing to begin Xconfigurator will now run the X server you selected to probe various information about your video card. It is normal for the screen to blink several times. ---------- | | | OK | | | ---------- -------------------------------------------- / between elements | selects | next screen ======================================================================== ÀÌ ºÎºÐÀº ¸ð´ÏÅÍÀÇ À¯Àú°¡ ¼±ÅÃÇÑ ¸ð´ÏÅÍÀÇ ¼öÁ÷ ÁÖÆļö ¿Í ¼öÆò ÁÖÆļö ¹× ºñµð¿À Ä«µåÀÇ Ä¨¼ÂÀÇ Å¬·°ÀÌ ¸Â´ÂÁö È®ÀÎÇÏ´Â ÀýÂ÷ÀÌ´Ù. ÀÌ Å×½ºÆ®¿¡¼­ ¸ÂÁö ¾Ê´Â´Ù¸é ´Ù½Ã ¼³Á¤À» ÇÒ ¼ö ÀÖ´Ù. ¸ÂÁö ¾Ê´Â´Ù¸é ÀÌ·± ¸Þ¼¼Áö°¡ ³ª¿Ã °ÍÀÌ´Ù. ========================================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ------------------------------------------- X Error There was an error executing the X server in a probing mode. You should try configuring the video card manually. ---------- | | | OK | | | ---------- ------------------------------------------- / between elements | selects | next screen ======================================================================= ´ÙÀ½Àº ºñµð¿À ¸Þ¸ð¸®¸¦ ¼³Á¤ÇÏ´Â ºÎºÐÀÌ´Ù. ======================================================================= Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ------------------------------------ Video Memory How much video memory do you have? 256 k 512 k 1 meg 2 meg 4 meg 8 meg ------- ---------------- | | | | | OK | | Cancel | | | | | ------- ---------------- ------------------------------------ / between elements | selects | next screen ======================================================================== ¿äÁò ´ëºÎºÐÀÇ ºñµð¿À Ä«µåÀÇ ¸Þ¸ð¸®´Â 1-2MBÀÌ´Ù. ÀÚ½ÅÀÇ ºñµð¿À ¸Þ¸ð¸®°¡ ¾ó¸¶³ª µÇ´ÂÁö È®ÀÎÇغ¸ÀÚ. ¼³Á¤À» ÇÏ¿´À¸¸é ´ÙÀ½Àº ºñµð¿À Ä«µåÀÇ Å¬·° Ĩ¼ÂÀ» ¼³Á¤ÇÏ´Â ºÎºÐÀÌ´Ù. ======================================================================== Xconfigurator 3.57 - (C) 1998 Red Hat Software and others ------------------------------------------------------------- Clockchip Configuration Which Clockchip do you have ? No Clockchip Setting (recommended) Chrontel 8391 ICD2061A and compatibles (ICS9161A, DCS2824) ICS2595 ICS5342 (similar to SDAC, but not completely compatible) ICS5341 S3 GenDAC (86C708) and ICS5300 (autodetected) S3 SDAC (86C716) STG 1703 (autodetected) Sierra SC11412 TI 3025 (autodetected) TI 3026 (autodetected) IBM RGB 51x/52x (autodetected --------- ------------------- | | | | | OK | | Canecel | | | | | --------- ------------------- ------------------------------------------------------------------------ / between elements | selects | next screen ========================================================================= ÀÚ½ÅÀÇ ºñµð¿À Ä«µåÀÇ ¸Þ´º¾óÀ» º¸¾Æ¼­ ºñµð¿À Ä«µåÀÇ Å¬·° Ĩ¼ÂÀÇ Á¤È®ÇÑ À̸§À» ¾Ë¾Æ¾ß ÇÒ °ÍÀÌ´Ù. S3 °è¿­À» Á¦¿ÜÇÑ ´ëºÎºÐÀÇ ºñµð¿À Ä«µå´Â No Clockchip Setting (recommend) ¼±ÅÃÇÏ¸é µÈ´Ù. ¿©±â¼­´Â ÀÚ½ÅÀÌ ¿øÇÏ°íÀÚ ÇÏ´Â Ä÷¯¼ö¿Í Çػ󵵸¦ üũÇϱ⠹ٶõ´Ù. ======================================================================= ---------------------------------------------------------------- You're Done! File has been written. Take a look at it before running 'startx'. Note that the XF86Config file must be in one of the directories searched by the server (e.g. /usr/X11R6/lib/X11) in order to be used. Within the server press ctrl, alt and '+' simultaneously to cycle video resolutions. Pressing ctrl, alt and backspace simultaneously immediately exits the server (use if the monitor doesn't sync for a particular mode). For further configuration, refer to /usr/X11R6/lib/X11/doc/README.Config. -------- | | | OK | | | -------- ---------------------------------------------------------------- ========================================================================= ÀÌ°ÍÀ¸·Î¼­, °£´ÜÈ÷ ³ª¸¶ Xconfigurator ¸¦ ÀÌ¿ëÇÏ¿© X ¸¦ ¼³Á¤ÇØ º¸¾Ò´Ù. ´ÙÀ½Àº ÅؽºÆ® ¸ðµå·Î X ¸¦ ¼³Á¤ÇÏ´Â ¹æ¹ý¿¡ ´ëÇؼ­ ¾Ë¾Æº¸±â·Î ÇÏÀÚ. < xf86config ·Î ¼³Á¤Çϱâ > ÀÌ ¹æ½ÄÀº À§¿¡¼­µµ ¾ð±ÞÇßµíÀÌ ÅؽºÆ® ¸ðµå·Î½á X ¸¦ ¼³Á¤ÇÏ´Â ¹æ¹ýÀÌ´Ù. Äֿܼ¡¼­³ª X interfaces¿¡¼­ ¼³Á¤ ÇÒ ¼ö ÀÖ´Â ¹æ½ÄÀÌ´Ù. ±×·³, ¾Æ¹«µ¥¼­³ª xf86config¸¦ ½ÇÇàÇϱ⠹ٶõ´Ù. # xf86config ====================================================================== This program will create a basic XF86Config file, based on menu selections you make. The XF86Config file usually resides in /usr/X11R6/lib/X11 or /etc/X11. A sample XF86Config file is supplied with XFree86; it is configured for a standard VGA card and monitor with 640x480 resolution. This program will ask for a pathname when it is ready to write the file. You can either take the sample XF86Config as a base and edit it for your configuration, or let this program produce a base XF86Config file for your configuration and fine-tune it. Refer to /usr/X11R6/lib/X11/doc/README.Config for a detailed overview of the configuration process. For accelerated servers (including accelerated drivers in the SVGA server), there are many chipset and card-specific options and settings. This program does not know about these. On some configurations some of these settings must be specified. Refer to the server man pages and chipset-specific READMEs. Before continuing with this program, make sure you know the chipset and amount of video memory on your video card. SuperProbe can help with this. It is also helpful if you know what server you want to run. Press enter to continue, or ctrl-c to abort. ======================================================================= xf86config ÀÇ µµÀÔ ºÎºÐÀÌ´Ù. °è¼Ó ÇÏ·Á¸é ¿£Å͸¦, Áß´ÜÇÑ´Ù¸é ctrl-c¸¦ ´©¸£¸é µÈ´Ù. ¿£Å͸¦ Ãļ­ °è¼Ó ÁøÇàÀ» Çغ¸ÀÚ. ======================================================================= The directory '/usr/X386/bin' exists. You probably have an old version of XFree86 installed (XFree86 3.1 installs in '/usr/X11R6' instead of '/usr/X386'). It is important that the directory '/usr/X11R6' is present in your search path, *before* any occurrence of '/usr/X386/bin'. If you have installed X program binaries that are not in the base XFree86 distribution in '/usr/X386/bin', you can keep the directory in your path as long as it is after '/usr/X11R6'. Your PATH is currently set as follows: /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/opt/kde/bin:/root/bin:/usr/X11R6/bin:/opt/kde/b in:/root/bin Note that the X binary directory in your path may be a symbolic link. In that case you could modify the symbolic link to point to the new binaries. Example: 'rm -f /usr/bin/X11; ln -s /usr/X11R6/bin /usr/bin/X11', if the link is '/usr/bin/X11'. Make sure the path is OK before continuing. Press enter to continue, or ctrl-c to abort. ======================================================================= ÇöÀç XFree86 ¹öÀüÀÌ ¼³Ä¡µÈ Æнº¸¦ È®ÀÎÇÏ´Â ÀýÂ÷ÀÌ´Ù. ¿ª½Ã °è¼Ó ÇÏ·Á¸é ¿£Å͸¦ Ä¡°í ³Ñ¾î°¡¸é µÈ´Ù. ======================================================================= First specify a mouse protocol type. Choose one from the following list: 1. Microsoft compatible (2-button protocol) 2. Mouse Systems (3-button protocol) 3. Bus Mouse 4. PS/2 Mouse 5. Logitech Mouse (serial, old type, Logitech protocol) 6. Logitech MouseMan (Microsoft compatible) 7. MM Series 8. MM HitTablet 9. Microsoft IntelliMouse If you have a two-button mouse, it is most likely of type 1, and if you have a three-button mouse, it can probably support both protocol 1 and 2. There are two main varieties of the latter type: mice with a switch to select the protocol, and mice that default to 1 and require a button to be held at boot-time to select protocol 2. Some mice can be convinced to do 2 by sending a special sequence to the serial port (see the ClearDTR/ClearRTS options). Enter a protocol number: ====================================================================== ÀÚ½ÅÀÇ ½Ã½ºÅÛ¿¡ ºÎÂøµÈ ¸¶¿ì½ºÀÇ Á¾·ù¸¦ ¼±ÅÃÇÏ´Â ºÎºÐÀÌ´Ù. PS/2 ¸¶¿ì½º´Â 4¹ø, ÀϹÝÀûÀÎ ½Ã¸®¾ó ¸¶¿ì½º¸¦ °¡Áö°í ÀÖ´Â »ç¿ëÀÚ´Â 1¹øÀ» ¼±ÅÃÇÏ°í ³Ñ¾î°¡¸é µÈ´Ù. ======================================================================= If your mouse has only two buttons, it is recommended that you enable Emulate3Buttons. Please answer the following question with either 'y' or 'n'. Do you want to enable Emulate3Buttons? ======================================================================== ÀϹÝÀûÀÎ 2¹öÆ° »ç¿ëÀÚ¶óµµ ¾çÂÊ ¹öÆ°À» °¡Áö°í ¸¶Ä¡ 3¹öÆ° ¸¶¿ì½ºÃ³·³ °¡»ó ¿¡¹Ä·¹ÀÌÆ® ÇØÁÖ´Â ±â´ÉÀ» ¼±ÅÃÇÒ °ÍÀÎÁö ¹¯´Â Ç׸ñÀÌ´Ù. 2¹öÆ° ¸¶¿ì½º¸¦ 3¹öÆ° ¸¶¿ì½º ó·³ »ç¿ëÇÏ·Á¸é YES·Î ¼³Á¤ÇÏ°í ³Ñ¾î°¡±â ¹Ù¶õ´Ù. ======================================================================== Now give the full device name that the mouse is connected to, for example /dev/tty00. Just pressing enter will use the default, /dev/mouse. Mouse device: ======================================================================== ¸¶¿ì½ºÀÇ ½Ã½ºÅÛ µð¹ÙÀ̽º¸¦ °áÁ¤ÇÏ´Â ºÎºÐÀÌ´Ù. µðÆúÆ®·Î´Â /dev/mouse ·Î µÇ¾îÀÖ´Ù. ¿£Å͸¦ Ä¡°í ³Ñ¾î°¡¸é µÈ´Ù. ======================================================================== Beginning with XFree86 3.1.2D, you can use the new X11R6.1 XKEYBOARD extension to manage the keyboard layout. If you answer 'n' to the following question, the server will use the old method, and you have to adjust your keyboard layout with xmodmap. Please answer the following question with either 'y' or 'n'. Do you want to use XKB? ========================================================================= Å°º¸µåÀÇ ¾ð¾î ¸ÅÇÎÀ» ÁöÁ¤ÇÏ´Â ºÎºÐÀÌ´Ù. ´ëºÎºÐ NO¸¦ ¼±ÅÃÇÑ ÈÄ ´ÙÀ½ÀÇ Å°º¸µå¿¡¼­ ¼±ÅÃÇϱ⠹ٶõ´Ù. ========================================================================= If you want your keyboard to generate non-ASCII characters in X, because you want to be able to enter language-specific characters, you can set the left Alt key to Meta, and the right Alt key to ModeShift. Please answer the following question with either 'y' or 'n'. Do you want to enable these bindings for the Alt keys? ========================================================================= ÀÌ°ÍÀº ¿ÞÂÊ°ú ¿À¸¥ÂÊ ALT Å°¸¦ ´Ù¸£°Ô ÁöÁ¤ ÇÒ°Í ÀÎÁö¿¡ ´ëÇÑ Ç׸ñÀÌ´Ù. »ç¿ëÀÚÀÇ ¼±Åÿ¡ ´Þ·È´Ù. ========================================================================= Now we want to set the specifications of the monitor. The two critical parameters are the vertical refresh rate, which is the rate at which the the whole screen is refreshed, and most importantly the horizontal sync rate, which is the rate at which scanlines are displayed. The valid range for horizontal sync and vertical sync should be documented in the manual of your monitor. If in doubt, check the monitor database /usr/X11R6/lib/X11/doc/Monitors to see if your monitor is there. Press enter to continue, or ctrl-c to abort. ========================================================================= ¸ð´ÏÅÍ ¼³Á¤¿¡ ¾Õ¼­ ¸ð´ÏÅÍÀÇ ¼öÆò µ¿±â ÁÖÆļö¿Í ¼öÁ÷ µ¿±â ÁÖÆļö¸¦ È®ÀÎÇϱ⠹ٶõ´Ù. ¸ð´ÏÅ͸¦ ¼³Á¤ÇÏ·Á¸é ¿£Å͸¦ Ä¡°í ³Ñ¾î°£´Ù. ========================================================================= You must indicate the horizontal sync range of your monitor. You can either select one of the predefined ranges below that correspond to industry- standard monitor types, or give a specific range. It is VERY IMPORTANT that you do not specify a monitor type with a horizontal sync range that is beyond the capabilities of your monitor. If in doubt, choose a conservative setting. hsync in kHz; monitor type with characteristic modes 1 31.5; Standard VGA, 640x480 @ 60 Hz 2 31.5 - 35.1; Super VGA, 800x600 @ 56 Hz 3 31.5, 35.5; 8514 Compatible, 1024x768 @ 87 Hz interlaced (no 800x600) 4 31.5, 35.15, 35.5; Super VGA, 1024x768 @ 87 Hz interlaced, 800x600 @ 56 Hz 5 31.5 - 37.9; Extended Super VGA, 800x600 @ 60 Hz, 640x480 @ 72 Hz 6 31.5 - 48.5; Non-Interlaced SVGA, 1024x768 @ 60 Hz, 800x600 @ 72 Hz 7 31.5 - 57.0; High Frequency SVGA, 1024x768 @ 70 Hz 8 31.5 - 64.3; Monitor that can do 1280x1024 @ 60 Hz 9 31.5 - 79.0; Monitor that can do 1280x1024 @ 74 Hz 10 31.5 - 82.0; Monitor that can do 1280x1024 @ 76 Hz 11 Enter your own horizontal sync range Enter your choice (1-11): ========================================================================= ÀÌ ºÎºÐÀº ÀÚ½ÅÀÌ °¡Áö°í ÀÖ´Â ¸ð´ÏÅÍÀÇ ¼öÆò µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ´Â ¹æ½ÄÀÌ´Ù. ¸ÕÀú, ÀÚ½ÅÀÇ ¸ð´ÏÅÍÀÇ ¸Å´º¾ó¿¡¼­ ¼öÆò µ¿±â ÁÖÆļö ´ë¿ªÀ» È®ÀÎÇÑ ÈÄ¿¡ ã¾Æº¸°í ¾ø´Ù¸é 11¹øÀ» ¼±ÅÃÇÏ¿© ÀÚ½ÅÀÇ ÁÖÆļö ´ë¿ªÀ» Àû¾îÁÖ¸é µÈ´Ù. 1-10¹ø »çÀ̸¦ ¼³Á¤ÇÑ »ç¿ëÀÚ¸¦ Á¦¿ÜÇÑ 11¹øÀ» ¼±ÅÃÇÏ¿© Á÷Á¢ ¼öÆò µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ·Á´Â »ç¶÷Àº ´ÙÀ½ Àå¸éÀ» Àß È®ÀÎÇϱ⠹ٶõ´Ù. ======================================================================== Please enter the horizontal sync range of your monitor, in the format used in the table of monitor types above. You can either specify one or more continuous ranges (e.g. 15-25, 30-50), or one or more fixed sync frequencies. Horizontal sync range: ========================================================================= 11¹øÀ» ¼±ÅÃÇÏ¿© ³ªÅ¸³­ ºÎºÐÀÌ´Ù. ÀÚ½ÅÀÇ ¼öÆò µ¿±â ÁÖÆļö ´ë¿ªÀ» (Horizontal sync range: ) ÀÌ ºÎºÐ¿¡ Àû¾îÁÖ¸éµÈ´Ù. ¿¹¸¦ µé¾î¼­ ÀÚ½ÅÀÇ ¼öÆò µ¿±â ÁÖÆļö ´ë¿ªÀÌ 30-65 »çÀ̶ó¸é ex) Horizontal sync range: 30-65 ÀÌ·±½ÄÀ¸·Î ¼³Á¤À» ÇØÁÖ¸é µÈ´Ù. ¼³Á¤À» ´Ù Çß´Ù¸é ´ÙÀ½ ¼öÁ÷ µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ´Â ºÎºÐÀ¸·Î À̵¿ÇØ º¸ÀÚ. ======================================================================== You must indicate the vertical sync range of your monitor. You can either select one of the predefined ranges below that correspond to industry- standard monitor types, or give a specific range. For interlaced modes, the number that counts is the high one (e.g. 87 Hz rather than 43 Hz). 1 50-70 2 50-90 3 50-100 4 40-150 5 Enter your own vertical sync range Enter your choice: ======================================================================== ¸ð´ÏÅÍÀÇ ¼öÁ÷ µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ´Â ºÎºÐÀ¸·Î½á, ÀÚ½ÅÀÇ ¸ð´ÏÅÍÀÇ ¸Å´º¾ó¿¡¼­ ¼öÁ÷ µ¿±â ÁÖÆļö ´ë¿ªÀ» È®ÀÎÀ» ÇÑ ÈÄ¿¡ ¼³Á¤Çϱ⠹ٶõ´Ù. ÀÚ½ÅÀÇ ¸ð´ÏÅÍÀÇ ¼öÁ÷ µ¿±â ÁÖÆļö ´ë¿ªÀ» ÀÚ¼¼È÷ ¾Æ´Â »ç¿ëÀÚ¶ó¸é 5¹ø Ç׸ñ¿¡¼­ Á¤È®ÇÑ ¸ð´ÏÅÍ ÁÖÆļö ´ë¿ªÀ» Àû¾îÁÖ´Â °ÍÀ» ±ÇÀåÇÑ´Ù. 5¹øÀ» ¼±ÅÃÇÑ ÈÄ¿¡ ¼öÁ÷ µ¿±â ÁÖÆļö ´ë¿ªÀ» ¼³Á¤ÇÏ´Â ¹æ¹ýÀÌ´Ù. ======================================================================== Vertical sync range: 50-110 ======================================================================== ¿©±â¼­ ¼öÁ÷ µ¿±â ÁÖÆļö ´ë¿ªÀ» 50-110 À̶ó°í ¼³Á¤ÇØÁÖ¾ú´Ù. ÇÊÀÚ ¸ð´ÏÅÍÀÇ ¼öÁ÷ µ¿±â ÁÖÆļö ´ë¿ªÀÌ´Ù. ´Ù µÇ¾úÀ¸¸é ¿£Å͸¦ Ä¡°í ´ÙÀ½À¸·Î ³Ñ¾î°¡º¸ÀÚ. ======================================================================== You must now enter a few identification/description strings, namely an identifier, a vendor name, and a model name. Just pressing enter will fill in default names. The strings are free-form, spaces are allowed. Enter an identifier for your monitor definition: ======================================================================== ¸ð´ÏÅÍÀÇ ¸ðµ¨ À̸§À» ¹¯´Â Ç׸ñÀÌ´Ù. ÀûÁö ¾Ê¾Æµµ »ó°ü¾ø´Ù. ======================================================================== Enter the vendor name of your monitor: ======================================================================== ¿ª½Ã À̸§À» ¹¯´Â Ç׸ñÀÌ´Ù. ======================================================================== Enter the model name of your monitor: ======================================================================== Àû¾îÁÖÁö ¾Ê¾Æµµ µÈ´Ù. ´ÙÀ½Àº ±×·¡ÇÈ Ä«µå¸¦ ¼±ÅÃÇÏ´Â ºÎºÐÀÌ´Ù. ======================================================================== Now we must configure video card specific settings. At this point you can choose to make a selection out of a database of video card definitions. Because there can be variation in Ramdacs and clock generators even between cards of the same model, it is not sensible