-----BEGIN PGP SIGNED MESSAGE-----

======================================================================
                                                   JPCERT-PR-2005-0002
                                                             JPCERT/CC

JPCERT/CC $B3hF035MW(B [ 2005$BG/(B1$B7n(B1$BF|(B $B!A(B 2005$BG/(B3$B7n(B31$BF|(B ]

$B=i(B  $BHG(B: 2005-04-19 (Ver.01)
$BH/9TF|(B: 2006-02-22 (Ver.02)
======================================================================

$B!x(B1. $B%$%s%7%G%s%HJs9p(B

  2005$BG/(B1$B7n(B1$BF|$+$i(B2005$BG/(B3$B7n(B31$BF|$^$G$N4V$K(B JPCERT/CC $B$,<uNN$7$?%3%s%T%e!<(B
$B%?%;%-%e%j%F%#%$%s%7%G%s%H$K4X$9$kJs9p$N7o?t$O(B 1240$B7o$G$7$?!#(B

  $BCm(B: $B$3$3$K$"$2$??t;z$O!"(BJPCERT/CC $B$,<u$1IU$1$?Js9p$N7o?t$G$9!#=>$C$F!"(B
      $B<B:]$N%"%?%C%/$NH/@87o?t$d!"Ho327o?t$rN`?d$G$-$k$h$&$J?tCM$G$O$"(B
      $B$j$^$;$s!#$^$?N`7?$4$H$N<B:]$NH/@8HfN($r<($9$b$N$G$b$"$j$^$;$s!#(B
      $B0lDj0J>e$N4|4V$KEO$k%"%/%;%9$NMWLs%l%]!<%H$b4^$^$l$k$?$a!"%"%/%;(B
      $B%9$N2s?t$HJs9p7o?t$b0lHL$KBP1~$7$^$;$s!#$^$?!"Js9p85$K$O!"9qFb30(B
      $B$N%5%$%H$,4^$^$l$^$9!#(B


I. $B%$%s%7%G%s%HJs9p$NAw?.85$K$h$kJ,N`(B

  JPCERT/CC $B$,<uNN$7$?%$%s%7%G%s%HJs9p$NAw?.85$r%H%C%W%l%Y%k%I%a%$%s$G(B
$BJ,N`$7$?$b$N$N$&$A!"7o?t$NB?$$$b$N$O0J2<$NDL$j$G$9!#(B

       .net   843 $B7o(B
       .jp    226 $B7o(B
       .fr     51 $B7o(B
       .com    40 $B7o(B
       .edu    34 $B7o(B
       .br     28 $B7o(B


II. $B%$%s%7%G%s%HJs9p$h$jGI@8$7$?DLCNO"Mm(B

  JPCERT/CC $B$+$i9qFb30$N4XO"$9$k%5%$%H$KDLCNO"Mm$7$?7o?t$O(B 211$B7o$G$9!#(B
$B$3$NDLCNO"Mm?t$O!"%"%/%;%985$J$I$X$NO"MmCg2p0MMj$r4^$`%$%s%7%G%s%HJs9p(B
$B$K4p$E$$$F9T$o$l$?$b$N$G$9!#(B


III. $B%$%s%7%G%s%HJs9p$N%?%$%WJLJ,N`(B

(1) $B%W%m!<%V!"%9%-%c%s!"$=$NB>IT?3$J%"%/%;%9(B (scan)

  JPCERT/CC $B$G$O!"KI8f$K@.8y$7$?%"%?%C%/$d!"%3%s%T%e!<%?(B/$B%5!<%S%9(B/$B<eE@(B
$B$NC5::$r0U?^$7$?%"%/%;%9!"$=$NB>$NIT?3$J%"%/%;%9Ey!"%7%9%F%`$N%"%/%;%9(B
$B8"$K$*$$$F1F6A$,@8$8$J$$!"$^$?$O!"L5;k$G$-$k%"%/%;%9$K$D$$$F(B 1160$B7o$N(B
$BJs9p$r<uNN$7$F$$$^$9!#(B

        1$B7n(B    431$B7o(B
        2$B7n(B    366$B7o(B
        3$B7n(B    363$B7o(B

  $B$3$N$h$&$JC5::$O!"<+F02=%D!<%k$rMQ$$$F9-HO0O$KEO$kG$0U$N%[%9%H$KBP$7(B
$B$F9T$J$o$l$F$$$^$9!#%;%-%e%j%F%#>e$N<eE@$rJ|CV$7$F$$$k$H!"<eE@$NB8:_$r(B
$B8!=P$5$l!"%[%9%H$X$N?/F~Ey$5$^$6$^$J%"%?%C%/$r<u$1$k2DG=@-$,$"$j$^$9!#(B
$B;29MJ88%(B [1] [2] [3] [4] [5] [6] $B$r$4;2>H$/$@$5$$!#(B

       445  (microsoft-ds)             583$B7o(B (*1)
      5554  (sgi-esphttp)              363$B7o(B (*1)
      9898  (monkeycom)                356$B7o(B
      1023                             353$B7o(B (*1)
       139  (netbios-ssn)              258$B7o(B (*1)
      8967                             252$B7o(B
      1025  (blackjack)                223$B7o(B
      6129                             223$B7o(B (*2)
        80  (http)                     209$B7o(B (*1)
      2745  (urbisnet)                 179$B7o(B
      1433  (ms-sql-s)                  71$B7o(B (*1)
        22  (ssh)                       52$B7o(B (*1)
      4899  (radmin-port)               52$B7o(B
      3410  (networklenss)              44$B7o(B
      5000  (commplex-main)             43$B7o(B
      1434  (ms-sql-m)                  16$B7o(B
       135  (epmap)                     14$B7o(B (*1)
        42  (nameserver)                10$B7o(B
       $BAm9gE*$J%W%m!<%V!"%9%-%c%s(B      165$B7o(B (*3)


   (*1) $B%o!<%`$K$h$k46@w$N;n$_$d%o!<%`$J$I$K$h$C$F@_CV$5$l$?%P%C%/%I%"(B
        $B$+$i$N?/F~$N;n$_$H;W$o$l$k%"%/%;%9$,Js9p$5$l$F$$$^$9!#;29MJ88%(B
        [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19]
        [20] [21] [22] [23] [24] [25] [26] [27] [28] $B$r$4;2>H$/$@$5$$!#(B
        $B$^$?!"0J2<$N(B URL $B$b$4;2>H$/$@$5$$!#(B

