{"id":44632,"date":"2021-12-16T13:14:09","date_gmt":"2021-12-16T04:14:09","guid":{"rendered":"https:\/\/jirak.net\/wp\/aws-%eb%b3%b4%ec%95%88-%ec%84%9c%eb%b9%84%ec%8a%a4%eb%a5%bc-%ec%82%ac%ec%9a%a9%ed%95%9c-log4j-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9c%bc%eb%a1%9c%eb%b6%80%ed%84%b0-%ec%9c%84%ed%97%98-%eb%85%b8%ec%b6%9c\/"},"modified":"2021-12-16T13:34:11","modified_gmt":"2021-12-16T04:34:11","slug":"aws-%eb%b3%b4%ec%95%88-%ec%84%9c%eb%b9%84%ec%8a%a4%eb%a5%bc-%ec%82%ac%ec%9a%a9%ed%95%9c-log4j-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9c%bc%eb%a1%9c%eb%b6%80%ed%84%b0-%ec%9c%84%ed%97%98-%eb%85%b8%ec%b6%9c","status":"publish","type":"post","link":"https:\/\/jirak.net\/wp\/aws-%eb%b3%b4%ec%95%88-%ec%84%9c%eb%b9%84%ec%8a%a4%eb%a5%bc-%ec%82%ac%ec%9a%a9%ed%95%9c-log4j-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9c%bc%eb%a1%9c%eb%b6%80%ed%84%b0-%ec%9c%84%ed%97%98-%eb%85%b8%ec%b6%9c\/","title":{"rendered":"AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud55c Log4j \ucde8\uc57d\uc810\uc73c\ub85c\ubd80\ud130 \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c, \uac10\uc9c0 \ubc0f \ub300\uc751 \ubc29\ubc95"},"content":{"rendered":"<p>AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud55c Log4j \ucde8\uc57d\uc810\uc73c\ub85c\ubd80\ud130 \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c, \uac10\uc9c0 \ubc0f \ub300\uc751 \ubc29\ubc95<br \/>\n<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jirak.net\/wp\/wp-content\/uploads\/2021\/12\/image1-v2-3.jpg\" width=\"749\" height=\"503\"><\/p>\n<p><span>\uc774 \uae00\uc5d0\uc11c\ub294 \ucd5c\uadfc \uacf5\uac1c\ub41c Apache log4j2 \ucde8\uc57d\uc810\uc5d0 \ub300\uc751\ud558\ub294 AWS \uace0\uac1d\uc5d0\uac8c \ub3c4\uc6c0\uc774 \ub420 \uc218 \uc788\ub294 \ub300\uc751 \ubc29\ubc95\uc744 \uc548\ub0b4\ud574 \ub4dc\ub9ac\uaca0\uc2b5\ub2c8\ub2e4. Log4j \ucde8\uc57d\uc131\uc758 \uc704\ud5d8\uc744 \uc81c\ud55c\ud558\uae30 \ubc29\ubc95, \ubb38\uc81c\uc5d0 \ucde8\uc57d\ud55c\uc9c0 \uc2dd\ubcc4\ud558\ub294 \ubc29\ubc95, \uc801\uc808\ud55c \ud328\uce58\ub85c \uc778\ud504\ub77c\ub97c \uc5c5\ub370\uc774\ud2b8 \ubc29\ubc95\uc5d0 \ub300\ud574 \uc124\uba85\ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span><a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\">Apache Log4j<\/a> \ucde8\uc57d\uc810(CVE-2021-44228, CVE-2021-45046)\uc740 \uce58\uba85\uc801\uc778 \ucde8\uc57d\uc810(<\/span><a href=\"https:\/\/nvd.nist.gov\/vuln-metrics\/cvss\/v3-calculator?name=CVE-2021-44228&amp;vector=AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H&amp;version=3.1&amp;source=NIST\" target=\"_blank\" rel=\"noopener noreferrer\"><span>CVSS 3.1 <\/span><\/a><span>\uc720\ube44\ucffc\ud130\uc2a4 \ub85c\uae45 \ud50c\ub7ab\ud3fc \uc810\uc218 10.0)\uc785\ub2c8\ub2e4&nbsp;<\/span> <span>. \uc774 \ucde8\uc57d\uc810\uc744 \ud1b5\ud574 \uacf5\uaca9\uc790\ub294 \ucde8\uc57d\ud55c \ud50c\ub7ab\ud3fc\uc5d0\uc11c \uc6d0\uaca9 \ucf54\ub4dc \uc2e4\ud589\uc744 \uc218\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ubc84\uc804 2.0-beta-9\uc640 2.15.0 \uc0ac\uc774\uc758 Log4j \ubc84\uc804 2\uac00 \uc774 \ucde8\uc57d\uc810\uc758 \uc601\ud5a5\uc744 \ubc1b\uc2b5\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\ubcf8 \ucde8\uc57d\uc810\uc740 <\/span><span>\uc77c\ubc18\uc801\uc73c\ub85c \ub514\ub809\ud1a0\ub9ac(LDAP \ub514\ub809\ud1a0\ub9ac)\ub97c \ud1b5\ud574 \ub370\uc774\ud130\ub97c \ucc3e\uae30 \uc704\ud574 Java \ud504\ub85c\uadf8\ub7a8\uc5d0\uc11c \uc0ac\uc6a9\ud558\ub294 <a href=\"https:\/\/en.wikipedia.org\/wiki\/Java_Naming_and_Directory_Interface\" target=\"_blank\" rel=\"noopener noreferrer\">Java Naming and Directory Interface<\/a> (JNDI)\ub97c \uc0ac\uc6a9\ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\uc544\ub798 \uadf8\ub9bc 1\uc740 Log4j JNDI \uacf5\uaca9 \ud750\ub984\uc744 \ubcf4\uc5ec\uc90d\ub2c8\ub2e4. <\/span><\/p>\n<div id=\"attachment_23590\" class=\"wp-caption aligncenter\">\n <img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-23590\" src=\"https:\/\/d2908q01vomqb2.cloudfront.net\/22d200f8670dbdb3e253a90eee5098477c95c23d\/2021\/12\/15\/image1-v2-3.jpg\" alt=\"\uadf8\ub9bc 1. Log4j \uacf5\uaca9 \uc9c4\ud589 \uc0c1\ud669\" width=\"749\" height=\"503\" aria-describedby=\"caption-attachment-23590\"><\/p>\n<p id=\"caption-attachment-23590\" class=\"wp-caption-text\"><span>\uadf8\ub9bc 1. Log4j \uacf5\uaca9 \uc9c4\ud589 \uc0c1\ud669. <\/span><em><span>\ucd9c\ucc98: GovCERT.ch, \uc2a4\uc704\uc2a4 \uc815\ubd80 \ucef4\ud4e8\ud130 \ube44\uc0c1 \ub300\uc751\ud300(GovCERT) <\/span><\/em><\/p>\n<\/div>\n<p><strong>AWS\ub294 \uc989\uac01\uc801\uc73c\ub85c <a href=\"https:\/\/aws.amazon.com\/ko\/blogs\/korea\/aws-security-bulletins-cve-2021-44228\/\">Apache Log4j2 \ubcf4\uc548 \uc774\uc288 (CVE-2021-44228) \ub300\uc751 \uacf5\uc9c0<\/a>\ub97c \uc8fc\uae30\uc801\uc73c\ub85c \uc5c5\ub370\uc774\ud2b8\ud558\uace0, <\/strong><span><strong> Log4j 2.0+\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc2e4\ud589 \uc911\uc778 <a href=\"https:\/\/aws.amazon.com\/ko\/blogs\/korea\/aws-security-bulletins-cve-2021-44228\/#hotpatch\">JVM \ud56b\ud328\uce58 \ub3c4\uad6c<\/a>\ub97c \uc81c\uacf5\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4. \ub354 \uc790\uc138\ud55c \uc0ac\ud56d\uc740 \ud55c\uad6d\uc5b4 \ub300\uc751 \uacf5\uc9c0\ub97c \uacc4\uc18d \ud655\uc778\ud574 \uc8fc\uc2dc\uae30 \ubc14\ub78d\ub2c8\ub2e4.<\/strong><br \/> <\/span><\/p>\n<h2><span>1. \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c \ubc29\ubc95<br \/> <\/span><\/h2>\n<p><span>AWS \uace0\uac1d\uc740 \uc5ec\ub7ec AWS \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud558\uc5ec Log4j \ucde8\uc57d\uc810\uc73c\ub85c \uc778\ud55c \uc704\ud5d8\/\ub178\ucd9c\uc744 \uc81c\ud55c\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uace0\uac1d\uc740 \uacc4\uce35\ud654\ub41c \uc81c\uc5b4 \uc811\uadfc \ubc29\uc2dd\uc744 \uad6c\ucd95\ud558\uace0 \ub178\ucd9c\uc744 \uc81c\ud55c\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub418\ub3c4\ub85d \uc544\ub798\uc5d0 \uc2dd\ubcc4\ub41c \uc81c\uc5b4\ub97c \uc120\ud0dd\ud558\uace0 \uc120\ud0dd\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. <\/span><\/p>\n<h3><span>AWS WAF <\/span><\/h3>\n<p><span>AWS \uace0\uac1d\uc740 <\/span><a href=\"https:\/\/aws.amazon.com\/waf\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>AWS Web Application Firewall<\/span><\/a><span>\uc774 \uc81c\uacf5\ud558\ub294 <\/span><a href=\"https:\/\/docs.aws.amazon.com\/waf\/latest\/developerguide\/aws-managed-rule-groups-list.html\" target=\"_blank\" rel=\"noopener noreferrer\"><span>WAF\uc6a9 \uad00\ub9ac\ud615 \uaddc\uce59<\/span><\/a><span>\uc744 \ud1b5\ud574 <\/span><a href=\"https:\/\/aws.amazon.com\/cloudfront\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon CloudFront <\/span><\/a><span>\ubc30\ud3ec\uc9c0\uc810, <\/span><a href=\"https:\/\/aws.amazon.com\/api-gateway\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon API Gateway <\/span><\/a><span>REST API, <\/span><a href=\"https:\/\/aws.amazon.com\/elasticloadbalancing\/application-load-balancer\/?nc=sn&amp;loc=2&amp;dn=2\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Application Load Balancer <\/span><\/a><span>\ub610\ub294 <\/span><a href=\"https:\/\/aws.amazon.com\/appsync\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>AWS AppSync <\/span><\/a><span>GraphQL API \ub9ac\uc18c\uc2a4\ub97c \ubcf4\ud638\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. <\/span><\/p>\n<ul>\n<li><span>AWSManagedRulesKnownBadInputsRuleSet <\/span><span>\u2013 <\/span><span>Log4JRCE <\/span><span>Log4j \ucde8\uc57d\uc810\uc758 \uc874\uc7ac\uc5d0 \ub300\ud55c \uc694\uccad\uc744 \uac80\uc0ac\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \uaddc\uce59. \uc608\uc2dc \ud328\ud134\uc5d0\ub294 <\/span><span>${jndi:ldap:\/\/example.com\/}\uc774 \ud3ec\ud568 <\/span><span>\ub429\ub2c8\ub2e4. <\/span><\/li>\n<li><span>AWSManagedRulesAnonymousIpList <\/span><span>\u2013 <\/span><span>AnonymousIPList <\/span><span>\ud074\ub77c\uc774\uc5b8\ud2b8 \uc815\ubcf4\ub97c \uc775\uba85\ud654\ud558\ub294 \uac83\uc73c\ub85c \uc54c\ub824\uc9c4 \uc18c\uc2a4\uc758 IP \uc8fc\uc18c\ub97c \uac80\uc0ac\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \uaddc\uce59\uc785\ub2c8\ub2e4. <\/span><\/li>\n<li><span>AWSManagedRulesCommonRuleSet&nbsp; <\/span>\u2013 <span>SizeRestrictions_BODY <\/span><span>\uaddc\uce59 \uc694\uccad \ubcf8\uccb4 \ud06c\uae30\uac00 \uac00\uc7a5 8\ud0ac\ub85c\ubc14\uc774\ud2b8 (8192 \ubc14\uc774\ud2b8)\uc5d0\uc788\ub294 \uac83\uc744 \ud655\uc778\ud569\ub2c8\ub2e4. <\/span><\/li>\n<\/ul>\n<p><span>AWS WAF Classic\uc744 \uc0ac\uc6a9\ud558\ub294 \uace0\uac1d\uc758 \uacbd\uc6b0, AWS WAF\ub85c \ub9c8\uc774\uadf8\ub808\uc774\uc158\ud558\uac70\ub098 \uc0ac\uc6a9\uc790 \uc9c0\uc815 \uc815\uaddc\uc2dd \uc77c\uce58 \uc870\uac74\uc744 \uc0dd\uc131\ud574\uc57c \ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\uba40\ud2f0 \uacc4\uc815\uc744 \uac00\uc9c4 AWS \uace0\uac1d\uc740 <\/span><a href=\"https:\/\/aws.amazon.com\/blogs\/security\/centrally-manage-aws-waf-api-v2-and-aws-managed-rules-at-scale-with-firewall-manager\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>\uc911\uc559 \uc9d1\uc911 \uad00\ub9ac \uc9c0\uce68<\/span><\/a><span>\uc5d0 \ub530\ub77c, <\/span><a href=\"https:\/\/docs.aws.amazon.com\/waf\/latest\/developerguide\/fms-chapter.html\" target=\"_blank\" rel=\"noopener noreferrer\"><span>AWS Firewall Manager<\/span><\/a><span>\ub97c \uc0ac\uc6a9 \ud558\uc5ec \ud68c\uc0ac \ub0b4 \uc804\uccb4 \uacc4\uc815\uc5d0 AWS WAF \uaddc\uce59\uc744 \ubc30\ud3ec\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. <\/span><\/p>\n<h3><span>AWS Network Firewall<br \/> <\/span><\/h3>\n<p><span>AWS \uace0\uac1d\uc740 <a href=\"https:\/\/aws.amazon.com\/network-firewall\/?whats-new-cards.sort-by=item.additionalFields.postDateTime&amp;whats-new-cards.sort-order=desc\" target=\"_blank\" rel=\"noopener noreferrer\">AWS Network Firewall<\/a>\uc744 \uc0ac\uc6a9\ud558\uc5ec <\/span><a href=\"https:\/\/suricata.io\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Suricata<\/span><\/a><span> \ud638\ud658 IDS\/IPS \uaddc\uce59\uc744 <\/span><span>\ub124\ud2b8\uc6cc\ud06c \uae30\ubc18 \ud0d0\uc9c0 \ubc0f \ubcf4\ud638\ub97c \uc704\ud574 \ubc30\ud3ec\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. Log4j\ub97c \ub2e4\ub8e8\ub294 \uc624\ud508 \uc18c\uc2a4 Suricata \uaddc\uce59\uc740 <a href=\"https:\/\/research.nccgroup.com\/2021\/12\/12\/log4shell-reconnaissance-and-post-exploitation-network-detection\/\">NCC Group<\/a><\/span><span>, <a href=\"https:\/\/twitter.com\/ET_Labs\/status\/1469339963871354884\">ET Labs<\/a><\/span><span> \ubc0f <a href=\"https:\/\/www.crowdstrike.com\/blog\/log4j2-vulnerability-analysis-and-mitigation-recommendations\/\">CrowdStrike<\/a>\uc5d0\uc11c \uc0ac\uc6a9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4<\/span><span>. \uc774\ub4e4 \uaddc\uce59\uc740 Log4j \ucde8\uc57d\uc810\uc758 \uc0ac\ud6c4 \uc545\uc6a9\ubfd0\ub9cc \uc544\ub2c8\ub77c, \ubaa8\ub4e0 \uc2a4\uce90\ub2dd\uc744 \uc2dd\ubcc4\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ud604\uc7ac \ub9ce\uc740 \uc591\uc758 \uc2a4\uce94\uc774 \ubc1c\uc0dd\ud558\uace0 \uc788\uc73c\ubbc0\ub85c, \uace0\uac1d \uc5ec\ub7ec\ubd84\uc740 VPC\uc5d0\uc11c \uc2e0\ub8b0\ud560 \uc218 \uc5c6\ub294 \uc778\ud130\ub137 \ub300\uc0c1\uc73c\ub85c\uc758 \uc544\uc6c3\ubc14\uc6b4\ub4dc LDAP \ud2b8\ub798\ud53d\uacfc \uac19\uc740 \uc7a0\uc7ac\uc801\uc778 \uc545\uc6a9 \ud65c\ub3d9\uc5d0 \uba3c\uc800 \uc2dc\uac04\uc744 \uc9d1\uc911\ud560 \uac83\uc744 \uad8c\uc7a5\ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\ub610\ud55c, \uace0\uac1d \uc5ec\ub7ec\ubd84\uaed8\uc11c\ub294 LDAP\uc640 \uac19\uc740 \ud504\ub85c\ud1a0\ucf5c\uc758 \uc778\uc2a4\ud134\uc2a4\uac00 53, 80, 123 \ubc0f 443\uacfc \uac19\uc740 \ube44\ud45c\uc900 