to blindly copy the settings (e.g. a Device section). For this reason, after you make a selection, you will still be asked about the components of the card, with the settings from the chosen database entry presented as a strong hint. The database entries include information about the chipset, what server to run, the Ramdac and ClockChip, and comments that will be included in the Device section. However, a lot of definitions only hint about what server to run (based on the chipset the card uses) and are untested. If you can't find your card in the database, there's nothing to worry about. You should only choose a database entry that is exactly the same model as your card; choosing one that looks similar is just a bad idea (e.g. a GemStone Snail 64 may be as different from a GemStone Snail 64+ in terms of hardware as can be). Do you want to look at the card database? ======================================================================= ÀÌ ºÎºÐÀº ±×·¡ÇÈ Ä«µå¸¦ ¼±ÅÃÇÏ´Â ºÎºÐÀÌ´Ù. Yes ·Î ¼³Á¤ÇÏ°í ¿£ÅÍÇÏ°í ³Ñ¾î°¡ º¸ÀÚ. ======================================================================= 0 2 the Max MAXColor S3 Trio64V+ S3 Trio64V+ 1 928Movie S3 928 2 AGX (generic) AGX-014/15/16 3 ALG-5434(E) CL-GD5434 4 ASUS 3Dexplorer RIVA128 5 ASUS PCI-AV264CT ATI-Mach64 6 ASUS PCI-V264CT ATI-Mach64 7 ASUS Video Magic PCI V864 S3 864 8 ASUS Video Magic PCI VT64 S3 Trio64 9 AT25 Alliance AT3D 10 AT3D Alliance AT3D 11 ATI 3D Pro Turbo ATI-Mach64 12 ATI 3D Xpression ATI-Mach64 13 ATI 3D Xpression+ PC2TV ATI-Mach64 14 ATI 8514 Ultra (no VGA) ATI-Mach8 15 ATI All-in-Wonder ATI-Mach64 16 ATI Graphics Pro Turbo ATI-Mach64 17 ATI Graphics Pro Turbo 1600 ATI-Mach64 18 ATI Graphics Ultra ATI-Mach8 19 ATI Graphics Ultra Pro ATI-Mach32 20 ATI Graphics Xpression with 68875 RAMDAC ATI-Mach64 21 ATI Graphics Xpression with AT&T 20C408 RAMDAC ATI-Mach64 22 ATI Graphics Xpression with CH8398 RAMDAC ATI-Mach64 23 ATI Graphics Xpression with Mach64 CT (264CT) ATI-Mach64 24 ATI Graphics Xpression with STG1702 RAMDAC ATI-Mach64 25 ATI Mach32 ATI-Mach32 26 ATI Mach64 ATI-Mach64 27 ATI Mach64 3D RAGE II+, Internal RAMDAC ATI-Mach64 28 ATI Mach64 3D RAGE II, Internal RAMDAC ATI-Mach64 29 ATI Mach64 CT (264CT), Internal RAMDAC ATI-Mach64 30 ATI Mach64 GT (264GT), aka 3D RAGE, Internal RAMDACATI-Mach64 31 ATI Mach64 VT (264VT), Internal RAMDAC ATI-Mach64 32 ATI Mach64 with AT&T 20C408 RAMDAC ATI-Mach64 33 ATI Mach64 with CH8398 RAMDAC ATI-Mach64 34 ATI Mach64 with IBM RGB514 RAMDAC ATI-Mach64 35 ATI Pro Turbo+PC2TV, 3D Rage II+DVD ATI-Mach64 36 ATI Ultra Plus ATI-Mach32 37 ATI Video Xpression ATI-Mach64 38 ATI Win Boost with AT&T 20C408 RAMDAC ATI-Mach64 39 ATI Win Boost with CH8398 RAMDAC ATI-Mach64 40 ATI Win Boost with Mach64 CT (264CT) ATI-Mach64 41 ATI Win Boost with STG1702 RAMDAC ATI-Mach64 . . . . . . . 415 XGA-1 (ISA bus) XGA-1 416 XGA-2 (ISA bus) XGA-2 417 miro miroMedia 3D S3 ViRGE Enter a number to choose the corresponding card definition. Press enter for the next page, q to continue configuration. ================================================================ XFree86 3.3.2 ¿¡¼­´Â ¸¹Àº ºñµð¿À Ä«µå°¡ Áö¿øµÇ±â ½ÃÀÛÇß´Ù. ƯÈ÷, À̹ø ¹öÀüºÎÅÍ´Â AGP ºñµð¿À Ä«µå°¡ ½ÃÇèÀûÀ¸·Î µµÀÔÀÌ µÇ¾ú´Ù. ºÎ°¡ÀûÀÎ ¼³¸íÀ» ÇÏÀÚ¸é ¿ÞÂÊ¿¡ ÀÖ´Â °ÍÀº ºñµð¿À Ä«µå ¸ðµ¨¸íÀÌ°í, ¿À¸¥ÂÊ¿¡ ÀÖ´Â °ÍÀº ºñµð¿À Ä«µåÀÇ Ä¨¼ÂÀÌ´Ù. ¸®´ª½º »ó¿¡¼­ÀÇ ºñµð¿À Ä«µå´Â ºñµð¿À Ä«µå Ĩ¼Â¿¡ µû¶ó X ¼³Á¤ÀÌ ¸¹ÀÌ Á¿ìÇÏ°Ô µÈ´Ù. ¸ñ·Ï¿¡¼­ ÀÚ½ÅÀÇ ºñµð¿À Ä«µå¸¦ ¼±ÅÃÇÏ¿´´Ù¸é ´ÙÀ½°ú °°Àº ¸Þ½ÃÁö °¡ ³ªÅ¸³¯ °ÍÀÌ´Ù. =================================================================== Your selected card definition: Identifier: Matrox Mystique Chipset: mga1064sg Server: XF86_SVGA Do NOT probe clocks or use any Clocks line. Press enter to continue, or ctrl-c to abort. ===================================================================== XFree86 3.3.2 ¿¡¼­ Ãß°¡·Î Áö¿øµÇ´Â ºñµð¿À Ä«µå ¸ñ·ÏÀº ³ªÁß¿¡ º¸¿©ÁÙ °ÍÀÌ´Ù. ¿£Å͸¦ Ä¡°í ³Ñ¾î°¡¸é ´ÙÀ½°ú °°Àº ¸Þ¼¼Áö°¡ ³ªÅ¸³¯ °ÍÀÌ´Ù. ====================================================================== Now you must determine which server to run. Refer to the manpages and other documentation. The following servers are available (they may not all be installed on your system): 1 The XF86_Mono server. This a monochrome server that should work on any VGA-compatible card, in 640x480 (more on some SVGA chipsets). 2 The XF86_VGA16 server. This is a 16-color VGA server that should work on any VGA-compatible card. 3 The XF86_SVGA server. This is a 256 color SVGA server that supports a number of SVGA chipsets. On some chipsets it is accelerated or supports higher color depths. 4 The accelerated servers. These include XF86_S3, XF86_Mach32, XF86_Mach8, XF86_8514, XF86_P9000, XF86_AGX, XF86_W32, XF86_Mach64, XF86_I128 and XF86_S3V. These four server types correspond to the four different "Screen" sections in XF86Config (vga2, vga16, svga, accel). 5 Choose the server from the card definition, XF86_SVGA. Which one of these screen types do you intend to run by default (1-5)? ======================================================================= À§ÀÇ ºñµð¿À Ä«µå Ç׸ñ¿¡¼­ ¼±ÅÃÀ» ÇÏ¿´À¸¸é 5¹øÀ» ¼±ÅÃÇÏÁö¸¸, ¸¸¾à, ÀÚ½ÅÀÇ ºñµð¿À Ä«µå°¡ ¸ñ·Ï¿¡ ¾øÀ» °æ¿ì¿¡´Â 1-4¹ø Ç׸ñÀ» ¼±ÅÃÇÒ ¼ö ÀÖ´Ù. 1¹ø Ç׸ñÀº Èæ¹é ¸ðµå·Î X ¸¦ ¼³Á¤Çϵµ·Ï ÇÏ´Â Ç׸ñÀÌ´Ù. 2¹ø Ç׸ñÀº Mono(Áï, 16Ä÷¯) ¸ðµå·Î X ¸¦ ¼³Á¤Çϵµ·Ï ÇÏ´Â Ç׸ñÀÌ´Ù. 3¹ø Ç׸ñÀº 256 Ä÷¯ SVGA ¸ðµå·Î X ¸¦ ¼³Á¤Çϵµ·Ï ÇÏ´Â Ç׸ñÀÌ´Ù. ½Ã½ºÅÛ¿¡ ÀÖ´Â ºñµð¿À Ä«µå°¡ ¸ñ·Ï¿¡ ¾øÀ» °æ¿ì¿¡ SVGA ¸ðµå·Î X ¼³Á¤ÇÒ °æ¿ìÀÌ´Ù. 4¹ø Ç׸ñÀº accelerated ±â´ÉÀÌ ÀÖ´Â ºñµð¿À Ä«µå¸¦ ¼±ÅÃÇÏ´Â Ç׸ñÀÌ´Ù. ¸®´ª½º¿¡¼­ °¡Àå X ¼³Á¤Çϱ⠽¬¿î ºñµð¿À Ä«µå¸¦ Áö¿øÇÏ´Â Ç׸ñÀÌ´Ù. ======================================================================= The server to run is selected by changing the symbolic link 'X'. For example, 'rm /usr/X11R6/bin/X; ln -s /usr/X11R6/bin/XF86_SVGA /usr/X11R6/bin/X' selects the SVGA server. Please answer the following question with either 'y' or 'n'. Do you want me to set the symbolic link? ====================================================================== ÀÌ Ç׸ñÀº ¼±ÅÃµÈ X ¼­¹ö¸¦ /usr/X11R6/bin/X ·Î ¸µÅ©¸¦ ½ÃÅ°´Â Ç׸ñÀÌ´Ù. YES ·Î ¼³Á¤ÇÏ°í ´ÙÀ½À¸·Î ³Ñ¾î°¡º¸ÀÚ. ======================================================================= Now you must give information about your video card. This will be used for the "Device" section of your video card in XF86Config. You must indicate how much video memory you have. It is probably a good idea to use the same approximate amount as that detected by the server you intend to use. If you encounter problems that are due to the used server not supporting the amount memory you have (e.g. ATI Mach64 is limited to 1024K with the SVGA server), specify the maximum amount supported by the server. How much video memory do you have on your video card: 1 256K 2 512K 3 1024K 4 2048K 5 4096K 6 Other Enter your choice: ======================================================================= ÀÌ Ç׸ñÀº ½Ã½ºÅÛ¿¡ ºÎÂøµÈ ºñµð¿À Ä«µåÀÇ ¸Þ¸ð¸®¸¦ ¼±ÅÃÇÏ´Â ºÎºÐÀÌ´Ù. ÀÚ½ÅÀÇ ºñµð¿À Ä«µåÀÇ ¸Þ¸ð¸®¸¦ »ìÆ캸±â ¹Ù¶õ´Ù. ======================================================================= You must now enter a few identification/description strings, namely an identifier, a vendor name, and a model name. Just pressing enter will fill in default names (possibly from a card definition). Your card definition is Matrox Mystique. The strings are free-form, spaces are allowed. Enter an identifier for your video card definition: ======================================================================= ÀÌ Ç׸ñÀº ºñµð¿À Ä«µåÀÇ È¸»ç¸íÀ» Àû¾îÁÖ´Â °÷ÀÌ´Ù. ½áÁÖÁö ¾Ê¾Æµµ »ó°ü¾ø´Ù. ======================================================================= You can simply press enter here if you have a generic card, or want to describe your card with one