        OpenSSH $B$N@H<e@-$r;H$C$?%7%9%F%`$X$N?/F~$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2005/at050003.txt

        phpBB $B$N@H<e@-$r;H$C$FEAGE$9$k%o!<%`$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2004/at040011.txt

        Windows LSASS $B$N@H<e@-$r;H$C$FEAGE$9$k%o!<%`(B W32/Sasser
        http://www.jpcert.or.jp/at/2004/at040006.txt

        Status Tracking Note TRJVN-2004-02
        W32/Sasser $B%o!<%`(B
        http://jvn.jp/tr/TRJVN-2004-02/

        JP Vendor Status Note JVNCA-2004-02
        $BBgNL$KEE;R%a!<%k$rG[?.$9$k%o!<%`(B
        http://jvn.jp/cert/JVNCA-2004-02/

        Netsky.Q $B$N%5!<%S%91?MQK832967b$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2004/at040002.txt

        Microsoft ASN.1 Library $B$N@H<e@-$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2004/at040001.txt

        TCP 139$BHV%]!<%H$X$N%9%-%c%s$NA}2C$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2003/at030007.txt

        Microsoft IIS 5.0 $B$N@H<e@-$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2003/at030003.txt

        TCP 135$BHV%]!<%H$X$N%9%-%c%s$NA}2C$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2003/at030005.txt

        Windows RPC $B$N@H<e@-$r;HMQ$9$k%o!<%`$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2003/at030006.txt

        OpenSSL $B$N@H<e@-$r;H$C$FEAGE$9$k(B Apache/mod_ssl $B%o!<%`(B
        http://www.jpcert.or.jp/at/2002/at020006.txt

        TCP 1433$BHV%]!<%H$X$N%9%-%c%s$NA}2C$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2002/at020002.txt

        Microsoft IIS $B$N@H<e@-$r;H$C$FEAGE$9$k%o!<%`(B
        http://www.jpcert.or.jp/at/2001/at010018.txt

        Microsoft IIS $B$N@H<e@-$r;H$C$FEAGE$9$k%o!<%`(B "Code Red II"
        http://www.jpcert.or.jp/at/2001/at010020.txt

        80$BHV%]!<%H(B (HTTP) $B$X$N%9%-%c%s$NA}2C$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2001/at010023.txt


   (*2) $B%j%b!<%H%3%s%H%m!<%k%=%U%H$X$N@\B3$r;n$_$?$H;W$o$l$k%"%/%;%9$N(B
        $B2DG=@-$,$"$j$^$9!#;29MJ88%(B [26] $B$r$4;2>H$/$@$5$$!#(B

   (*3) $BAm9gE*$J%W%m!<%V%9%-%c%s$H$O!"F10lH/?.85$+$i$NJ#?t%]!<%H$KBP$9(B
        $B$k%9%-%c%s$J$I!"$$$/$D$+$N%W%m!<%V%9%-%c%s>pJs$r$^$H$a$F$4Js9p(B
        $B$$$?$@$$$?$b$N$G$9!#(B


(2) $BAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[Aw(B (forged)

  JPCERT/CC $B$G$O!":9=P?M%"%I%l%9$J$I$NAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$N(B
$BG[Aw$K$D$$$F(B 1$B7o$NJs9p$r<uNN$7$F$$$^$9!#(B

  $BEE;R%a!<%k$NAw?.%X%C%@$r:>>N$7$F!"%a!<%k$NCf7Q$K$O4XM?$7$F$$$J$$Bh;0(B
$B$N%5%$%H$X$N%a!<%kG[Aw$,9T$J$o$l$F$$$^$9!#$3$N7k2L!"B?NL$N%(%i!<%a!<%k(B
$B$,:n@.$5$l!"7W;;5!;q8;$d%M%C%H%o!<%/NN0h$,>CHq$5$l$k2DG=@-$,$"$j$^$9!#(B

  $B$^$?!":9=P?M%"%I%l%9$r:>>N$5$l$?>l9g!"$3$l$i$N%a!<%k$NH/?.85$G$"$k$H(B
$B$$$&5?$$$r$b$?$l$k2DG=@-$,$"$j$^$9!#Aw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[(B
$BAw$K$D$$$F$O;29MJ88%(B [20] [22] [29] $B$r$4;2>H$/$@$5$$!#(B


(3) $B%7%9%F%`$X$N?/F~(B (intrusion)

  JPCERT/CC $B$G$O!"4IM}<T8"8B$NEpMQ$,G'$a$i$l$k>l9g$r4^$`%7%9%F%`$X$N?/(B
$BF~$K$D$$$F(B 3$B7o$NJs9p$r<uNN$7$F$$$^$9!#(B

  $B?/F~$r<u$1$?>l9g$NBP1~$K$D$$$F$O!"0J2<$N(B URL $B$G8x3+$7$F$$$kJ8=q!V%3(B
$B%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~!W$N(B V. $B$*$h$S(B VI. $B$r;2>H$7(B
$B$F$/$@$5$$!#(B

        $B%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~(B
        http://www.jpcert.or.jp/ed/2002/ed020002.txt

  $B:#2s<uNN$7$?Js9p$K$*$$$F!"?/F~8e$K9T$J$o$l$?A`:n$H$7$F;XE&$5$l$F$$$k(B
$B9T0Y$N$&$A!"<g$J$b$N$r0J2<$K>R2p$7$^$9!#(B

    - $B%7%9%F%`$N2~$6$s(B ($B%U%!%$%k$NCV$-49$(!"%m%0$N>C5n!"(BWeb$B%Z!<%8$N2~(B
      $B$6$s$J$I(B)

    - $B%5!<%P%W%m%0%i%`$N%$%s%9%H!<%k(B ($B%P%C%/%I%"$N@_CV$J$I(B)


(4) Web $B56Au:>5=(B (phishing)

  JPCERT/CC $B$G$O!"6d9T$J$I$N%5%$%H$G$"$k$H:>>N$7$F!"(BWeb $B$N%U%)!<%`$J$I(B
$B$+$iF~NO$5$l$?8}:BHV9f$d%-%c%C%7%e%+!<%I$N0E>ZHV9f$H$$$C$?8D?M>pJs$rEp(B
$B$_<h$k(B Web $B56Au:>5=$K$D$$$F(B 36$B7o$NJs9p$r<uNN$7$F$$$^$9!#(B