LDAP \ud3ec\ud2b8\ub97c \uc0ac\uc6a9\ud558\uc9c0 \ubabb\ud558\ub3c4\ub85d \ubaa8\ub2c8\ud130\ub9c1\ud558\uac70\ub098 \ubc29\uc9c0\ud558\ub294 \uc544\uc6c3\ubc14\uc6b4\ub4dc \ud3ec\ud2b8\/\ud504\ub85c\ud1a0\ucf5c \uc2dc\ud589 \uaddc\uce59 \uc2dc\ud589\uc744 \uace0\ub824\ud558\uc2dc\uae38 \uad8c\uc7a5\ud569\ub2c8\ub2e4. \ud3ec\ud2b8 1389 \uc544\uc6c3\ubc14\uc6b4\ub4dc \uc0ac\uc6a9\uc744 \ubaa8\ub2c8\ud130\ub9c1\ud558\uac70\ub098 \ubc29\uc9c0\ud558\ub294 \uac83\uc740 \uba85\ub839 \ubc0f \uc81c\uc5b4 \ud638\ucd9c\uc744 \uc544\uc6c3\ubc14\uc6b4\ub4dc\ub85c \ub9cc\ub4e4\uae30 \uc704\ud574 \uc778\ud130\ub137 \uc2a4\uce90\ub108\uc5d0 \uc758\ud574 \ud2b8\ub9ac\uac70\ub41c \uc2dc\uc2a4\ud15c\uc744 \uc2dd\ubcc4\ud558\ub294 \ub370 \uc720\uc6a9\ud569\ub2c8\ub2e4. \ub610\ud55c, \uc911\uc694 \uc5c5\ubb34\uac00 \uc544\ub2cc \uc2dc\uc2a4\ud15c\uc740 \uae30\ubcf8\uc801\uc73c\ub85c \uc778\ud130\ub137\uc5d0 \ub300\ud55c \ub124\ud2b8\uc6cc\ud06c \ud638\ucd9c\uc744 \ud558\uc9c0 \uc54a\ub3c4\ub85d \uc124\uc815\ud558\uae30\ub97c&nbsp; \uad8c\uc7a5\ud569\ub2c8\ub2e4. \uc544\uc6c3\ubc14\uc6b4\ub4dc \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d \ud544\ud130\ub9c1 \ubc0f \ubaa8\ub2c8\ud130\ub9c1\uc740 Log4j\ubfd0\ub9cc \uc544\ub2c8\ub77c \ub2e4\ub978 \uc720\ud615\uc758 \ucde8\uc57d\uc810\uc5d0\ub3c4 \ub9e4\uc6b0 \uc720\uc6a9\ud569\ub2c8\ub2e4. <\/span><\/p>\n<h2><span>2. \ucde8\uc57d\uc810 \uac10\uc9c0 \ubc29\ubc95<br \/> <\/span><\/h2>\n<p><span>\uc55e\uc5d0\uc11c\ub294 Log4j \ucde8\uc57d\uc810\uc744 \uc545\uc6a9\ud558\ub294 \uacf5\uaca9\uc744 \uc7a0\uc7ac\uc801\uc73c\ub85c \uc81c\ud55c\ud558\ub294 \ubc29\ubc95\uc744 \ub2e4\ub8e8\uc5c8\uc2b5\ub2c8\ub2e4. \ub2e4\uc74c\uc73c\ub85c, \uace0\uac1d \uc11c\ube44\uc2a4 \ud658\uacbd\uc5d0\uc11c \uc774 \ucde8\uc57d\uc810\uc774 \uc874\uc7ac\ud558\ub294\uc9c0 \uc5ec\ubd80\ub97c \uac10\uc9c0\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub420 \uc218 \uc788\ub294 \ubd80\ubd84\uc5d0 \ub300\ud574\uc54c\uc544\ubcf4\uaca0\uc2b5\ub2c8\ub2e4. <\/span><\/p>\n<div id=\"attachment_23591\" class=\"wp-caption aligncenter\">\n <img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-23591\" src=\"https:\/\/d2908q01vomqb2.cloudfront.net\/22d200f8670dbdb3e253a90eee5098477c95c23d\/2021\/12\/15\/image2-v2-3.jpg\" alt=\"\uadf8\ub9bc 2. Inspector \ucf58\uc194\uc5d0\uc11c \ucc3e\uc740 Log4j\" width=\"751\" height=\"328\" aria-describedby=\"caption-attachment-23591\"><\/p>\n<p id=\"caption-attachment-23591\" class=\"wp-caption-text\"><span>\uadf8\ub9bc 2. Inspector \ucf58\uc194\uc5d0\uc11c \ucc3e\uc740 Log4j <\/span><\/p>\n<\/div>\n<h3><span>Amazon Inspector<br \/> <\/span><\/h3>\n<p><span>\uadf8\ub9bc 2\uc5d0\uc11c \ubcfc \uc218 \uc788\ub4ef\uc774 <\/span><a href=\"https:\/\/aws.amazon.com\/inspector\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon Inspector <\/span><\/a><span>\ud300\uc740 <\/span><a href=\"https:\/\/aws.amazon.com\/ec2\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon EC2 \uc778\uc2a4\ud134\uc2a4 <\/span><\/a><span>\ubc0f <\/span><a href=\"https:\/\/aws.amazon.com\/ecr\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon Elastic Container Registry Images(Amazon ECR) <\/span><\/a>\uc5d0\uc11c \uc774 \ucde8\uc57d\uc810\uc758 \uc874\uc7ac\ub97c \uc2dd\ubcc4\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc2e0\uaddc<span> Amazon Inspector\ub97c \uc0ac\uc6a9\ud558\uba74, \uac10\uc9c0 \uc791\uc5c5\uc774 \uc790\ub3d9\uc73c\ub85c \uc9c0\uc18d\uc801\uc73c\ub85c \uc218\ud589\ub429\ub2c8\ub2e4. \uc9c0\uc18d\uc801\uc778 \ucde8\uc57d\uc810 \uac80\uc0c9\uc740 \uc0c8\ub85c\uc6b4 \uc18c\ud504\ud2b8\uc6e8\uc5b4 \ud328\ud0a4\uc9c0, \uc0c8\ub85c\uc6b4 \uc778\uc2a4\ud134\uc2a4, \uacf5\uac1c\ub418\ub294 \uc0c8\ub85c\uc6b4 CVE(Common Vulnerability and Exposure)\uc640 \uac19\uc740 \uc774\ubca4\ud2b8\uac00\uc0dd\uae38\ub54c\ub9c8\ub2e4 \uc9c4\ud589\ub429\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\uc608\ub97c \ub4e4\uc5b4, Inspector \ud300\uc774 Log4j \ucde8\uc57d\uc810(CVE-2021-44228 \ubc0f CVE-2021-45046)\uc5d0 \ub300\ud55c \uc9c0\uc6d0\uc744 \ucd94\uac00\ud558\uba74, Inspector\uac00 \uc9c0\uc6d0\ud558\ub294 \ubaa8\ub4e0 <a href=\"https:\/\/aws.amazon.com\/systems-manager\/\" target=\"_blank\" rel=\"noopener noreferrer\">AWS Systems Manager<\/a>\uc0c1 \uc778\uc2a4\ud134\uc2a4\uc5d0 \ub300\ud574 \uc989\uc2dc \uc774 \ucde8\uc57d\uc810\uc744 \ucc3e\uae30 \uc2dc\uc791\ud569\ub2c8\ub2e4.