string. Enter the vendor name of your video card: ======================================================================= ÀÌ Ç׸ñÀº ºñµð¿À Ä«µåÀÇ ¸ðµ¨¸íÀ» Àû¾îÁÖ´Â Ç׸ñÀÌ´Ù. ½áÁÖÁö ¾Ê¾Æµµ »ó°ü¾ø´Ù. ========================================================================= Enter the model (board) name of your video card: ========================================================================= ÀÌ Ç׸ñµµ ¸¶Âù°¡ÁöÀÌ´Ù. ========================================================================= The RAMDAC setting only applies to the S3, AGX, W32 servers, and some drivers in the SVGA servers. Some RAMDAC's are auto-detected by the server. The detection of a RAMDAC is forced by using a Ramdac "identifier" line in the Device section. The identifiers are shown at the right of the following table of RAMDAC types: 1 AT&T 20C490 (S3 and AGX servers, ARK driver) att20c490 2 AT&T 20C498/21C498/22C498 (S3, autodetected) att20c498 3 AT&T 20C409/20C499 (S3, autodetected) att20c409 4 AT&T 20C505 (S3) att20c505 5 BrookTree BT481 (AGX) bt481 6 BrookTree BT482 (AGX) bt482 7 BrookTree BT485/9485 (S3) bt485 8 Sierra SC15025 (S3, AGX) sc15025 9 S3 GenDAC (86C708) (autodetected) s3gendac 10 S3 SDAC (86C716) (autodetected) s3_sdac 11 STG-1700 (S3, autodetected) stg1700 12 STG-1703 (S3, autodetected) stg1703 13 TI 3020 (S3, autodetected) ti3020 14 TI 3025 (S3, autodetected) ti3025 15 TI 3026 (S3, autodetected) ti3026 16 IBM RGB 514 (S3, autodetected) ibm_rgb514 17 IBM RGB 524 (S3, autodetected) ibm_rgb524 18 IBM RGB 525 (S3, autodetected) ibm_rgb525 19 IBM RGB 526 (S3) ibm_rgb526 20 IBM RGB 528 (S3, autodetected) ibm_rgb528 21 ICS5342 (S3, ARK) ics5342 22 ICS5341 (W32) ics5341 23 IC Works w30C516 ZoomDac (ARK) zoomdac 24 Normal DAC normal Enter a number to choose the corresponding RAMDAC. Press enter for the next page, q to quit without selection of a RAMDAC. ======================================================================= ºñµð¿À Ä«µåÀÇ RAMDACÀ» ¼³Á¤ÇÏ´Â Ç׸ñÀÌ´Ù. ÁÖ·Î S3 °è¿­ÀÇ ºñµð¿À Ä«µå°¡ ¼±Åà Ç׸ñ¿¡ µé¾î°£´Ù. S3 °è¿­ÀÇ ºñµð¿À Ä«µå ÀÌ¿ÜÀÇ ºñµð¿À Ä«µå¶ó¸é 24¹øÀÇ Normal DAC À» ¼±ÅÃÇÏ´øÁö q¸¦ ¼±ÅÃÇؼ­ ºüÁ® ³ª¿À±â ¹Ù¶õ´Ù. ======================================================================== A Clockchip line in the Device section forces the detection of a programmable clock device. With a clockchip enabled, any required clock can be programmed without requiring probing of clocks or a Clocks line. Most cards don't have a programmable clock chip. Choose from the following list: 1 Chrontel 8391 ch8391 2 ICD2061A and compatibles (ICS9161A, DCS2824) icd2061a 3 ICS2595 ics2595 4 ICS5342 (similar to SDAC, but not completely compatible) ics5342 5 ICS5341 ics5341 6 S3 GenDAC (86C708) and ICS5300 (autodetected) s3gendac 7 S3 SDAC (86C716) s3_sdac 8 STG 1703 (autodetected) stg1703 9 Sierra SC11412 sc11412 10 TI 3025 (autodetected) ti3025 11 TI 3026 (autodetected) ti3026 12 IBM RGB 51x/52x (autodetected) ibm_rgb5xx Just press enter if you don't want a Clockchip setting. What Clockchip setting do you want (1-12)? ======================================================================= ºñµð¿À Ä«µåÀÇ Å¬·° Ĩ¼ÂÀ» ¼±ÅÃÇÏ´Â ºÎºÐÀÌ´Ù. ÁÖ·Î S3 °è¿­ÀÇ ºñµð¿À Ä«µå°¡ ÀÌ Ç׸ñ¿¡ µé¾î°£´Ù. ºñµð¿À Ä«µåÀÇ ¸Å´º¾ó À» º¸¾Æ¼­ ÀÚ½ÅÀÇ Å¬·° ĨÀÌ ¿©±â¿¡ ¾ø´Ù¸é ¿£Å͸¦ Ä¡°í ³Ñ¾î°£´Ù. ===================================================================== For most configurations, a Clocks line is useful since it prevents the slow and nasty sounding clock probing at server start-up. Probed clocks are displayed at server startup, along with other server and hardware configuration info. You can save this information in a file by running 'X -probeonly 2>output_file'. Be warned that clock probing is inherently imprecise; some clocks may be slightly too high (varies per run). At this point I can run X -probeonly, and try to extract the clock information from the output. It is recommended that you do this yourself and add a clocks line (note that the list of clocks may be split over multiple Clocks lines) to your Device section afterwards. Be aware that a clocks line is not appropriate for drivers that have a fixed set of clocks and don't probe by default (e.g. Cirrus). Also, for the P9000 server you must simply specify clocks line that matches the modes you want to use. For the S3 server with a programmable clock chip you need a 'ClockChip' line and no Clocks line. You must be root to be able to run X -probeonly now. The card definition says to NOT probe clocks. Do you want me to run 'X -probeonly' now? ====================================================================== X ¼³Á¤¿¡ À־ ¸ð´ÏÅÍÀÇ ÁÖÆļö ´ë¿ªÀ» ¼±ÅÃÇÑ ºñµð¿À Ä«µåÀÇ Å¬·° Ĩ°úÀÇ »ó°ü °ü°è¸¦ ¸ÂÃß¾îÁÖ´Â ºÎºÐÀÔ´Ï´Ù. ¸¸ÀÏ ¸ÂÁö ¾Ê´Â´Ù¸é ¿¡·¯ ¸Þ½ÃÁö¸¦ º¸¿©ÁÖ°Ô µË´Ï´Ù. ÀÚ½ÅÀÇ ¸ð´ÏÅÍ ¼³Á¤°ú ºñµð¿À Ä«µå°¡ ¸Â´ÂÁö È®ÀÎÇØ º¸±â À§Çؼ­ YES ·Î ¼³Á¤ÇÏ°í ¸Â´ÂÁö È®ÀÎÇØ º¸½Ã±â ¹Ù¶ø´Ï´Ù. ======================================================================= The card definition says to NOT probe clocks. Do you want me to run 'X -probeonly' now? y It is possible that the hardware detection routines in the server will somehow cause the system to crash and the screen to remain blank. If this is the case, do not choose this option the next time. The server may need a Ramdac, ClockChip or special option (e.g. "nolinear" for S3) to probe and start-up correctly. Press enter to continue, or ctrl-c to abort. ======================================================================== YES ·Î ¼³Á¤À» ÇÏ¿´´Ù¸é ´ÙÀ½°ú °°Àº ¸Þ¼¼Áö°¡ ³ª¿Â´Ù. ¿£Å͸¦ Ä¡°í ³Ñ¾î°¡¸é ¸î¹ø Á¤µµ È­¸éÀÌ ±ôºýÀ̸鼭 ÁÖÆļö ´ë¿ªÀ» ã¾Æ³»°Ô µÈ´Ù. ¸¸¾à, ¿¡·¯°¡ ³­´Ù¸é ´ÙÀ½°ú °°Àº ¸Þ¼¼Áö°¡ ³ª¿À°Ô µÈ´Ù. ======================================================================== Running X -probeonly -pn -xf86config /tmp/XF86Config.tmp. X -probeonly call failed. No Clocks line inserted. Press enter to continue, or ctrl-c to abort. ======================================================================== ¿£Å͸¦ Ãļ­ ÇØ»óµµ ¼³Á¤À» Çغ¸ÀÚ. ======================================================================== For each depth, a list of modes (resolutions) is defined. The default resolution that the server will start-up with will be the first listed mode that can be supported by the monitor and card. Currently it is set to: "640x480" "800x600" "1024x768" "1280x1024" for 8bpp "640x480" "800x600" "1024x768" "1280x1024" for 16bpp "640x480" "800x600" "1024x768" "1280x1024" for 24bpp "640x480" "800x600" "1024x768" for 32bpp Note that 16, 24 and 32bpp are only supported on a few configurations. Modes that cannot be supported due to monitor or clock constraints will be automatically skipped by the server. 