  Web $B56Au:>5=$KMQ$$$k(B Web $B%5%$%H$N9=C[$rL\E*$H$7$F!"%7%9%F%`$X$N?/F~(B
$B$,9T$o$l$k$3$H$,$"$j$^$9!#(B

        Web $B56Au:>5=(B (phishing) $B$NF'$_Bf%5!<%P$K4X$9$kCm0U4-5/(B
        http://www.jpcert.or.jp/at/2005/at050002.txt

  $B%7%9%F%`$,(B Web $B56Au:>5=$KMQ$$$i$l$?>l9g$NBP1~$K$D$$$F$O!"0J2<$N(B URL
$B$G8x3+$7$F$$$kJ8=q!V%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~!W$N(B
V. $B$*$h$S(B VI.$B$r;2>H$7$F$/$@$5$$!#(B

        $B%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$X$NBP1~(B
        http://www.jpcert.or.jp/ed/2002/ed020002.txt


  $B$^$?!"(BWeb $B56Au:>5=$KBP$9$k(B Web $B%V%i%&%6$N@_Dj$K4X$7$F$O!"0J2<$N;29M(B
$BJ88%(B [30] $B$r$4;2>H$/$@$5$$!#(B


(5) $B$=$NB>(B (other)

  JPCERT/CC $B$G$O!">e5-(B (1) $B$+$i(B (4) $B$K4^$^$l$J$$%$%s%7%G%s%H(B ($B%3%s%T%e!<(B
$B%?%&%#%k%9$d(B SPAM $B%a!<%k$N<u?.!"2M6u@A5a!"$=$NB>$K4X$9$kLd$$9g$o$;$J$I(B)
$B$K$D$$$F(B 39$B7o$NJs9p$r<uNN$7$F$$$^$9!#(B


  $B0J>e(B (1) $B$+$i(B (5) $B$r$^$H$a$?$b$N$,!"0J2<$NI=$G$9!#(B


             scan    forged   intrusion phishing  other     Total
   -----------------------------------------------------------------
     1$B7n(B      431       0         1       11       12        455
     2$B7n(B      366       0         0       11       19        396
     3$B7n(B      363       1         2       14        8        388
   -----------------------------------------------------------------
             1160       1         3       36       39       1239


       scan      : $B%W%m!<%V!"%9%-%c%s!"$=$NB>IT?3$J%"%/%;%9(B
       forged    : $BAw?.%X%C%@$r:>>N$7$?EE;R%a!<%k$NG[Aw(B
       intrusion : $B%7%9%F%`$X$N?/F~(B
       phishing  : $BG'>Z>pJsEy$NIT@5<hF@(B
       other     : $B$=$NB>(B



$B!x(B2. $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`(B (ISDAS) $B1?MQ(B

       http://www.jpcert.or.jp/isdas/

  $B%$%s%?!<%M%C%H>e$K@_CV$7$?J#?t$N%;%s%5!<$+$iF@$i$l$k>pJs$r2r@O$9$k$H(B
$B$H$b$K!"@$$NCf$KN.I[$9$k%;%-%e%j%F%#@H<e@->pJs$J$I$r$"$o$;$FAm9gE*$KI>(B
$B2A$7$?>e$G!"%;%-%e%j%F%#M=KI4QB,$K4X$9$k>pJs$rDs6!$9$k%5!<%S%9$r9T$J$C(B
$B$F$$$^$9!#(B

I. $B%]!<%H%9%-%c%s3567(B

  $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N4QB,7k2L$O%9%-%c%s?d0\$rI=$9%0%i%U$H(B
$B$7$F(B JPCERT/CC $B$N(B Web $B%Z!<%8$rDL$8$F8x3+$7$F$$$^$9!#(B2005$BG/(B3$B7n(B16$BF|$h$j(B
$B=>Mh$h$j8x3+$7$F$$$?%"%/%;%9@h%]!<%HJL%0%i%U$K2C$(!"%"%/%;%985CO0hJL%0(B
$B%i%U$r8x3+$7$F$$$^$9!#%"%/%;%9@h%]!<%HJL%0%i%U$O%9%-%c%s%m%0$r%"%/%;%9(B
$B@h%]!<%HJL$K=87W$7!"Am7W$r%;%s%5!<$NBf?t$G3d$C$?J?6QCM$rMQ$$:n@.$7$F$$(B
$B$^$9!#$^$?!"%"%/%;%985CO0hJL%0%i%U$O%9%-%c%s%m%0$r%"%/%;%985CO0hJL$K=8(B
$B7W$7!"Am7W$r%;%s%5!<$NBf?t$G3d$C$?J?6QCM$rMQ$$:n@.$7$F$$$^$9!#(B

        JPCERT/CC$B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N@bL@(B
        http://www.jpcert.or.jp/isdas/readme.html

  2005$BG/(B1$B7n(B1$BF|$+$i(B2005$BG/(B03$B7n(B31$BF|$^$G$N4V$K(B ISDAS $B$G4QB,$5$l$?%"%/%;%9@h(B
$B%]!<%H$*$h$S%"%/%;%985CO0h$K4X$9$kJ?6QCM$N>e0L(B1$B0L$+$i(B5$B0L$^$G$N?d0\$r0J(B
$B2<$N%0%i%U$K<($7$^$9!#(B

  - $B%"%/%;%9@h%]!<%H%0%i%U(B top1-5
        http://www.jpcert.or.jp/isdas/2005/2005q1top1-5_port.png
  - $B%"%/%;%985CO0hJL%0%i%U(B top1-5
        http://www.jpcert.or.jp/isdas/2005/2005q1top1-5_region.png

  $B$^$?!"$h$jD94|4V%0%i%U$H$7$F!"(B2004$BG/(B4$B7n(B1$BF|$+$i(B2005$BG/(B3$B7n(B31$BF|$^$G$N4|4V(B
$B$K$*$1$k!"%"%/%;%9@h%]!<%H$*$h$S%"%/%;%985CO0h$K4X$9$kJ?6QCM$N>e0L(B1$B0L$+(B
$B$i(B5$B0L$^$G$N?d0\$r0J2<$N%0%i%U$K<($7$^$9!#(B

  - $B%"%/%;%9@h%]!<%H%0%i%U(B top1-5
        http://www.jpcert.or.jp/isdas/2004/2004top1-5_port.png
  - $B%"%/%;%985CO0hJL%0%i%U(B top1-5
        http://www.jpcert.or.jp/isdas/2004/2004top1-5_region.png