&nbsp;<\/span><span> \uc774\ub4e4 \uc778\uc2a4\ud134\uc2a4\ub294 OS \ud328\ud0a4\uc9c0 \uad00\ub9ac\uc790\ub97c \ud1b5\ud574 Log4j\uac00 \uc124\uce58\ub418\uc5b4 \uc788\uac70\ub098 \ud328\ud0a4\uc9c0\uac00 Maven \ud638\ud658 Amazon ECR \ucee8\ud14c\uc774\ub108 \uc774\ubbf8\uc9c0\uc5d0 \uc788\uc5c8\ub358 \uac83\uc744 \ud3ec\ud568\ud569\ub2c8\ub2e4. \ud574\ub2f9 \ucde8\uc57d\uc810\uc774 \uc788\ub294 \uacbd\uc6b0, \uc218\ub3d9 \uc870\uce58 \uc5c6\uc774 \ubc1c\uacac \ud56d\ubaa9\uc774 \ubc14\ub85c \ub098\ud0c0\ub098\uae30 \uc2dc\uc791\ud569\ub2c8\ub2e4. Inspector Classic\uc744 \uc0ac\uc6a9\ud558\ub294 \uacbd\uc6b0, \ubaa8\ub4e0 Amazon EC2 \uc778\uc2a4\ud134\uc2a4\uc5d0 \ub300\ud574 \ud3c9\uac00\ub97c \uc2e4\ud589\ud558\uace0 \uc788\ub294\uc9c0 \ud655\uc778\ud574\uc57c \ud569\ub2c8\ub2e4.<\/span><span> \ubaa8\ub4e0 Amazon EC2 \uc778\uc2a4\ud134\uc2a4\uc5d0 \ub300\ud55c \ud3c9\uac00 \ub300\uc0c1\uc744 \uc0dd\uc131\ud558\uace0 \uc788\ub294\uc9c0 \ud655\uc778\ud558\ub824\uba74, <a href=\"https:\/\/docs.aws.amazon.com\/inspector\/latest\/userguide\/inspector_applications.html\">\uac00\uc774\ub4dc \ubb38\uc11c<\/a>\ub97c \ucc38\uace0\ud558\uc138\uc694. <\/span><\/p>\n<h3><span>Amazon <\/span>GuardDuty<\/h3>\n<p><span>Inspector\ub97c \ud1b5\ud574 \uc774 \ucde8\uc57d\uc810\uc758 \uc874\uc7ac\ub97c \ucc3e\ub294 \uac83 \uc678\uc5d0\ub3c4 <\/span><a href=\"https:\/\/aws.amazon.com\/guardduty\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon GuardDuty <\/span><\/a><span>\ud300\uc740 Log4j \ucde8\uc57d\uc810 \uc545\uc6a9\uacfc \uad00\ub828\ub41c \uc190\uc0c1 \uc9c0\ud45c\ub97c \ucd94\uac00\ud558\uae30 \uc2dc\uc791\ud588\uc2b5\ub2c8\ub2e4. GuardDuty\ub294 \uc54c\ub824\uc9c4 \uc798\ubabb\ub41c IP \uc8fc\uc18c \ub610\ub294 DNS \ud56d\ubaa9\uc5d0 \ub3c4\ub2ec\ud558\ub824\ub294 \uc2dc\ub3c4\ub97c \ubaa8\ub2c8\ud130\ub9c1\ud558\uace0 \uc774\uc0c1 \uae30\ubc18 \ud589\ub3d9 \uacb0\uacfc\ub97c \ud1b5\ud574 \uc545\uc6a9 \ud6c4 \ud65c\ub3d9\uc744 \ucc3e\uc744 \uc218\ub3c4 \uc788\uc2b5\ub2c8\ub2e4. \uc608\ub97c \ub4e4\uc5b4 Amazon EC2 \uc778\uc2a4\ud134\uc2a4\uac00 \ube44\uc815\uc0c1\uc801\uc778 \ud3ec\ud2b8\uc5d0\uc11c \ud1b5\uc2e0\uc744 \uc2dc\uc791\ud558\uba74 GuardDuty\ub294 <code>Behavior:EC2\/NetworkPortUnusual<\/code> \ud639\uc740 <code>NetworkPortUnusual<\/code> \ud65c\ub3d9\uc744 \uac10\uc9c0\ud558\uace0 \uacb0\uacfc\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4<\/span><span>. GuardDuty\uc5d0\ub294 \uc190\uc0c1\ub41c AWS \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud55c \uc751\ub2f5\uc73c\ub85c \ub098\ud0c0\ub0a0 \uc218 \uc788\ub294 \uc545\uc6a9 \ud6c4 \ud65c\ub3d9\uacfc \uad00\ub828\ub41c \ub2e4\uc591\ud55c \uacb0\uacfc\ub3c4 \uc81c\uacf5\ud569\ub2c8\ub2e4. GuardDuty \uacb0\uacfc \ubaa9\ub85d\uc740 <a href=\"https:\/\/docs.aws.amazon.com\/guardduty\/latest\/ug\/guardduty_finding-types-active.html\" target=\"_blank\" rel=\"noopener noreferrer\">GuardDuty \uc124\uba85\uc11c<\/a>\ub97c \ucc38\uc870\ud558\uc2ed\uc2dc\uc624<\/span>.