1 Change the modes for 8pp (256 colors) 2 Change the modes for 16bpp (32K/64K colors) 3 Change the modes for 24bpp (24-bit color, packed pixel) 4 Change the modes for 32bpp (24-bit color) 5 The modes are OK, continue. Enter your choice: ======================================================================== ÀÚ½ÅÀÌ ¿øÇÏ´Â Ä÷¯¼ö¸¦ °í¸£´Â Ç׸ñÀÌ´Ù. ======================================================================== Select modes from the following list: 1 "640x400" 2 "640x480" 3 "800x600" 4 "1024x768" 5 "1280x1024" 6 "320x200" 7 "320x240" 8 "400x300" 9 "1152x864" 10 "1600x1200" 11 "1800x1400" 12 "512x384" Please type the digits corresponding to the modes that you want to select. For example, 432 selects "1024x768" "800x600" "640x480", with a default mode of 1024x768. Which modes? ======================================================================= ÀÚ½ÅÀÌ ¿øÇÏ´Â Ä÷¯¼ö¿¡ ´ëÇÑ Çػ󵵸¦ ¼³Á¤ÇÏ´Â Ç׸ñÀÌ´Ù. ======================================================================= You can have a virtual screen (desktop), which is screen area that is larger than the physical screen and which is panned by moving the mouse to the edge of the screen. If you don't want virtual desktop at a certain resolution, you cannot have modes listed that are larger. Each color depth can have a differently-sized virtual screen Please answer the following question with either 'y' or 'n'. Do you want a virtual screen that is larger than the physical screen? ======================================================================== X È­¸é¿¡¼­ÀÇ °¡»óÈ­¸éÀ» ¼±ÅÃÇÒ ¼ö ÀÖµµ·Ï ÇÏ´Â Ç׸ñÀÌ´Ù. °¡»óÈ­¸éÀ» »ç¿ëÇÏ°í ½ÍÀ¸¸é YES ·Î ¼³Á¤ÇÏ°í, ÇÊ¿ä¾øÀ¸¸é NO ·Î ¼³Á¤ÇÏ°í ³Ñ¾î°¡±â ¹Ù¶õ´Ù. ¸¸ÀÏ, YES ·Î ¼³Á¤À» ÇÏ¿´´Ù¸é ´ÙÀ½°ú °°Àº ¸Þ¼¼Áö°¡ ³ª¿Ã °ÍÀÌ´Ù. ======================================================================== For each depth, a list of modes (resolutions) is defined. The default resolution that the server will start-up with will be the first listed mode that can be supported by the monitor and card. Currently it is set to: "640x480" "800x600" "1024x768" "1280x1024" for 8bpp "1280x1024" for 16bpp "640x480" "800x600" "1024x768" "1280x1024" for 24bpp "640x480" "800x600" "1024x768" for 32bpp Note that 16, 24 and 32bpp are only supported on a few configurations. Modes that cannot be supported due to monitor or clock constraints will be automatically skipped by the server. 1 Change the modes for 8pp (256 colors) 2 Change the modes for 16bpp (32K/64K colors) 3 Change the modes for 24bpp (24-bit color, packed pixel) 4 Change the modes for 32bpp (24-bit color) 5 The modes are OK, continue. Enter your choice: ===================================================================== °¡»óÈ­¸éÀÇ Ä÷¯¼ö¸¦ ¼±ÅÃÇÏ´Â ºÎºÐÀε¥, ÀÚ½ÅÀÌ ¼±ÅÃÇÏ¿´´ø Ä÷¯¼ö¿Í °°Àº Ä÷¯¼ö¸¦ ¼±ÅÃÇؾ߸¸ ÇÑ´Ù. °¡»óÈ­¸éÀÇ====================================================================== Select modes from the following list: 1 "640x400" 2 "640x480" 3 "800x600" 4 "1024x768" 5 "1280x1024" 6 "320x200" 7 "320x240" 8 "400x300" 9 "1152x864" 10 "1600x1200" 11 "1800x1400" 12 "512x384" Please type the digits corresponding to the modes that you want to select. For example, 432 selects "1024x768" "800x600" "640x480", with a default mode of 1024x768. Which modes? ======================================================================= Çػ󵵸¦ ¼³Á¤ÇÏ´Â ºÎºÐÀÌ´Ù. ======================================================================== You can have a virtual screen (desktop), which is screen area that is larger than the physical screen and which is panned by moving the mouse to the edge of the screen. If you don't want virtual desktop at a certain resolution, you cannot have modes listed that are larger. Each color depth can have a differently-sized virtual screen Please answer the following question with either 'y' or 'n'. Do you want a virtual screen that is larger than the physical screen? ======================================================================= °¡»ó È­¸éÀ» ÀÌ¿ëÇÒ °ÍÀΰ¡¸¦ ¹¯´Â È­¸éÀÌ´Ù. °¡»óÈ­¸éÀ» »ç¿ëÇÏ°íÀÚ ÇÑ´Ù¸é YES ·Î ¼³Á¤ÇÏ¸é µÇ°í, ±×·¸Áö ¾Ê´Ù¸é NO·Î ¼³Á¤ÇÏ°í ³Ñ¾î°¡±â ¹Ù¶õ´Ù. ======================================================================= For each depth, a list of modes (resolutions) is defined. The default resolution that the server will start-up with will be the first listed mode that can be supported by the monitor and card. Currently it is set to: "640x480" "800x600" "1024x768" "1280x1024" for 8bpp "1280x1024" for 16bpp "640x480" "800x600" "1024x768" "1280x1024" for 24bpp "640x480" "800x600" "1024x768" for 32bpp Note that 16, 24 and 32bpp are only supported on a few configurations. Modes that cannot be supported due to monitor or clock constraints will be automatically skipped by the server. 1 Change the modes for 8pp (256 colors) 2 Change the modes for 16bpp (32K/64K colors) 3 Change the modes for 24bpp (24-bit color, packed pixel) 4 Change the modes for 32bpp (24-bit color) 5 The modes are OK, continue. Enter your choice: ========================================================================= Ä÷¯¼ö¿Í Çػ󵵸¦ ´Ù ¼³Á¤ÇÑ À¯Àú´Â 5¹øÀ» ¼±ÅÃÇÏ°í ´ÙÀ½À¸·Î ³Ñ¾î°¡±â ¹Ù¶õ´Ù. ========================================================================= I am going to write the XF86Config file now. Make sure you don't accidently overwrite a previously configured one. Shall I write it to /etc/X11/XF86Config? ========================================================================= Áö±Ý±îÁöÀÇ X ¼³Á¤À» /etc/X11/XF86Config ÆÄÀÏ¿¡ ÀúÀåÀ» ÇÒ °ÍÀÎÁö ¹¯´Â Ç׸ñÀÌ´Ù. YES ·Î ¼³Á¤ÇÏ°í xf86config ¸¦ ¸¶Ä¡¸é X ¼³Á¤Àº ³¡³ª°Ô µÈ´Ù. < XF86Config ¼³Á¤ > ¿©±â¼­´Â X-WindowÀÇ ½ÉÀåºÎ¶ó°íµµ ÇÒ ¼ö ÀÖ´Â XF86Config¿¡ ´ëÇÑ °£·«ÇÑ ³»¿ë°ú ¼³Á¤ ¹æ¹ý¿¡ ´ëÇؼ­ ¾Ë¾Æº¸±â·Î ÇÏÀÚ. ============================================================ # File generated by XConfigurator. # ********************************************************************** # Refer to the XF86Config(4/5) man page for details about the format of # this file. # ********************************************************************** # ********************************************************************** # Files section. This allows default font and rgb paths to be set # ********************************************************************** Section "Files" # The location of the RGB database. Note, this is the name of the # file minus the extension (like ".txt" or ".db"). There is normally # no need to change the default. RgbPath "/usr/X11R6/lib/X11/rgb" # Multiple FontPath entries are allowed (they are concatenated together) * ÀÌ ºÎºÐÀÌ ÆùÆ®ÀÇ Æнº ¹× µð·ºÅ丮¸¦ ÁöÁ¤Çϴ°÷ÀÌ´Ù. FontPath "/usr/X11R6/lib/X11/fonts/misc/" FontPath "/usr/X11R6/lib/X11/fonts/Type1/" FontPath "/usr/X11R6/lib/X11/fonts/Speedo/" FontPath "/usr/X11R6/lib/X11/fonts/75dpi/" FontPath "/usr/X11R6/lib/X11/fonts/100dpi/" FontPath "/usr/X11R6/lib/X11/fonts/truetype/" EndSection # ********************************************************************** # Server flags section. # ********************************************************************** Section "ServerFlags" # Uncomment this to cause a core dump at the spot where a signal is # received. This may leave the console in an unusable state, but may # provide a better stack trace in the core dump to aid in debugging #NoTrapSignals # Uncomment this to disable the server abort sequence # This allows clients to receive this key event. #DontZap # Uncomment this to disable the / mode switching # sequences. This allows clients to receive these key events. #DontZoom EndSection # ********************************************************************** # Input devices # ********************************************************************** # ********************************************************************** # Keyboard section # ********************************************************************** * ½Ã½ºÅÛÀÇ Å°º¸µå¸¦ ¼³Á¤Çϴ°÷ÀÌ´Ù. Section "Keyboard" Protocol "Standard" #when using XQUEUE, comment out the above line, and uncomment the #following line #Protocol "Xqueue" AutoRepeat 500 5 # Let the server do the NumLock processing. This should only be # required when using pre-R6 clients #ServerNumLock # Specify which keyboard LEDs can be user-controlled (eg, with xset(1)) #Xleds 1 2 3 #To set the LeftAlt to Meta, RightAlt key to ModeShift, #RightCtl key to Compose, and ScrollLock key to ModeLock: * Å°º¸µåÀÇ Å°Äڵ带 ¼³Á¤Çϴ°÷ÀÌ´Ù. ¿ÞÂÊ, ¿À¸¥ÂÊÀÇ ALT Å°¸¦ ´Ù¸£°Ô ÁöÁ¤ÇÒ¼ö ÀÖ´Ù. LeftAlt Meta RightAlt Meta ScrollLock Compose RightCtl Control # To disable the XKEYBOARD extension, uncomment XkbDisable. # XkbDisable # To customise the XKB settings to suit your keyboard, modify the # lines below (which are the defaults). For example, for a non-U.S. # keyboard, you will probably want to use: # XkbModel "pc102" # If you have a US Microsoft Natural keyboard, you can use: # XkbModel "microsoft" # # Then to change the language, change the Layout setting. # For example, a german layout can be obtained with: # XkbLayout "de" # or: # XkbLayout "de" # XkbVariant "nodeadkeys" # # If you'd like to switch the positions of your capslock and # control keys, use: # XkbOptions "ctrl:swapcaps" # These are the default XKB settings for XFree86 # XkbRules "xfree86" # XkbModel "pc101" # XkbLayout "us" # XkbVariant "" # XkbOptions "" XkbKeycodes "xfree86" XkbTypes "default" XkbCompat "default" XkbSymbols "us(pc101)" XkbGeometry "pc" XkbRules "xfree86" XkbModel "pc101" XkbLayout "us" EndSection # ********************************************************************** # Pointer section # ********************************************************************** Section "Pointer" Protocol "ps/2" Device "/dev/mouse" # When using XQUEUE, comment out the above two lines, and uncomment # the following line. # Protocol "Xqueue" # Baudrate and SampleRate are only for some Logitech mice # BaudRate 9600 # SampleRate 150 # Emulate3Buttons is an option for 2-button Microsoft mice # Emulate3Timeout is the timeout in milliseconds (default is 50ms) * ¸¶¿ì½º 3¹öÆ° ±¸¼ºÀ» ÁöÁ¤ÇÏ´Â ¼³Á¤ÀÌ´Ù. Emulate3Buttons Emulate3Timeout 50 # ChordMiddle is an option for some 3-button Logitech mice # ChordMiddle EndSection # ********************************************************************** # Xinput section -- this is optional and is required only if you # are using extended input devices. This is for example only. Refer # to the XF86Config man page for a description of the options. # ********************************************************************** # # Section "Xinput" # SubSection "WacomStylus" # Port "/dev/ttyS1" # DeviceName "Wacom" # EndSubSection # SubSection "WacomCursor" # Port "/dev/ttyS1" # EndSubSection # SubSection "WacomEraser" # Port "/dev/ttyS1" # EndSubSection # # SubSection "Elographics" # Port "/dev/ttyS1" # DeviceName "Elo" # MinimumXPosition 300 # MaximumXPosition 3500 # MinimumYPosition 300 # MaximumYPosition 3500 # Screen 0 # UntouchDelay 10 # ReportDelay 10 # EndSubSection # # SubSection "Joystick" # Port "/dev/joy0" # DeviceName "Joystick" # TimeOut 10 # MinimumXPosition 100 # MaximumXPosition 1300 # MinimumYPosition 100 # MaximumYPosition 1100 # # CenterX 700 # # CenterY 600 # Delta 20 # EndSubSection # # The Mouse Subsection contains the same type of entries as the # standard Pointer Section (see above), with the addition of the # DeviceName entry. # # SubSection "Mouse" # Port "/dev/mouse2" # DeviceName "Second Mouse" # Protocol "Logitech" # EndSubSection # EndSection # ********************************************************************** # Monitor section # ********************************************************************** # Any number of monitor sections may be present Section "Monitor" Identifier "My Monitor" VendorName "Unknown" ModelName "Unknown" # HorizSync is in kHz unless units are specified. # HorizSync may be a comma separated list of discrete values, or a # comma separated list of ranges of values. # NOTE: THE VALUES HERE ARE EXAMPLES ONLY. REFER TO YOUR MONITOR'S # USER MANUAL FOR THE CORRECT NUMBERS. * ¸ð´ÏÅÍÀÇ ¼öÆò µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ´Â °÷ÀÌ´Ù. HorizSync 30-65 # VertRefresh is in Hz unless units are specified. # VertRefresh may be a comma separated list of discrete values, or a # comma separated list of ranges of values. # NOTE: THE VALUES HERE ARE EXAMPLES ONLY. REFER TO YOUR MONITOR'S # USER MANUAL FOR THE CORRECT NUMBERS. * ¸ð´ÏÅÍÀÇ ¼öÁ÷ µ¿±â ÁÖÆļö¸¦ ¼³Á¤ÇÏ´Â °÷ÀÌ´Ù. VertRefresh 50-110 # Modes can be specified in two formats. A compact one-line format, or # a multi-line format. # These two are equivalent # ModeLine "1024x768i" 45 1024 1048 1208 1264 768 776 784 817 Interlace # Mode "1024x768i" # DotClock 45 # HTimings 1024 1048 1208 1264 # VTimings 768 776 784 817 # Flags "Interlace" # EndMode # This is a set of standard mode timings. Modes that are out of monitor spec # are automatically deleted by the server (provided the HorizSync and # VertRefresh lines are correct), so there's no immediate need to # delete mode timings (unless particular mode timings don't work on your # monitor). With these modes, the best standard mode that your monitor # and video card can support for a given resolution is automatically # used. # 640x400 @ 70 Hz, 31.5 kHz hsync Modeline "640x400" 25.175 640 664 760 800 400 409 411 450 # 640x480 @ 60 Hz, 31.5 kHz hsync Modeline "640x480" 25.175 640 664 760 800 480 491 493 525 # 800x600 @ 56 Hz, 35.15 kHz hsync ModeLine "800x600" 36 800 824 896 1024 600 601 603 625 # 1024x768 @ 87 Hz interlaced, 35.5 kHz hsync Modeline "1024x768" 44.9 1024 1048 1208 1264 768 776 784 817 Interlace # 640x400 @ 85 Hz, 37.86 kHz hsync Modeline "640x400" 31.5 640 672 736 832 400 401 404 445 -HSync +VS # 640x480 @ 72 Hz, 36.5 kHz hsync Modeline "640x480" 31.5 640 680 720 864 480 488 491 521 # 640x480 @ 75 Hz, 37.50 kHz hsync ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -HSync -VS # 800x600 @ 60 Hz, 37.8 kHz hsync Modeline "800x600" 40 800 840 968 1056 600 601 605 628 +hsync +vs # 640x480 @ 85 Hz, 43.27 kHz hsync Modeline "640x400" 36 640 696 752 832 480 481 484 509 -HSync -VS # 1152x864 @ 89 Hz interlaced, 44 kHz hsync ModeLine "1152x864" 65 1152 1168 1384 1480 864 865 875 985 Interlace # 800x600 @ 72 Hz, 48.0 kHz hsync Modeline "800x600" 50 800 856 976 1040 600 637 643 666 +hsync +vs # 1024x768 @ 60 Hz, 48.4 kHz hsync Modeline "1024x768" 65 1024 1032 1176 1344 768 771 777 806 -hsync -vs # 640x480 @ 100 Hz, 53.01 kHz hsync Modeline "640x480" 45.8 640 672 768 864 480 488 494 530 -HSync -VS # 1152x864 @ 60 Hz, 53.5 kHz hsync Modeline "1152x864" 89.9 1152 1216 1472 1680 864 868 876 892 -HSync -VS # 800x600 @ 85 Hz, 55.84 kHz hsync Modeline "800x600" 60.75 800 864 928 1088 600 616 621 657 -HSync -VS # 1024x768 @ 70 Hz, 56.5 kHz hsync Modeline "1024x768" 75 1024 1048 1184 1328 768 771 777 806 -hsync -vs # 1280x1024 @ 87 Hz interlaced, 51 kHz hsync Modeline "1280x1024" 80 1280 1296 1512 1568 1024 1025 1037 1165 Interlace # 800x600 @ 100 Hz, 64.02 kHz hsync Modeline "800x600" 69.65 800 864 928 1088 600 604 610 640 -HSync -VS # 1024x768 @ 76 Hz, 62.5 kHz hsync Modeline "1024x768" 85 1024 1032 1152 1360 768 784 787 823 # 1152x864 @ 70 Hz, 62.4 kHz hsync Modeline "1152x864" 92 1152 1208 1368 1474 864 865 875 895 # 1280x1024 @ 61 Hz, 64.2 kHz hsync Modeline "1280x1024" 110 1280 1328 1512 1712 1024 1025 1028 1054 # 1024x768 @ 85 Hz, 70.24 kHz hsync Modeline "1024x768" 98.9 1024 1056 1216 1408 768 782 788 822 -HSync -VSync # 1152x864 @ 78 Hz, 70.8 kHz hsync Modeline "1152x864" 110 1152 1240 1324 1552 864 864 876 908 # 1280x1024 @ 70 Hz, 74.59 kHz hsync Modeline "1280x1024" 126.5 1280 1312 1472 1696 1024 1032 1040 1068 -HSync -VSy # 1600x1200 @ 60Hz, 75.00 kHz hsync Modeline "1600x1200" 162 1600 1664 1856 2160 1200 1201 1204 1250 +HSync +VSy # 1152x864 @ 84 Hz, 76.0 kHz hsync Modeline "1152x864" 135 1152 1464 1592 1776 864 864 876 908 # 1280x1024 @ 74 Hz, 78.85 kHz hsync Modeline "1280x1024" 135 1280 1312 1456 1712 1024 1027 1030 1064 # 1024x768 @ 100Hz, 80.21 kHz hsync Modeline "1024x768" 115.5 1024 1056 1248 1440 768 771 781 802 -HSync -VSy # 1280x1024 @ 76 Hz, 81.13 kHz hsync Modeline "1280x1024" 135 1280 1312 1416 1664 1024 1027 1030 1064 # 1600x1200 @ 70 Hz, 87.50 kHz hsync Modeline "1600x1200" 189 1600 1664 1856 2160 1200 1201 1204 1250 -HSync -VS # 1152x864 @ 100 Hz, 89.62 kHz hsync Modeline "1152x864" 137.65 1152 1184 1312 1536 864 866 885 902 -HSync -VS # 1280x1024 @ 85 Hz, 91.15 kHz hsync Modeline "1280x1024" 157.5 1280 1344 1504 1728 1024 1025 1028 1072 +HSync +VS # 1600x1200 @ 75 Hz, 93.75 kHz hsync