II. $B$*$b$J%$%s%7%G%s%H$K$*$1$k4QB,>u67(B

  $B9-HO0O$K1F6A$9$k82Cx$J%$%s%7%G%s%H$O$"$j$^$;$s$G$7$?!#$?$@$7(B ISDAS $B%7%9(B
$B%F%`$G$O0MA3$H$7$F%o!<%`Ey$,860x$H9M$($i$l$kB??t$N%9%-%c%s$r4QB,$7B3$1$F(B
$B$*$j!"Dj>oE*$JCm0U$HKI1R$,I,MW$G$9!#(B

III. $B$=$NB>(B

(1) $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$NCO0hJL%0%i%U$rDI2C(B
  2005$BG/(B3$B7n(B16$BF|$h$j%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N8x3+%0%i%U$K%"%/%;%9(B
$B85CO0hJL%0%i%U$rDI2C$$$?$7$^$7$?!#(B

        ($B%W%l%9H/I=;qNA(B)
        JPCERT/CC $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`8x3+%G!<%?$K%"%/%;%985(B
        $BCO0hJL%0%i%U$rDI2C(B
        http://www.jpcert.or.jp/press/2005/0316.txt

(2) $B%$%s%?!<%M%C%HDjE@4QB,%7%9%F%`$N8x3+%0%i%U0lMw%Z!<%8$rDI2C(B
  2005$BG/(B3$B7n(B16$BF|$N%"%/%;%985CO0hJL%0%i%U$N8x3+$KH<$$!"%"%/%;%9@h%]!<%HJL(B
$B%0%i%U$H9g$o$;$F3NG'$9$k$3$H$,$G$-$k8x3+%0%i%U0lMw%Z!<%8$rDI2C$7$^$7$?!#(B

  - $B8x3+%0%i%U0lMw%Z!<%8(B
        http://www.jpcert.or.jp/isdas/total.html

(3) eCSIRT.net IDS $B%M%C%H%o!<%/$X$N6(NO(B

  JPCERT/CC $B$G$O!"%h!<%m%C%Q$N(B CSIRT $B%3%_%e%K%F%#(B TF-CSIRT $B$G9T$J$o$l(B
$B$F$$$k(B IDS $B%M%C%H%o!<%/$X$N5;=Q6(NO$r$7$F$$$^$9!#>\:Y$K$D$$$F$O;29MJ8(B
$B8%(B [31] [32] $B$r$4;2>H$/$@$5$$!#(B



$B!x(B3. $B@H<e@->pJsN.DL(B

  http://www.jpcert.or.jp/vh/

I. $B%3!<%G%#%M!<%7%g%s$*$h$S8x3+$7$?@H<e@->pJs(B

  2005$BG/(B1$B7n(B1$BF|$+$i(B2005$BG/(B3$B7n(B31$BF|$^$G$N4V$K!"(BJPCERT/CC $B$,F|K\9qFb$N@=IJ(B
$B3+H/<T(B ($B%Y%s%@(B) $B$J$I$N4XO"AH?%$H$N%3!<%G%#%M!<%7%g%s$r9T$J$$!"8x3+$7$?(B
$B@H<e@->pJs$O(B 21$B7o$G$9!#(B

  $B$3$N$&$A!"7P:Q;:6H>J9p<(!V%=%U%H%&%'%"Ey@H<e@-4XO">pJs<h074p=`!W$K=>$C(B
$B$F!"FHN)9T@/K!?M>pJs=hM}?d?J5!9=(B (IPA) $B$KJs9p$5$l!"8x3+$5$l$?@H<e@->p(B
$BJs$O(B 7$B7o$G$9!#(B

  JVN#23D7E89F: Norton AntiVirus $B$G%M%C%H%o!<%/6&M-%U%!%$%k$NJT=8;~$K(B OS $B0[>o=*N;(B
  JVN#C45D8EAD: Norton AntiVirus $B$GIT@5$J%U%!%$%k$N%9%-%c%s;~$K(B OS $B0[>o=*N;(B
  JVN#1F649902: McAfee$B%&%$%k%9%9%-%c%s%(%s%8%s$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVN#DD18AD07: Tomcat $B$K$*$1$k%5!<%S%95qH]$N@H<e@-(B
  JVN#8BAAAB4E: msearch $B$K$*$1$k%G%#%l%/%H%j%H%i%P!<%5%k$N@H<e@-(B
  JVN#8F8B1C85: $B%5%$%\%&%:(B Office $B$K$*$1$k%V%i%&%6%9%/%j%W%H<B9T$N@H<e@-(B
  JVN#1BF8D7AA: LDAP$B%5!<%P$N99?75!G=$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B

  $B$^$?!";D$j$N(B 14$B7o$O3$30(B CSIRT $B$H$N%Q!<%H%J!<%7%C%W$K4p$E$-!"(B
JPCERT/CC $B$,F|K\9qFb$N%Y%s%@$H$N%3!<%G%#%M!<%7%g%s$r9T$$$^$7$?!#(B

  JVNVU#698302: nfs-utils $B$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNVU#448384: ISC DHCP $B$N(B errwarn.c $B$K%U%)!<%^%C%H%9%H%j%s%0$N@H<e@-(B
  JVNVU#625878: Squid $B$K$*$$$F(B HTTP$B%l%9%]%s%9J,3d$K$h$k%-%c%C%7%e1x@w$N2DG=@-(B
  JVNVU#924198: Squid $B$K$*$1$k(B LDAP $BG'>Z%k!<%A%s$GIT@5F~NO%A%'%C%/$,E,@Z$K9T$o$l$J$$(B
  JVNVU#768702: Squid $B$K$*$$$F(B HTTP $B%X%C%@!<>pJs$,E,@Z$K=hM}$5$l$J$$(B
  JVNVU#823350: Squid $B$K$*$$$FBg$-$9$.$k1~Ez%X%C%@$N=hM}$,E,@Z$K9T$o$l$J$$(B
  JVNVU#886006: Squid $B$K$*$1$kHs>o$KD9$$(BWCCP$B%a%C%;!<%8$K4X$9$k%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNVU#726198: Linux Kernel SMB $B%U%!%$%k%7%9%F%`(B read $B%7%9%F%`%3!<%k$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNVU#702777: UW-imap$B$G%f!<%6G'>Z$,@5$7$/9T$o$l$J$$@H<e@-(B
  JVNVU#409555: Juniper $B$K%5!<%S%91?MQK832(B (DoS) $B967b$r<u$1$k@H<e@-(B
  JVNVU#938617: BIND 9.3.0$B$N(Bvalidator$B$K%5!<%S%91?MQK832(B (DoS)$B967b$r<u$1$k@H<e@-(B
  JVNVU#327633: BIND 8.4.4$B$*$h$S(B8.4.5$B$N(Bq_usedns$B$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNVU#253024: Adobe Acrobat Reader for UNIX $B$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNVU#125598: LibTIFF $B$K@0?t%*!<%P!<%U%m!<$N@H<e@-(B