<\/p>\n<h3><span>AWS Security Hub<\/span><\/h3>\n<p><a href=\"https:\/\/aws.amazon.com\/security-hub\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>AWS Security Hub<\/span><\/a><span>\uc740 Inspector \ubc0f GuardDuty\uc640 \ud568\uaed8 \ubcf4\uc548 \uacbd\ubcf4\ub97c \uc9d1\uacc4\ud558\uace0 \uc790\ub3d9 \uc218\uc815 \ubc0f \ub300\uc751\uc744 \ud65c\uc131\ud654\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4. \ub2e8\uae30\uc801\uc73c\ub85c\ub294 Security Hub\ub97c \uc0ac\uc6a9\ud558\uc5ec <a href=\"https:\/\/aws.amazon.com\/chatbot\/\" target=\"_blank\" rel=\"noopener noreferrer\">AWS Chatbot <\/a>, <a href=\"https:\/\/aws.amazon.com\/sns\/\" target=\"_blank\" rel=\"noopener noreferrer\">Amazon Simple Notification Service <\/a>\ub610\ub294 Inspector\uac00 \ud658\uacbd\uc5d0\uc11c \uc774 \ucde8\uc57d\uc810\uc744 \ubc1c\uacac\ud560 \ub54c \uac00\uc2dc\uc131\uc744 \uc704\ud55c \ud2f0\ucf13\ud305 \uc2dc\uc2a4\ud15c\uc744 \ud1b5\ud574 \uc54c\ub9bc\uc744 \uc124\uc815\ud558\ub294 \uac83\uc774 \uc88b\uc2b5\ub2c8\ub2e4<\/span><span>. \uc7a5\uae30\uc801\uc73c\ub85c Security Hub\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc801\uc808\ud55c \uacbd\uc6b0 \ubcf4\uc548 \uacbd\uace0\uc5d0 \ub300\ud55c \uc790\ub3d9 \uc218\uc815 \ubc0f \ub300\uc751\uc744 \ud65c\uc131\ud654\ud558\ub294 \uac83\uc774 \uc88b\uc2b5\ub2c8\ub2e4. <\/span><span> Security Hub\ub85c <a href=\"https:\/\/aws.amazon.com\/blogs\/security\/tag\/aws-security-hub\/\">\uc790\ub3d9 \uce58\ub8cc \ubc0f \ub300\uc751\uc744 \uc124\uc815\ud558\ub294 \ubc29\ubc95<\/a>\uc744 \ucc38\uace0\ud558\uc138\uc694<\/span><span>. <\/span><\/p>\n<h2><span>3. \ucde8\uc57d\uc810 \ub300\uc751 \ubc29\ubc95<br \/> <\/span><\/h2>\n<p><span>\uc5ec\uae30\uc11c\ub294 \ud574\ub2f9 \ucde8\uc57d\uc810\uc744 \uc644\ud654\ud558\uae30 \uc704\ud574 \ucde8\ud560 \uc218 \uc788\ub294 \ub300\uc751 \ubc29\ubc95\uc5d0 \ub300\ud574 \uc0b4\ud3b4 \ubd05\ub2c8\ub2e4. \uc55e\uc5d0\uc11c \uc5b8\uae09\ud588\ub4ef\uc774&nbsp; <\/span>AWS\ub294 \uc989\uac01\uc801\uc73c\ub85c <a href=\"https:\/\/aws.amazon.com\/ko\/blogs\/korea\/aws-security-bulletins-cve-2021-44228\/\">Apache Log4j2 \ubcf4\uc548 \uc774\uc288 (CVE-2021-44228) \ub300\uc751 \uacf5\uc9c0<\/a>\ub97c \uc8fc\uae30\uc801\uc73c\ub85c \uc5c5\ub370\uc774\ud2b8\ud558\uace0, Log4j 2.0+\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc2e4\ud589 \uc911\uc778 <a href=\"https:\/\/aws.amazon.com\/ko\/blogs\/korea\/aws-security-bulletins-cve-2021-44228\/#hotpatch\">JVM \ud56b\ud328\uce58 \ub3c4\uad6c<\/a>\ub97c \uc81c\uacf5\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4. (\ub354 \uc790\uc138\ud55c \uc0ac\ud56d\uc740 \ud55c\uad6d\uc5b4 \ub300\uc751 \uacf5\uc9c0\ub97c \uacc4\uc18d \ud655\uc778\ud574 \uc8fc\uc2dc\uae30 \ubc14\ub78d\ub2c8\ub2e4.)<\/p>\n<div id=\"attachment_23592\" class=\"wp-caption aligncenter\">\n <img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-23592\" src=\"https:\/\/d2908q01vomqb2.cloudfront.net\/22d200f8670dbdb3e253a90eee5098477c95c23d\/2021\/12\/15\/image3-v2-4.jpg\" alt=\"\uadf8\ub9bc 3. \uc911\uc694\ud55c \ud328\uce58\ub97c \uc989\uc2dc \uc2b9\uc778\ud558\ub294 Systems Manager Patch Manager \ud328\uce58 \uae30\uc900\uc120\" width=\"753\" height=\"570\" aria-describedby=\"caption-attachment-23592\"><\/p>\n<p id=\"caption-attachment-23592\" class=\"wp-caption-text\"><span>\uadf8\ub9bc 3. \uc911\uc694\ud55c \ud328\uce58\ub97c \uc989\uc2dc \uc2b9\uc778\ud558\ub294 Systems Manager Patch Manager \ud328\uce58<br \/> <\/span><\/p>\n<\/div>\n<h3><span>AWS Systems Manager Patch Manager <\/span><\/h3>\n<p><span>AWS Systems Manager Patch Manager\ub97c \uc0ac\uc6a9\ud558\uba74, \uc911\uc694\ud55c \ud328\uce58\uac00 \uc989\uc2dc \uc124\uce58\ub418\ub3c4\ub85d \uc124\uc815\ud55c \uacbd\uc6b0 EC2 \uc778\uc2a4\ud134\uc2a4 \ud328\uce58\uac00 \uac00\ub2a5\ud569\ub2c8\ub2e4. \ub2e4\ub9cc \ud328\uce58\uac00 \uc644\ub8cc\ub418\ub824\uba74<\/span><span>, \uac00\uc7a5 \ucd5c\uc2e0 \ubc84\uc804\uc744 \uc0ac\uc6a9\ud558\uace0 \uc788\ub294\uc9c0 \ud655\uc778\ud558\uae30 \uc704\ud574 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ucf54\ub4dc\uc5d0\uc11c \ub77c\uc774\ube0c\ub7ec\ub9ac\uac00 \uc0ac\uc6a9\ub418\ub294 \uacf3\ub9c8\ub2e4 \ud074\ub798\uc2a4 \uacbd\ub85c\ub97c \uc5c5\ub370\uc774\ud2b8\ud574\uc57c \ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\ucde8\uc57d\uc810\uc774 \uc2dd\ubcc4\ub418\uba74 Log4j \ubc84\uc804 2.16.0\uc744 \uc0ac\uc6a9\ud558\ub3c4\ub85d