Modeline "1600x1200" 202.5 1600 1664 1856 2160 1200 1201 1204 1250 +HSync +VS # 1600x1200 @ 85 Hz, 105.77 kHz hsync Modeline "1600x1200" 220 1600 1616 1808 2080 1200 1204 1207 1244 +HSync +VS # 1280x1024 @ 100 Hz, 107.16 kHz hsync Modeline "1280x1024" 181.75 1280 1312 1440 1696 1024 1031 1046 1072 -HSync -VS # 1800x1440 @ 64Hz, 96.15 kHz hsync ModeLine "1800X1440" 230 1800 1896 2088 2392 1440 1441 1444 1490 +HSync +VSy # 1800x1440 @ 70Hz, 104.52 kHz hsync ModeLine "1800X1440" 250 1800 1896 2088 2392 1440 1441 1444 1490 +HSync +VSy # 512x384 @ 78 Hz, 31.50 kHz hsync Modeline "512x384" 20.160 512 528 592 640 384 385 388 404 -HSync -VSy # 512x384 @ 85 Hz, 34.38 kHz hsync Modeline "512x384" 22 512 528 592 640 384 385 388 404 -HSync -VSy # Low-res Doublescan modes # If your chipset does not support doublescan, you get a 'squashed' # resolution like 320x400. # 320x200 @ 70 Hz, 31.5 kHz hsync, 8:5 aspect ratio Modeline "320x200" 12.588 320 336 384 400 200 204 205 225 Doublescan # 320x240 @ 60 Hz, 31.5 kHz hsync, 4:3 aspect ratio Modeline "320x240" 12.588 320 336 384 400 240 245 246 262 Doublescan # 320x240 @ 72 Hz, 36.5 kHz hsync Modeline "320x240" 15.750 320 336 384 400 240 244 246 262 Doublescan # 400x300 @ 56 Hz, 35.2 kHz hsync, 4:3 aspect ratio ModeLine "400x300" 18 400 416 448 512 300 301 302 312 Doublescan # 400x300 @ 60 Hz, 37.8 kHz hsync Modeline "400x300" 20 400 416 480 528 300 301 303 314 Doublescan # 400x300 @ 72 Hz, 48.0 kHz hsync Modeline "400x300" 25 400 424 488 520 300 319 322 333 Doublescan # 480x300 @ 56 Hz, 35.2 kHz hsync, 8:5 aspect ratio ModeLine "480x300" 21.656 480 496 536 616 300 301 302 312 Doublescan # 480x300 @ 60 Hz, 37.8 kHz hsync Modeline "480x300" 23.890 480 496 576 632 300 301 303 314 Doublescan # 480x300 @ 63 Hz, 39.6 kHz hsync Modeline "480x300" 25 480 496 576 632 300 301 303 314 Doublescan # 480x300 @ 72 Hz, 48.0 kHz hsync Modeline "480x300" 29.952 480 504 584 624 300 319 322 333 Doublescan EndSection # ********************************************************************** # Graphics device section # ********************************************************************** # Any number of graphics device sections may be present # Standard VGA Device: Section "Device" Identifier "Generic VGA" VendorName "Unknown" BoardName "Unknown" Chipset "generic" # VideoRam 256 # Clocks 25.2 28.3 EndSection # Sample Device for accelerated server: # Section "Device" # Identifier "Actix GE32+ 2MB" # VendorName "Actix" # BoardName "GE32+" # Ramdac "ATT20C490" # Dacspeed 110 # Option "dac_8_bit" # Clocks 25.0 28.0 40.0 0.0 50.0 77.0 36.0 45.0 # Clocks 130.0 120.0 80.0 31.0 110.0 65.0 75.0 94.0 # EndSection # Sample Device for Hercules mono card: # Section "Device" # Identifier "Hercules mono" # EndSection # Device configured by xf86config: Section "Device" Identifier "Matrox Mystique" VendorName "Unknown" BoardName "Unknown" VideoRam 4096 # Insert Clocks lines here if appropriate EndSection # ********************************************************************** # Screen sections # ********************************************************************** # The Colour SVGA server * ÁöÁ¤µÈ ºñµð¿À Ä«µåÀÇ ¼³Á¤ÀÌ ÀÖ´Â Ç׸ñÀÌ´Ù. Section "Screen" Driver "svga" # Use Device "Generic VGA" for Standard VGA 320x200x256 #Device "Generic VGA" Device "Matrox Mystique" Monitor "My Monitor" DefaultColorDepth 16 ---> * X-Window°¡ ½ÃÀÛµÉ ½Ã¿¡ ÇÏÀÌÄ÷¯(16bit)·Î ±âº» ¼³Á¤ÀÌ µÇµµ·Ï ÇÏ´Â ¸í·ÉÀÌ´Ù. Subsection "Display" Depth 8 # Omit the Modes line for the "Generic VGA" device Modes "1024x768" ViewPort 0 0 # Use Virtual 320 200 for Generic VGA Virtual 1024 768 EndSubsection Subsection "Display" Depth 16 --> X-Window ÀÇ Ä÷¯¼ö¸¦ ÁöÁ¤Çϴ°÷ÀÌ´Ù. Modes "1280x1024" --> X-Window ¿¡¼­ÀÇ Ä÷¯¼ö¿¡ ´ëÇÑ ÇØ»óµµ. ViewPort 0 0 Virtual 1280 1024 --> °¡»óÈ­¸éÀÇ Çػ󵵸¦ ÁöÁ¤ÇÏ´Â ºÎºÐÀÌ´Ù. Modes ¿¡¼­ ÁöÁ¤µÈ È­¸é°ú °°Àº °æ¿ì¿¡´Â °¡»óÈ­¸éÀº ½ÇÇàµÇÁö ¾Ê´Â´Ù. EndSubsection Subsection "Display" Depth 24 Modes "1280x1024" ViewPort 0 0 Virtual 1280 1024 EndSubsection Subsection "Display" Depth 32 Modes "1152x864" ViewPort 0 0 Virtual 1152 864 EndSubsection EndSection # The 16-color VGA server --> 16Ä÷¯ ¸ðµå·Î ºñµð¿À Ä«µå°¡ ¼³Á¤ÀÌ µÇ¾úÀ» °æ¿ì. Section "Screen" Driver "vga16" Device "Generic VGA" Monitor "My Monitor" Subsection "Display" Modes "640x480" "800x600" ViewPort 0 0 Virtual 800 600 EndSubsection EndSection # The Mono server --> Èæ¹é ¸ðµå·Î ¼³Á¤µÇ¾îÀÖÀ» °æ¿ì. Section "Screen" Driver "vga2" Device "Generic VGA" Monitor "My Monitor" Subsection "Display" Modes "640x480" "800x600" ViewPort 0 0 Virtual 800 600 EndSubsection EndSection # The accelerated servers (S3, Mach32, Mach8, 8514, P9000, AGX, W32, Mach64) --> accelerated °¡ Áö¿øµÇ´Â ºñµð¿À Ä«µåÀÇ ¼³Á¤ °æ¿ì. Section "Screen" Driver "accel" Device "Matrox Mystique" Monitor "My Monitor" Subsection "Display" Depth 8 Modes "1024x768" ViewPort 0 0 Virtual 1024 768 EndSubsection Subsection "Display" Depth 16 Modes "1280x1024" ViewPort 0 0 Virtual 1280 1024 EndSubsection Subsection "Display" Depth 24 Modes "1024x768" ViewPort 0 0 Virtual 1024 768 EndSubsection Subsection "Display" Depth 32 Modes "1152x864" ViewPort 0 0 Virtual 1152 864 EndSubsection EndSection ========================================================================= < X ÇÑ±Û ·ÎÄÉÀÏ ¼³Á¤ > X¿¡¼­ ÇÑ±Û ·ÎÄÉÀÏÀ» ±âº»À¸·Î ¼³Á¤ÇÏ°Ô Çϱâ À§Çؼ­´Â ´ÙÀ½°ú °°Àº Ç׸ñÀÌ /etc/X11/xinit/xinit ¿¡ ¼³Á¤ÀÌ µÇ¾î¾ß ÇÑ´Ù. ========================================================= export LANG LANG=ko ================================================================== ÀúÀåÇÑ ÈÄ¿¡ ´Ù½Ã X ¼­¹ö¸¦ ±¸µ¿½ÃÅ°¸é ÇÑ±Û ·ÎÄÉÀÏÀ» ±âº»À¸·Î ÀоîµéÀÌ°Ô µÈ´Ù. < XFree86 3.3.2 ¿¡¼­ Áö¿øµÇ´Â VGA ¸ñ·Ï > ¢Ñ Support for ET6100 has been added to the Tseug driver. ¢Ñ Acceleration has been added for W32 and W32i. ¢Ñ Test performance has been improved for the Tseug driver. ¢Ñ Support for new RAMDACs, including the ch8398, the ch8391, and the MUSIC MU9C4910 has been added to the Tseug driver. ¢Ñ Accelerated support fot the AT3D and AT25 has been added to the NY driver. ¢Ñ Support for accelerated NY1 and accelerated Riva128 has been added to the NY driver. ¢Ñ Support for the Matrox Millennium II AGP has been included into the MGA driver. ¢Ñ New support for several Trident chips has been added, including Cyber9397, 3DImage975 and 3DImage985 (unaccelerated and not completed yet) , TGUI9685. ¢Ñ CrealTV support has been added for the TGUI9685. ¢Ñ Acceleration of all TGUI chipsets has been improved. ¢Ñ Support for Rage Pro based PCI and AGP cards has been added. ¢Ñ Maximum dorclock for newer Mach64 cards has been increased. ¢Ñ Support for 1600x1200 and 1600x1280 mode has been added for VT and newer Mach64 chips. ¢Ñ Support for the auxiliary register apertune fot newer Mach64 cards has been added. ¢Ñ Support for the I128 Revolution (T2R) has been added. ¢Ñ Additional acceleration for the I128 server has been added. ¢Ñ Support for sw cursor, pci, retry, 24bpp, HW cursor has been added to cirrus Laguna chipsets. ¢Ñ S3 VIRGE/MX and VIRGE/G X2 support has been added (SVGA server only). ¢Ñ support for S3 VIRGE hardware cursor added in SVGA server. ¢Ñ An S3 driver has been added to the SVGA server. ¢Ñ S3 server and SVGA/S3 server now recognize some fake S3 chips and print out a warning message. ¢Ñ XAA has been extended to support hardware cursor and provide accelerated support dashed lines and trapezoid fills. ¢Ñ Several new mouse protocols have been added to all servers. They should now support Kensington ThinkingMouse, ALPS GlidePoint, Genius NetScroll, Genius NetMouse, ASCII MieMouse, Logitech MouseMan+, Logitech FirstMouse+. This includes all buttons on these mice as well as the wheels. The wheel can be used to either create additional buttons or for z-axis indication. ¢Ñ XF86Setup now supports setting the default color depth and choosing the modes the user wants to use. ¢Ñ XF86Setup allows to select all the new mouse protocols (depending on the OS it is running on). ¡á ¸®´ª½º »ó¿¡¼­ÀÇ ÄÄÇ»ÅÍ Åë½Å°ú ÀÎÅÍ³Ý »ç¿ëÇϱâ [¼¼¿¬¿¡¼­ÀÇ Åë½Å] ÀÏ´Ü ¸ðµ©À» ¼³Á¤À» ÇؾßÇÑ´Ù. ¸ðµ©ÀÌ com4·Î ¼³Á¤µÇ¾î ÀÖ´Ù°í °¡Á¤ÇÏ°í ¸ðµ©À» ¼³Á¤ÇØ º¸°Ú´Ù. Æ÷Æ®°¡ com4 ¹øÀ̸é Linux·Î Ç¥½ÃÇϸé cua3ÀÌ µÈ´Ù "ln -s /dev/cua3 /dev/modem" À̶ó ÀÔ·ÂÇϽøé cua3°¡ modemÀ̶ó´Â ÆÄÀÏ·Î ¸µÅ©°¡ µË´Ï´Ù. ¸ðµ©¼³Á¤ÀÌ ³¡³­ ÈÄ ¼¼¿¬ options¸¦ ¼öÁ¤ÇØÁÖ¼Å¾ß ÇÒ °÷ÀÌ Àִµ¥, ¾Æ·¡¿Í °°ÀÌ µÇ°Ô ÇØÁÖ½Ã¸é µË´Ï´Ù. # lock 38400 /dev/modem defaultroute ´ÙÀ½¿¡´Â Control Panel¿¡¼­ Network ConfigurationÀ̶ó´Â ¾ÆÀÌÄÜÀ» ´õºíŬ¸¯ÇÑ ÈÄ¿¡, namesÀÇ domainÇ׸ñ¿¡´Â dacom.co.krÀ» ÀûÀ¸½Ã°í, name servers¿¡´Â 164.124.101.2¸¦, hosts¿¡ ip¿¡´Â 164.124.101.2¿Í name¿¡´Â dacom.co.krÀ» ä¿ö³ÖÀ¸½Ã¸é µË´Ï´Ù. ±×·³ seyonÀ» ½ÇÇà ½ÃÄÑ È­¸éÀ» º¸¸é¼­ ÇÏ°Ú½À´Ï´Ù. Å͹̳θðµå(hanterm)¿¡¼­ "seyon"À» ÀÔ·ÂÇÕ´Ï´Ù. ¾Æ·¡ÀÇ È­¸éÀÌ ¼¼¿¬ÀÇ Ãʱâ È­¸éÀÔ´Ï´Ù. ?