II. $B3$30(B CSIRT $B$H$N@H<e@->pJsN.DL6(NOBN@)$N9=C[!"9q:]E*$J3hF0(B

  JPCERT/CC $B$G$O!"9q:]E*$JOHAH$_$K$*$1$k@H<e@->pJs$N1_3j$JN.DL$N$?$a!"(B
$B3$30$N(B CSIRT $B$N6(NO4X78$r9=C[!"6/2=$7$F$$$^$9!#6qBNE*$K$O!"Js9p$5$l$?(B
$B@H<e@->pJs$N6&M-!"%Y%s%@$X$NDLCN$N6&F1%*%Z%l!<%7%g%s!"8x3+F|$ND4@0!"3F(B
$B9q%Y%s%@>pJsEy8x3+>pJs$N6&M-$r9T$C$F$$$^$9!#$^$?!">pJsN.DL$r8zN(2=$9$k(B
$B$?$a$N6&DL%,%$%I%i%$%s$d%7%9%F%`9=C[!"%G!<%?8r49%U%)!<%^%C%H!"%"%I%P%$(B
$B%6%j$NI8=`%U%)!<%^%C%H$N:vDjEy$r6&F1$G?J$a$F$$$^$9!#(B

  $B<g$J4X785!4X$OJF9q(B CERT/CC$B!"1Q9q(B NISCC (UNIRAS) $B$G$9!#3F5!4X$N>\:Y$K(B
$B$D$$$F$O;29MJ88%(B [33] [34] $B$r$4;2>H$/$@$5$$!#$^$?0J2<$N(B URL $B$b$4;2>H$/(B
$B$@$5$$!#(B

        $B@H<e@->pJs%3!<%G%#%M!<%7%g%s35MW(B
        http://www.jpcert.or.jp/vh/


III. $BF|K\9qFb$N@H<e@->pJsN.DLBN@)$N@0Hw(B

  JPCERT/CC $B$G$O!"7P:Q;:6H>J9p<(!V%=%U%H%&%'%"Ey@H<e@-4XO">pJs<h074p=`!W(B
($B0J2<!"K\4p=`(B) $B$K=>$C$F!"F|K\9qFb$N@H<e@->pJsN.DLBN@)$r@0Hw$7$F$$$^$9!#(B
$BK\4p=`$K$D$$$F$O;29MJ88%(B [35] $B$r$4;2>H$/$@$5$$!#$^$?0J2<$N(B URL $B$b$4;2(B
$B>H$/$@$5$$!#(B

        $B@H<e@->pJs%3!<%G%#%M!<%7%g%s35MW(B
        http://www.jpcert.or.jp/vh/

        $B!V>pJs%;%-%e%j%F%#Aa4|7Y2|%Q!<%H%J!<%7%C%W!W$N1?MQ$r3+;O(B
        http://www.jpcert.or.jp/press/2004/0708.txt

        $B>pJs%;%-%e%j%F%#Aa4|7Y2|%Q!<%H%J!<%7%C%W%,%$%I%i%$%s(B
        http://www.jpcert.or.jp/vh/partnership_guide.pdf

        JPCERT/CC $B@H<e@-4XO">pJs<h$j07$$%,%$%I%i%$%s(B
        http://www.jpcert.or.jp/vh/guideline.pdf

$B<g$J3hF0$O0J2<$NDL$j$G$9!#(B

(1) $B<uIU5!4X$G$"$kFHN)9T@/K!?M>pJs=hM}?d?J5!9=(B (IPA) $B$H$NO"7H(B

  $BK\4p=`$G$O!"<uIU5!4X$K(B IPA$B!"D4@05!4X$K(B JPCERT/CC $B$,;XDj$5$l$F$$$^$9!#(B
$B$3$N$3$H$+$i!"(BJPCERT/CC $B$O(B IPA $B$H6[L)$K>pJs8r49$r9T$C$F$$$^$9!#$^$?!"(B
$B@H<e@-8!>Z%D!<%k$K4X$7$F$b(B IPA $B$H$NO"7H$N$b$HJ,@O$r9T$C$F$$$^$9!#(BIPA
$B$N>\:Y$K$D$$$F$O;29MJ88%(B [36] [37] $B$r$4;2>H$/$@$5$$!#$^$?!"(BIPA $B$+$iH/(B
$BI=$5$l$k(B 2005$BG/Bh(B1$B;MH>4|$NFO=P>u67$K$D$$$F$O!";29MJ88%(B [38] $B$r$4;2>H$/(B
$B$@$5$$!#(B


(2) $BF|K\9qFb%Y%s%@$H$NO"7H(B

  $BK\4p=`$G$O!"(BJPCERT/CC $B$,@H<e@->pJs$rDs6!$9$k@h$H$7$FF|K\9qFb$N%Y%s%@(B
$B%j%9%H(B($B@=IJ3+H/<T%j%9%H(B)$B$H$7$F3F%Y%s%@$NO"Mm@h>pJs$r@0Hw$7$F$$$^$9!#0J(B
$B2<$N(B URL $B$r$4;2>H$/$@$5$$!#(B

        JPCERT $B%3!<%G%#%M!<%7%g%s%;%s%?!<@=IJ3+H/<T%j%9%HEPO?5,Ls(B
        http://www.jpcert.or.jp/vh/agreement.pdf


(3) $BBh(B1$B2s@H<e@-4XO">pJs%O%s%I%j%s%0%o!<%/%7%g%C%W$N3+:E(B

  $B%Y%s%@%j%9%H$KEPO?$$$?$@$$$F$$$k9qFb%Y%s%@$NO"MmC4Ev<T$K$*=8$^$j$$$?(B
$B$@$-!"(B2$B7n(B1$BF|$KBh(B1$B2s@H<e@-4XO">pJs%O%s%I%j%s%0%o!<%/%7%g%C%W$r3+:E$7$^(B
$B$7$?!#$3$3$G$O@H<e@-4XO">pJs%O%s%I%j%s%06HL3$d4XO"3hF0$N:G?7>u67$r>R2p(B
$B$9$k$H$H$b$K!"%Y%s%@C4Ev<T$H$N0U8+8r49$r9T$J$$$^$7$?!#(B


(4) JP Vendor Status Notes (JVN) $B$N1?MQ(B

  JPCERT/CC $B$O(B IPA $B$H6&F1$G!"(BJVN $B$r1?MQ$7$F$$$^$9!#(BJVN $B$O!"(BJPCERT/CC
$B$,<h$j07$C$?@H<e@->pJs$K4X$7$FF|K\9qFb$N@=IJ3+H/<T$N@H<e@-$X$NBP1~>u67(B
$B$r8x3+$9$k%5%$%H$G$9!#$3$l$i$N@H<e@->pJs$K$O!"K\OHAH$_$K;22C$7$F$$$kF|(B
$BK\9qFb$N@=IJ3+H/<T$NBP1~>u67$b4^$^$l$F$*$j$^$9!#(BJVN $B$K$D$$$F$O0J2<$N(B
URL $B$r$4;2>H$/$@$5$$!#(B

        JP Vendor Status Notes (JVN)
        http://jvn.jp/

  JVN $B$G$O>e5-!V(BI. $B%3!<%G%#%M!<%7%g%s$*$h$S8x3+$7$?@H<e@->pJs!W0J30$K(B
6$B7o$N@H<e@->pJs$r8x3+$7$F$$$^$9!#(B

  JVNTA05-039A: Microsoft Windows $B%3%s%]!<%M%s%H$KB8:_$9$kJ#?t$N@H<e@-(B
  JVNVU#685456: VERITAS NetBackup $B$N(B bpjava-susvc $B$GF~NO$,E,@Z$K=hM}$5$l$J$$(B
  JVNVU#907729: Veritas Backup Exec $B$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
  JVNTA05-026A: Cisco IOS $B$K%5!<%S%91?MQK832(B (DoS) $B967b$r<u$1$kJ#?t$N@H<e@-(B
  JVNTA05-012B: Microsoft Windows$B$G(BHTML Help$B$N(BActiveX$B%3%s%H%m!<%k$K%/%m%9%I%a%$%s$N@H<e@-(B
  JVNTA05-012A: Microsoft Windows$B$G%"%$%3%s$*$h$S%+!<%=%k$N=hM}$KJ#?t$N@H<e@-(B



$B!x(B4. $B8x3+J8=q(B

  2005$BG/(B1$B7n(B1$BF|$+$i(B2005$BG/(B3$B7n(B31$BF|$^$G$N4V$K(B JPCERT/CC $B$,8x3+$7$?J8=q$O!"(B
$BCm0U4-5/(B 3$B7o!"(BJPCERT/CC $B%l%]!<%H(B 13$B7o!"5Z$SBh(B4$B;MH>4|$N3hF035MW$G$9!#>\(B
$B:Y$O0J2<$NDL$j$G$9!#(B

I. $BCm0U4-5/(B 3$B7o(B

  http://www.jpcert.or.jp/at/

  2005-02-09 Microsoft $B@=IJ$K4^$^$l$k@H<e@-$K4X$9$kCm0U4-5/(B
  2005-02-21 Web $B56Au:>5=(B (phishing) $B$NF'$_Bf%5!<%P$K4X$9$kCm0U4-5/(B
  2005-03-09 OpenSSH $B$N@H<e@-$r;H$C$?%7%9%F%`$X$N?/F~$K4X$9$kCm0U4-5/(B


II. JPCERT/CC $B%l%]!<%H(B 13$B7o(B

  http://www.jpcert.or.jp/wr/

  JPCERT/CC $B%l%]!<%HFb$G07$C$?%;%-%e%j%F%#4XO">pJs$N9`L\?t$O9g7W$7$F(B
78$B7o$G$9!#$=$N$&$A(B 13$B7o$O!V:#=5$N0l8}%a%b!W$N%3!<%J!<$G>pJs$7$?>pJs$G(B
$B$9!#(B


III. $B3hF035MW(B 1$B7o(B

  http://www.jpcert.or.jp/pr/

  2005-01-25 JPCERT/CC $B3hF035MW(B [ 2004$BG/(B10$B7n(B1$BF|(B $B!A(B 2004$BG/(B12$B7n(B31$BF|(B ]



$B!x(B5. $B$=$NB>$N3hF0(B

  2005$BG/(B1$B7n(B1$BF|$+$i(B2005$BG/(B3$B7n(B31$BF|$^$G$N4V$K(B JPCERT/CC $B$,<B;\$7$?!">e5-(B
$B!x(B1.$B!A(B4. $B0J30$N3hF0$O0J2<$NDL$j$G$9!#(B

I. JPNIC$B!&(BJPCERT/CC $B%;%-%e%j%F%#%;%_%J!<(B 2004

  http://www.jpcert.or.jp/press/2004/0721.txt

  $B<RCDK!?MF|K\%M%C%H%o!<%/%$%s%U%)%a!<%7%g%s%;%s%?!<(B (JPNIC) $B$H$N6&:E(B
$B$G!"%;%_%J!<!VIT@5?/F~$N<BBV$H6qBNE*BP:v!W$r(B 2005$BG/(B2$B7n(B3$BF|(B($BLZ(B) $B$*$h$S(B 4
$BF|(B($B6b(B) $B$KBg<jD.%5%s%1%$%W%i%6$K$*$$$F3+:E$7$^$7$?!#>\:Y$O;29MJ88%(B [39]
[40] $B$r$4;2>H$/$@$5$$!#(B


II. APSIRC 2005

  $B%"%8%"B@J?MNCO0h$N(B CSIRT (omputer Security Incident Response Team)
$B$N=8$^$j$G$"$k!"(BAPCERT (Asia Pacific Computer Emergency Response Team)
$B$NG/<!2q9g(B APSIRC (Asia Pacific Security Incident Coordination
Conference) $B$r!"(B2$B7n(B22$BF|(B($B2P(B) $B$+$i(B 24$BF|(B($BLZ(B) $B$K5~ET$G3+:E$7$^$7$?!#>\:Y$O(B
$B;29MJ88%(B [41] [42] $B$r$4;2>H$/$@$5$$!#(B