ÀüÈ­¹øÈ£ºÎ?¿¡¼­ »ç¿ëÇϽðíÀÚÇÏ´Â BBS¹øÈ£¸¦ ¼±ÅÃÇϽðųª Á÷Á¢ ÀÔ·ÂÇϼż­, ¿¬°áÀ» ÇÏ°Ú½À´Ï´Ù. 01421¹ø õ¸®¾ÈÀ¸·Î ¿¬°áÀ» ÇÏ°Ú½À´Ï´Ù. ±×·³ CONNECT¶õ ¸»ÀÌ ³ª¿À°í ³­ ´ÙÀ½¿¡ Chollian Net________________ 1. õ¸®¾È (Chollian) 11. ¸ÅÁ÷¸µÅ© (EDI,Æß/Ȩ¹ðÅ·¼­ºñ½º) x. Á¾·á (Disconnect) °¡ ³ª¿À´Â È­¸éÀÌ º¸ÀÔ´Ï´Ù. ±×·³ 1¹øÀ» ¼±ÅÃÇÏ¸é »ç¿ëÀÚ ¾ÆÀ̵ð¿Í ºñ¹Ð¹øÈ£¸¦ ¹°¾î º¾´Ï´Ù. ¨ê Wabi Description : ¸®´ª½º¿¡¼­ ¸¶ÀÌÅ©·Î ¼ÒÇÁÆ® Windows 3.x ÀÀ¿ëÇÁ·Î±×·¥À» µ¹¸®±â À§ÇÑ µ¥½ºÅ©Å¾ ¼Ö·ç¼Ç. URL : http://www.caldera.com/tech-ref/wabi/resources.html ¨ë Wine Description : ¸®´ª½º¿¡¼­ Windows 3.x ÀÀ¿ëÇÁ·Î±×·¥À» µ¹¸± ¼ö ÀÖµµ·Ï ÇØÁÖ´Â ¸®´ª½º ¾îÇø®ÄÉÀ̼Ç. URL : http://www.winehq.com/ 4. FTP Sites sunsite.unc.edu Chapel Hill¿¡ ÀÖ´Â North Carolina´ëÇб³. tsx-11.mit.edu Massachusetts Institute of Technology(MIT) alpha.gnu.org ftp.gnu.org ftp.kreonet.re.kr ftp.kaist.ac.kr Çѱ¹°úÇбâ¼ú¿¬±¸¼Ò ftp.sogang.ac.kr ¼­°­´ëÇб³ 5. Graphics ¨ç Ansi Description : Ansi drawer ÀÌ´Ù. URL : ftp://sunsite.unc.edu/pub/Linux/apps/graphics/draw/ ¨è Gimp Description : ±×·¡ÇÈ ÇÁ·Î±×·¥ÀÇ ÃÖ°íÀÌ´Ù. ¸¹Àº »ç¶÷µéÀÌ ¸¶Áö¸· ¹öÀüÀÇ Photoshopº¸´Ù Gimp 1.0ÀÌ ´õ ÁÁ´Ù°í ÇÒ Á¤µµÀÌ´Ù. URL : http://xcf.berkeley.edu/~gimp/ ¨é ImageMagick Description : Image converter/viewer ÀÌ´Ù. ¸Å¿ì ÈǸ¢ÇÑ ÅøÀÌ´Ù. URL : ftp://ftp.wizards.dupont.com/pub/ImageMagick/linux/ ¨ê Mind's Eye Description : ¸¸ÀÏ Gimp°¡ 2-D ±×·¡ÇÈÀÇ ÃÖ°í¶ó¸é, ÀÌ°ÍÀº 3-D ±×·¡ÇÈÀÇ ÃÖ°íÀÌ´Ù. URL : http://www.ptf.hro.nl/free-d/ ¨ë PostShop Description : ÀÌ°ÍÀº Postscript¿Í PDF¿Í À̹ÌÁö ÆÄÀϵîÀ» ½±°Ô ÇÁ¸°Æ®ÇÏ°Ô ÇØÁØ´Ù. URL : http://www.vividata.com/postshop.html ¨ì Scanshop Description : ÀÌ°ÍÀº 70Á¾ÀÇ ½ºÄ³³Ê ¸ðµ¨À» Á¦°øÇÏ´Â µå¶óÀ̹ö¸¦ °¡Áö°í ÀÖ´Ù. URL : http://www.vividaya.com/scanshop.html ¨í X-LoadImage(XLi) Description : ÀÌ°ÍÀº xvº¸´Ù ºü¸£°í Å« ±×¸²À» ´Ù·ç±â ½±´Ù. ±×·¯³ª ¸Å¿ì °£´ÜÇÑ ÇÁ·Î±×·¥ÀÌ´Ù. URL : ftp://sunsite.unc.edu/Linux/apps/graphics/viewers/X/Related ¨î XV Description : ÀÌ°ÍÀº ¹ú½á ´ç½ÅÀÌ °¡Áö°í ÀÖÀ» ¸¸Å­ ³Ê¹«³ª ÀϹÝÀûÀÎ ±×·¡ÇÈ ÇÁ·Î±×·¥ÀÌ´Ù. ºü¸£°í picture viewerÀÇ ¸ðµç Ư¼ºÀ» Áö´Ï°í ÀÖ´Ù. URL : http://www.sun.com/sunsoft/catlink/xv/xv.html 6. Link ¨ç LAUP (Linux Application and Utilities Page) Description : Shell, Desk and File Utilities°¡ ¸µÅ©µÇ¾î ÀÖ´Ù.. URL : http://www.xnet.com/~blatura/Linapp2.html#file ¨è Linux Application Description : Linux software°¡ ºÐ¾ßº°·Î ¸µÅ©µÇ¾î ÀÖ´Ù. URL : http://www.linuxapps.com ¨é Linux Database List Description : Linux/Uinx Database List. URL : http://linas.org/linux/db.html ¨ê Linux FTP Watcher Description : ¸®´ª½º ¾îÇø®ÄÉÀ̼ǵéÀÌ ÀÖ´Â FTP°¡ ¸µÅ© µÇ¾îÀÖ´Ù. URL : http://lfw.linuxhq.com/ ¨ë Linux Link by Good Description : ºÐ¾ßº°·Î ¸µÅ© µÇ¾îÀÖ´Ù. URL : http://www.linuxlinks.com/ ¨ì Linux-OS of the Future Description : ¸µÅ© »çÀÌÆ®. URL : http://www.microgear.net/xo/ ¨í Linux Software Encyclopedia Description : A-Z±îÁöÀÇ Linux software°¡ Á¤¸®, ¸µÅ© µÇ¾îÀÖ´Ù. URL : http://stommel.tamu.edu/~baum/linuxlist/linuxlist/linuxlist.html ¨î Linux Software Map Description : Linux SoftwareµéÀÌ ºÐ¾ßº°·Î ¸µÅ© µÇ¾îÀÖ´Ù. ´Ù¸¥ ¸µÅ© »çÀÌÆ®µµ ¸µÅ© µÇ¾îÀÖ¾î ±²ÀåÈ÷ Á¤º¸°¡ dzºÎÇÏ´Ù. URL : http://www.linuxresources.com/apps/index.html ¨ï Linux Software Map Description : Linux SoftwareµéÀÌ ¸µÅ© µÇ¾îÀÖ´Ù. °Ë»ö °¡´ÉÇÏ´Ù. URL : http://www.boutell.com/lsm/ ¨ð SAL (Scientific Applications on Linux) Description : ÀÌ°÷Àº °úÇÐÀÚ³ª °¡¼úÀÚµéÀÌ Èï¹ÌÀÖÀ» ¸¸ÇÑ Linux softwareµéÀÌ ¸µÅ©µÇ¾îÀÖ°í, Á¤º¸°¡ ¸ð¾ÆÁ® ÀÖ´Ù. URL : http://bioinfo.bioneer.com/sal/ 7. Multimedia ¨ç TK3Play Description : ¸Å¿ì ÈǸ¢ÇÑ Mpeg3 PlayerÀÌ´Ù. Á¦¾î°¡ ¿ëÀÌÇÏ´Ù. URL : http://www.mpeg3.org/main.html ¨è WorkMan Description : ¸Å¿ì ÈǸ¢ÇÑ XView CD PlayerÀÌ´Ù. URL : ftp://sunsite.unc.edu/pup/Linux/apps/sound/cdrom/X/ ¨é X-Anim Description : X¸¦ À§ÇÑ animation playerÀÌ´Ù. ´Ù¾çÇÑ Æ÷¸ËÀ» Áö¿øÇÑ´Ù. ºü¸£°í ¾ÈÁ¤ÀûÀÌ´Ù. URL : http://smurfland.cit.buffalo.edu/xanim/home.html ¨ê XView Mpeg Description : mpeg movie playerÀÌ´Ù. Ưº°ÇÑ °ÍÀº ¾ø´Ù. URL : ftp://sunsite.unc.edu/pub/Linux/apps/graphics/viewers/X/ ¨ë X11amp Description : X¿ë mp3 playerÀÌ´Ù. ¸ð¾çÀº winamp¿Í °°´Ù. URL : http://www.x11amp.bz.nu/ 8. Office ¨ç Andrew Description : ¿öµåÇÁ·Î¼¼¼­ÀÌ´Ù. URL : http://www.cs.cmu.edu/~AUIS/ ¨è Applixware Description : office suite ÆÐÅ°ÁöÀÌ´Ù. URL : http://www.applixware.com/ ¨é Emacs Description : ±²ÀåÈ÷ ´Ù±â´É ¿¡µðÅÍÀÌ´Ù. URL : http://www.xemacs.org/ ¨ê LyX Description : LaTeXÀ» »ç¿ëÇÏ´Â ¿öµåÇÁ·Î¼¼¼­ÀÌ´Ù. URL : http://www.lehigh.edu/~dlj0/Lyrix.html ¨ë MacroCalc Description : ½ºÇÁ·¹µå½ÃÆ®ÀÌ´Ù. Lotus123¿ÍÀÇ È£È¯¼ºÀÌ ÀÖ´Ù. URL : http://home.t-online.de/home/Axel-Reihold/#mc ¨ì StarOffice for Linux Description : StarDivision¿¡¼­ ³ª¿Â ¿Ïº®ÇÑ office suite ÆÐÅ°ÁöÀÌ´Ù. ¿ë·®ÀÌ ²Ï Å©°í ¸Å¿ì ´À¸®´Ù. URL : http://www.stardivision.com/ 9. ÇÑ±Û & ¹®¼­ ¨ç GNU Documentation Description : GNU ProgramÀÇ ¸ðµç ¹®¼­°¡ ÀÖ´Ù. URL : http://www.delorie.com/gnu/docs/ ¨è KIMS (Korean Input Method Server) Description : KIMS for Linux´Â ¸» ±×´ë·Î Linnux XFree86 3.1.2ÀÌ»ó(X1186)¿¡¼­ »ç¿ë°¡´ÉÇÑ ÇѱÛÀԷ±âÀÌ´Ù. ÇÑ±Û ÀԷ±â¶õ XIM(X Input Method)À̶õ ÇÁ·ÎÅäÄÝÀÇ ±³È¯À» ÅëÇØ I18NµÈ X ClientÀÇ ¼öÁ¤ ¾øÀÌ ÇѱÛÀ» ÀÔ·Â ÇÒ ¼ö ÀÖ´Â ¾îÇø®ÄÉÀ̼ÇÀÌ´Ù. URL : http://www.iworld.net/~bumchul/kims.html ¨é KLDP (Korean Linux Documentation Project) Description : ¿µ¹®¹®¼­ ¹ø¿ª ¶Ç´Â âÀÛ¿ø°í, ¶Ç´Â ¿©·¯ ¸®´ª½º µ¿È£È¸³ª ´º½º ±×·ìµî¿¡¼­ Á¦°øµÇ¾ú´ø °¢Á¾ °­Á µîÀÇ ¹®¼­µéÀ» Á¤¸®Çؼ­ ¸ð¾Æ ³õÀº °÷ÀÌ´Ù. URL : http://kldp.linux-kr.org/ ¨ê Linux Gazette Description : ºñ»ó¾÷¼ºÀÇ ÀÎÅÍ³Ý ¸Å°ÅÁøÀÌ´Ù. URL : http://www.redhat.com/linux-info/lg/ ¨ë Linux Journal Description : LinuxÀâÁöÀÎ Linux JounalÀÇ ÀÎÅÍ³Ý »çÀÌÆ®ÀÌ´Ù. URL : http://www.linuxjournal.com/ ¨ì Linux Weekly News Description : Linux World·ÎºÎÅÍ ÃֽŠ´º½º¸¦ ÀüÇØÁØ´Ù. URL : http://lwn.net/ ¨í MIZI Research Description : ¹ÌÁö¸®¼­Ä¡´Â À¯´Ð½º ¿î¿µÃ¼Á¦¿¡¼­ ÇÑ±Û Ã³¸®¿¡ ´ëÇÑ Á¦¹Ý ±â¼úÀ» ´Ù¸¥ °³¹ßÀÚµéÀÌ »ç¿ëÇÒ ¼ö ÀÖ´Â ÇüÅ·ΠÁ¦°øÇÑ´Ù. URL : http://mizi.co.kr/ ¨î º­·ç Description : X1186¿ë ÇÑ±Û ÀԷ±âÀÌ´Ù. URL : http://entropy.kaist.ac.kr/~jhpa°¡/byeoroo/ 10. Others ¨ç Caldera Description : Caldera Homepage URL : http://www.caldera.com/ ¨è Debian Description : Debian Homepage URL : http://www.debian.org/ ¨é GNU's Not Unix Description : GNU »çÀÌÆ®. URL : http://www.gnu.org/ ¨ê LinuxHQ Description : kernel patches. URL : http://www.linuxhq.com/ ¨ë Linux Mall Description : Linux superstore. URL : http://www.LinuxMall.com/ ¨ì Linux News Group Description : ¸¹Àº ¸®´ª½º ´º½º±×·ìÀÌ ¸µÅ©µÇ¾îÀÖ´Ù. URL : http://www.ameritech.net/users/dbarber/links.html ¨í Linux Now Description : °¡Àå ¿Ïº®ÇÑ ¸®´ª½º Âü°í»çÀÌÆ®. URL : http://www.Linuxnow.com/ ¨î Linux Online Description : Linux home pageÀÌ´Ù. ?¸®´ª½º¶õ ¹«¾ùÀΰ¡? ¿¡ ´ëÇÑ ³»¿ëºÎÅÍ À¯Áî³Ý ´º½º±×·ì, FTP»çÀÌÆ®, ÃֽŠ´º½º, Àú³Î µîÀÇ Á¾ÇÕÀûÀÎ ¸®´ª½º Á¤º¸·Î ¿î¿µµÇ´Â °÷ÀÌ´Ù. URL : http://www.linux.org/ ¨ï Redhat Description : Red-Hat Homepage URL : http://www.redhat.com