III. APCERT $B;vL36I1?1D(B

  http://www.jpcert.or.jp/english/secretariat.html

  $B%"%8%"B@J?MNCO0h$N(B CSIRT $B$N=8$^$j$G$"$k!"(BAPCERT (Asia Pacific
Computer Emergency Response Team) $B$N;vL36I$rC4Ev$7$F$$$^$9!#>\:Y$O;29M(B
$BJ88%(B [41] $B$r$4;2>H$/$@$5$$!#(B


IV. FIRST $B%l%W%j%+%5!<%P$N1?MQ(B

  FIRST (Forum of Incident Response and Security Teams) $B$N(B Web $B%5!<%P(B
www.first.org $B$N%l%W%j%+%5!<%P(B ($B%_%i!<%5!<%P(B) $B$r1?MQ$7!"(BFIRST $B$N3hF0$K(B
$B9W8%$7$F$$$^$9!#(BFIRST $B$N>\:Y$K$D$$$F$O;29MJ88%(B [43] $B$r$4;2>H$/$@$5$$!#(B


V. FIRST Sponsorship

  $B9qFb$N(B CSIRT $B$N(B FIRST $B$X$N2CLA$r;Y1g$7$F$$$^$9!#(BFIRST $B2CLA%A!<%`$K$D(B
$B$$$F$O;29MJ88%(B [44] $B$r$4;2>H$/$@$5$$!#(B


__________

Appendix. $B;29MJ88%(B

[1] IN-98.02: New Tools Used For Widespread Scans

    http://www.cert.org/incident_notes/IN-98.02.html

[2] IN-98.04: Advanced Scanning

    http://www.cert.org/incident_notes/IN-98.04.html

[3] IN-98.05: Probes with Spoofed IP Addresses

    http://www.cert.org/incident_notes/IN-98-05.html

[4] IN-98.06: Automated Scanning and Exploitation

    http://www.cert.org/incident_notes/IN-98-06.html

[5] IN-99-01: "sscan" Scanning Tool

    http://www.cert.org/incident_notes/IN-99-01.html

[6] Packet Filtering for Firewall Systems

    http://www.cert.org/tech_tips/packet_filtering.html

[7] CA-2001-19 "Code Red" Worm Exploiting Buffer Overflow in IIS Indexing Service DLL

    http://www.cert.org/advisories/CA-2001-19.html

[8] CA-2001-26 Nimda Worm

    http://www.cert.org/advisories/CA-2001-26.html

[9] IN-2002-04: Exploitation of Vulnerabilities in Microsoft SQL Server

    http://www.cert.org/incident_notes/IN-2002-04.html

[10] CA-2002-27 Apache/mod_ssl Worm

    http://www.cert.org/advisories/CA-2002-27.html

[11] AL-2002.12 W32/BUGBEAR@MM Virus

    http://www.auscert.org.au/render.html?it=2447

[12] AU-2002.008 Updated Information Regarding BugBear Virus

    http://www.auscert.org.au/render.html?it=2452

[13] IN-2002-06: W32/Lioten Malicious Code

    http://www.cert.org/incident_notes/IN-2002-06.html

[14] IN-2003-01: Malicious Code Propagation and Antivirus Software Updates

    http://www.cert.org/incident_notes/IN-2003-01.html

[15] CA-2003-04 MS-SQL Server Worm

    http://www.cert.org/advisories/CA-2003-04.html

[16] CA-2003-08 Increased Activity Targeting Windows Shares

    http://www.cert.org/advisories/CA-2003-08.html

[17] CA-2003-09 Buffer Overflow in Core Microsoft Windows DLL

    http://www.cert.org/advisories/CA-2003-09.html

[18] CA-2003-28 Buffer Overflow in Windows Workstation Service

    http://www.cert.org/advisories/CA-2003-28.html

[19] CERT/CC Current Activity W32/Welchia Worm

    http://www.cert.org/current/archive/2003/08/18/archive.html#welchia

[20] IN-2004-01: W32/Novarg.A Virus

    http://www.cert.org/incident_notes/IN-2004-01.html

[21] TA04-041A: Multiple Vulnerabilities in Microsoft ASN.1 Library

    http://www.us-cert.gov/cas/techalerts/TA04-041A.html

[22] Technical Cyber Security Alert TA04-028A

    http://www.us-cert.gov/cas/techalerts/TA04-028A.html

[23] Sasser $B%o!<%`$K$D$$$F$N$*CN$i$;(B

    http://www.microsoft.com/japan/security/incident/sasser.mspx

[24] Microsoft Windows $B$N%;%-%e%j%F%#=$@5%W%m%0%i%`(B (835732) (MS04-011)

    http://www.microsoft.com/japan/technet/security/bulletin/MS04-011.mspx

[25] US-CERT Current Activity: W32/Sasser

    http://www.us-cert.gov/current/archive/2004/06/24/archive.html#sasser

[26] Vulnerability Note VU#909678

    http://www.kb.cert.org/vuls/id/909678

[27] US-CERT Current Activity: Santy Worm

    http://www.us-cert.gov/current/archive/2004/12/21/archive.html#Santy

[28] Vulnerability Note VU#497400

    http://www.kb.cert.org/vuls/id/497400

[29] Email Bombing and Spamming

    http://www.cert.org/tech_tips/email_bombing_spamming.html

[30] Frequently Asked Questions About Malicious Web Scripts Redirected by Web Sites

    http://www.cert.org/tech_tips/malicious_code_FAQ.html

[31] TERENA - TF-CSIRT - Collaboration of Security Incident Response Teams

    http://www.terena.nl/tech/task-forces/tf-csirt/

[32] The European CSIRT Network

    http://www.ecsirt.net/

[33] CERT Coordination Center (CERT/CC)

    http://www.cert.org/

[34] National Infrastructure Security Co-ordination Centre (NISCC)

    http://www.niscc.gov.uk/

[35] $B@H<e@-4XO">pJs<h07BN@)$K$D$$$F(B

    http://www.meti.go.jp/policy/netsecurity/vulhandlingG.html

[36] $BFHN)9T@/K!?M>pJs=hM}?d?J5!9=(B

    http://www.ipa.go.jp/

[37] $B>pJs=hM}?d?J5!9=%;%-%e%j%F%#%;%s%?!<(B $B@H<e@-4XO">pJs$N<h07$$(B

    http://www.ipa.go.jp/security/vuln/

[38] $B%=%U%H%&%(%"Ey$N@H<e@-4XO">pJs$K4X$9$kFO=P>u67(B

    http://www.ipa.go.jp/security/vuln/report/vuln2005q1.html

[39] $B<RCDK!?MF|K\%M%C%H%o!<%/%$%s%U%)%a!<%7%g%s%;%s%?!<(B (JPNIC)

    http://www.nic.ad.jp/

[40] JPNIC$B!&(BJPCERT/CC $B%;%-%e%j%F%#%;%_%J!<(B 2004

    http://www.nic.ad.jp/security-seminar/

[41] Asia Pacific Computer Emergency Response Team (APCERT)

    http://www.apcert.org/

[42] APSIRC 2005

    http://www.apcert.org/apsirc2005/

[43] Forum of Incident Response and Security Teams (FIRST)

    http://www.first.org/

[44] FIRST Member Teams

    http://www.first.org/about/organization/teams/


__________

$B!c(BJPCERT/CC $B$+$i$N$*CN$i$;$H$*4j$$!d(B

  $BK\J8=q$G2r@b$7$?%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$b4^$a!"%$%s%?!<(B
$B%M%C%H>e$G0z$-5/$3$5$l$k$5$^$6$^$J%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H(B
$B$K4X$9$k>pJs$,$"$j$^$7$?$i!"(Binfo@jpcert.or.jp $B$^$G$4Ds6!$/$@$5$$$^$9$h(B
$B$&$*4j$$$7$^$9!#Js9pMM<0$K4X$7$F$O0J2<$N(B URL $B$r$4Mw$/$@$5$$(B

    http://www.jpcert.or.jp/form/

$BJs9pMM<0$K$45-:\$N$&$(!"(B

    info@jpcert.or.jp

$B$^$G$*Aw$j$/$@$5$$!#(B

  JPCERT/CC $B$KD:$$$?Js9p$O!"Js9p<T$NN;2r$J$7$K!"$=$N$^$^B>AH?%Ey$K3+<((B
$B$9$k$3$H$O$"$j$^$;$s!#(BJPCERT/CC $B$NAH?%35MW$K$D$-$^$7$F$O!"(B

    http://www.jpcert.or.jp/

$B$r$4;2>H$/$@$5$$!#(B

  JPCERT/CC $B$G$O!"%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$K4X$9$k>pJs$r?W(B
$BB.$K$4Ds6!$9$k$?$a$K!"%a!<%j%s%0%j%9%H$r3+@_$7$F$$$^$9!#EPO?$NJ}K!Ey!"(B
$B>\$7$/$O!"(B

    http://www.jpcert.or.jp/announce.html

$B$r$4;2>H$/$@$5$$!#(B

__________

$BCm(B: JPCERT/CC $B$N3hF0$O!"FCDj$N8D?M$dAH?%$NMx1W$rJ]>c$9$k$3$H$rL\E*$H$7(B
$B$?$b$N$G$O$"$j$^$;$s!#8DJL$NLdBj$K4X$9$k$*Ld$$9g$o$;Ey$KBP$7$FI,$:$*Ez(B
$B$($G$-$k$H$O8B$i$J$$$3$H$r$"$i$+$8$a$4N;>5$/$@$5$$!#$^$?!"K\7o$K4X$9$k(B
$B$b$N$b4^$a!"(BJPCERT/CC $B$X$N$*Ld$$9g$o$;Ey$,A}2C$9$k$3$H$,M=A[$5$l$k$?$a!"(B
$B$*Ez$($G$-$k>l9g$G$b$42sEz$,CY$l$k2DG=@-$,$"$k$3$H$r2?B4$4>5CN$*$-$/$@(B
$B$5$$!#(B

$BCm(B: $B$3$NJ8=q$O!"%3%s%T%e!<%?%;%-%e%j%F%#%$%s%7%G%s%H$K4X$9$k0lHLE*$J>p(B
$BJsDs6!$rL\E*$H$9$k$b$N$G$"$j!"FCDj$N8D?M$dAH?%$KBP$9$k!"8DJL$N%3%s%5%k(B
$B%F%#%s%0$rL\E*$H$7$?$b$N$G$O$"$j$^$;$s!#$^$?(B JPCERT/CC $B$O!"$3$NJ8=q$K(B
$B5-:\$5$l$?>pJs$NFbMF$,@53N$G$"$k$3$H$KEX$a$F$*$j$^$9$,!"@53N@-$r4^$a0l(B
$B@Z$NIJ<A$K$D$$$F$3$l$rJ]>Z$9$k$b$N$G$O$"$j$^$;$s!#$3$NJ8=q$K5-:\$5$l$?(B
$B>pJs$K4p$E$$$F!"5.J}$"$k$$$O5.AH?%$,$H$i$l$k9TF0(B / $B$"$k$$$O$H$i$l$J$+$C(B
$B$?9TF0$K$h$C$F0z$-5/$3$5$l$k7k2L$KBP$7$F!"(BJPCERT/CC $B$O2?$iJ]>c$rM?$($k(B
$B$b$N$G$O$"$j$^$;$s!#(B
__________

2005 (C) JPCERT/CC

  $B$3$NJ8=q$rE>:\$9$k:]$K$O!"A4J8$rE>:\$7$F$/$@$5$$!#$^$?!":G?7>pJs$K$D(B
$B$$$F$O(B JPCERT/CC $B$N(B Web $B%5%$%H(B

        http://www.jpcert.or.jp/

$B$r;2>H$7$F$/$@$5$$!#(B

  JPCERT/CC $B$N(B PGP $B8x3+80$O0J2<$N(B URL $B$+$iF~<j$G$-$^$9!#(B

        http://www.jpcert.or.jp/jpcert.asc
__________

$B2~D{MzNr(B

2006-02-22  $B!V!x(B1. $B%$%s%7%G%s%HJs9p!W%?%$%WJLJ,N`!V$=$NB>!W?tCM5-:\%_%9=$@5(B
2005-04-19  $B=iHG(B (JPCERT-PR-2005-0002)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBQ/vtqox1ay4slNTtAQEv5AP/YJSpq2UGnz4S5Ou+FdYg4+3iDPENTFw3
9m1QS2ncrC9bL6YKS43sU5BSp2pyIGLzzei1WIPsiNcvxdwqaN/BMnPWfL3r77YC
WaWB3gGitNnSiJn+hQbiyps/1+RFGJ5TrOcFPsGb4rbqZxpo4jDlS5ykzFII3uy9
8iSkYWa1VWA=
=AbcT
-----END PGP SIGNATURE-----