ECR \ucee8\ud14c\uc774\ub108 \uc774\ubbf8\uc9c0\ub97c \uc5c5\ub370\uc774\ud2b8\ud574\uc57c \ud569\ub2c8\ub2e4. \ucde8\uc57d\ud55c ECR \ucee8\ud14c\uc774\ub108 \uc774\ubbf8\uc9c0\ub85c \ube4c\ub4dc\ub41c \ubaa8\ub4e0 \ucee8\ud14c\uc774\ub108\uac00 \uac00\ub2a5\ud55c \ud55c \ube68\ub9ac \uc0c8 \uc774\ubbf8\uc9c0\ub97c \uc0ac\uc6a9\ud558\ub3c4\ub85d \uc5c5\ub370\uc774\ud2b8\ub418\uc5c8\ub294\uc9c0 \ud655\uc778\ud574\uc57c \ud569\ub2c8\ub2e4. \uc774\ub294 \uc774\ub7ec\ud55c \uc774\ubbf8\uc9c0\ub97c \ubc30\ud3ec\ud558\ub294 \ub370 \uc0ac\uc6a9\ud558\ub294 \uc11c\ube44\uc2a4\uc5d0 \ub530\ub77c \ub2e4\ub97c \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc608\ub97c \ub4e4\uc5b4 <\/span><a href=\"https:\/\/aws.amazon.com\/ecs\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span>Amazon ECS<\/span><\/a><span>\ub97c \uc0ac\uc6a9\ud558\ub294 \uacbd\uc6b0, \uc0c8 \ubc30\ud3ec\ub97c \uac15\uc81c \uc2e4\ud589\ud558\ub3c4\ub85d \uc11c\ube44\uc2a4\ub97c \uc5c5\ub370\uc774\ud2b8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uadf8\ub7ec\uba74 \uc0c8 Log4j \ubc84\uc804\uc744 \uc0ac\uc6a9\ud558\uc5ec \uc774\ubbf8\uc9c0\uac00 \ud480\ub2e4\uc6b4\ub429\ub2c8\ub2e4. \ucee8\ud14c\uc774\ub108 \ubc30\ud3ec\uc5d0 \uc0ac\uc6a9\ud558\ub294 \ubc29\ubc95\uc744 \uc9c0\uc6d0\ud558\ub294 \uc124\uba85\uc11c\ub97c \ud655\uc778\ud558\uc2ed\uc2dc\uc624. <\/span><\/p>\n<h3><span>\uc5c5\uadf8\ub808\uc774\ub4dc\ud560 \uc218 \uc5c6\ub294 \uacbd\uc6b0 \uc644\ud654 \uc804\ub7b5 <\/span><\/h3>\n<p><span>\uae30\ubcf8\uc801\uc73c\ub85c JDNI\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4\ub97c \ube44\ud65c\uc131\ud654\ud558\ub294 \ubc84\uc804 2.16.0\uc73c\ub85c \uc5c5\uadf8\ub808\uc774\ub4dc\ud560 \uc218 \uc5c6\uac70\ub098 \ud658\uacbd\uc5d0 \ud328\uce58\ub97c \uc801\uc6a9\ud560 \uc804\ub7b5\uc744 \uc544\uc9c1 \uacb0\uc815\ud558\uace0 \uc788\ub294 \uacbd\uc6b0 Log4j \uad6c\uc131\uc744 \ubcc0\uacbd\ud558\uc5ec \uc774 \ucde8\uc57d\uc810\uc744 \uc644\ud654\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. .2.10 \uc774\uc0c1 \ubc84\uc804\uc5d0\uc11c \uad6c\ud604\ud558\ub824\uba74, <\/span><span>\uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uc2dc\uc791\uc744 \uc704\ud55c JVM \uba85\ub839\uc5d0 <code>\u2010Dlog4j2.formatMsgNoLookups=True<\/code>\ub97c \ucd94\uac00\ud558\uc5ec log4j2.formatMsgNoLookups \uc124\uc815\uc744 \ucd94\uac00\ud569\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\ud2b9\uc815 \ubc84\uc804\uc758 \uc644\ud654 \ub2e8\uacc4\uc5d0 \ub300\ud55c \ubcf4\ub2e4 \ud3ec\uad04\uc801\uc778 \ubaa9\ub85d\uc740 <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/&quot; \/l &quot;:~:text=not%20be%20abused.-,CVE%2D2021%2D44228,-The%20Log4j%20team\" target=\"_blank\" rel=\"noopener noreferrer\">Apache \uc6f9 \uc0ac\uc774\ud2b8<\/a>\ub97c \ucc38\uc870\ud558\uc2ed\uc2dc\uc624.<\/span><\/p>\n<h2><span>\ub9c8\ubb34\ub9ac<\/span><\/h2>\n<p><span>\uc774 \uae00\uc5d0\uc11c AWS \uace0\uac1d\uc774 Log4j \ucde8\uc57d\uc131\uc73c\ub85c \uc778\ud55c \uc704\ud5d8\uc744 \ubcf4\ud638, \uac10\uc9c0 \ubc0f \ub300\uc751\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub418\ub294 \uacc4\uce35\ud654\ub41c \uc811\uadfc \ubc29\uc2dd\uc744 \ucc44\ud0dd\ud560 \uc218 \uc788\ub3c4\ub85d \ud558\ub294 \uc8fc\uc694 AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\uc5d0 \ub300\ud574 \uc124\uba85\ud588\uc2b5\ub2c8\ub2e4. \uc800\ud76c\ub294 <\/span><a href=\"https:\/\/aws.amazon.com\/security\/security-bulletins\/?card-body.sort-by=item.additionalFields.bulletinId&amp;card-body.sort-order=desc&amp;awsf.bulletins-flag=*all&amp;awsf.bulletins-year=*all\" target=\"_blank\" rel=\"noopener noreferrer\"><span>\uc601\ubb38 AWS \ubcf4\uc548 \uacf5\uc9c0<\/span><\/a> \ud639\uc740 <span>\ud55c\uad6d\uc5b4 \ubc88\uc5ed\uc744 \uacc4\uc18d \uc0b4\ud3b4 \ubcf4\uc2dc\uae38 \uad8c\uc7a5\ub4dc\ub9bd\ub2c8\ub2e4. \uacf5\ub3d9 \ucc45\uc784 \ubaa8\ub378\uc5d0 \ub530\ub77c, AWS \uc11c\ube44\uc2a4\uc758 \uc9c4\ud589 \uc0ac\ud56d\uc744 \uacc4\uc18d \uc5c5\ub370\uc774\ud2b8\ud560 \uac83\uc785\ub2c8\ub2e4. <\/span><\/p>\n<p><span>\uc774 \ucde8\uc57d\uc131\uc758 \uc911\uc694\uc131\uc744 \uac10\uc548\ud560 \ub54c, \uace0\uac1d \uc5ec\ub7ec\ubd84\uaed8\uc11c \ud574\ub2f9 \ucde8\uc57d\uc131\uc5d0 \uc138\uc2ec\ud55c \uc8fc\uc758\ub97c \uae30\uc6b8\uc774\uace0, \uc774 \uae00\uc5d0\uc11c \uac15\uc870\ud55c \uc81c\uc5b4 \ubc29\uc2dd\uc758 \uad6c\ud604\uc758 \uc6b0\uc120 \uc21c\uc704\ub97c \ub450\uc2e4 \uac83 \ub610\ud55c \uad8c\uc7a5\ub4dc\ub9bd\ub2c8\ub2e4. <\/span><\/p>\n<p>\u2013 Marshall Jones, AWS Security Specialist Solutions Architect<br \/> \u2013 Syed Shareef, AWS Senior Security Solutions Architect<\/p>\n<p><em>\uc774 \uae00\uc740 AWS Security Blog\uc758 <a href=\"https:\/\/aws.amazon.com\/blogs\/security\/using-aws-security-services-to-protect-against-detect-and-respond-to-the-log4j-vulnerability\/\">Using AWS security services to protect against, detect, and respond to the Log4j vulnerability<\/a> \ud55c\uad6d\uc5b4 \ubc88\uc5ed\uc785\ub2c8\ub2e4.<\/em><\/p>\n<p>Source: <a href=\"https:\/\/aws.amazon.com\/ko\/blogs\/korea\/using-aws-security-services-to-protect-against-detect-and-respond-to-the-log4j-vulnerability\/\" target=\"_blank\" rel=\"noopener\">AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud55c Log4j \ucde8\uc57d\uc810\uc73c\ub85c\ubd80\ud130 \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c, \uac10\uc9c0 \ubc0f \ub300\uc751 \ubc29\ubc95<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud55c Log4j \ucde8\uc57d\uc810\uc73c\ub85c\ubd80\ud130 \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c, \uac10\uc9c0 \ubc0f \ub300\uc751 \ubc29\ubc95 \uc774 \uae00\uc5d0\uc11c\ub294 \ucd5c\uadfc \uacf5\uac1c\ub41c Apache log4j2 \ucde8\uc57d\uc810\uc5d0 \ub300\uc751\ud558\ub294 AWS \uace0\uac1d\uc5d0\uac8c \ub3c4\uc6c0\uc774 \ub420 \uc218 \uc788\ub294 \ub300\uc751 \ubc29\ubc95\uc744 \uc548\ub0b4\ud574 \ub4dc\ub9ac\uaca0\uc2b5\ub2c8\ub2e4. Log4j \ucde8\uc57d\uc131\uc758 \uc704\ud5d8\uc744 \uc81c\ud55c\ud558\uae30 \ubc29\ubc95, \ubb38\uc81c\uc5d0 \ucde8\uc57d\ud55c\uc9c0 \uc2dd\ubcc4\ud558\ub294 \ubc29\ubc95, \uc801\uc808\ud55c \ud328\uce58\ub85c \uc778\ud504\ub77c\ub97c \uc5c5\ub370\uc774\ud2b8 \ubc29\ubc95\uc5d0 \ub300\ud574 \uc124\uba85\ud569\ub2c8\ub2e4. Apache Log4j \ucde8\uc57d\uc810(CVE-2021-44228, CVE-2021-45046)\uc740 \uce58\uba85\uc801\uc778 \ucde8\uc57d\uc810(CVSS 3.1 \uc720\ube44\ucffc\ud130\uc2a4 \ub85c\uae45 \ud50c\ub7ab\ud3fc \uc810\uc218 10.0)\uc785\ub2c8\ub2e4&nbsp; . \uc774 \ucde8\uc57d\uc810\uc744 \ud1b5\ud574 \uacf5\uaca9\uc790\ub294 \ucde8\uc57d\ud55c \ud50c\ub7ab\ud3fc\uc5d0\uc11c \uc6d0\uaca9 \ucf54\ub4dc \uc2e4\ud589\uc744 \uc218\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ubc84\uc804 2.0-beta-9\uc640 2.15.0 \uc0ac\uc774\uc758 Log4j \ubc84\uc804 2\uac00 \uc774 \ucde8\uc57d\uc810\uc758 \uc601\ud5a5\uc744 \ubc1b\uc2b5\ub2c8\ub2e4. \ubcf8 \ucde8\uc57d\uc810\uc740 \uc77c\ubc18\uc801\uc73c\ub85c \ub514\ub809\ud1a0\ub9ac(LDAP \ub514\ub809\ud1a0\ub9ac)\ub97c \ud1b5\ud574 \ub370\uc774\ud130\ub97c \ucc3e\uae30 \uc704\ud574 Java \ud504\ub85c\uadf8\ub7a8\uc5d0\uc11c \uc0ac\uc6a9\ud558\ub294 Java Naming and Directory Interface (JNDI)\ub97c \uc0ac\uc6a9\ud569\ub2c8\ub2e4. \uc544\ub798 \uadf8\ub9bc 1\uc740 Log4j JNDI \uacf5\uaca9 \ud750\ub984\uc744 \ubcf4\uc5ec\uc90d\ub2c8\ub2e4. \uadf8\ub9bc 1. Log4j \uacf5\uaca9 \uc9c4\ud589 \uc0c1\ud669. \ucd9c\ucc98: GovCERT.ch, \uc2a4\uc704\uc2a4 \uc815\ubd80 \ucef4\ud4e8\ud130 \ube44\uc0c1 \ub300\uc751\ud300(GovCERT) AWS\ub294 \uc989\uac01\uc801\uc73c\ub85c Apache Log4j2 \ubcf4\uc548 \uc774\uc288 (CVE-2021-44228) \ub300\uc751 \uacf5\uc9c0\ub97c \uc8fc\uae30\uc801\uc73c\ub85c \uc5c5\ub370\uc774\ud2b8\ud558\uace0, Log4j 2.0+\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc2e4\ud589 \uc911\uc778 JVM <a class=\"mh-excerpt-more\" href=\"https:\/\/jirak.net\/wp\/aws-%eb%b3%b4%ec%95%88-%ec%84%9c%eb%b9%84%ec%8a%a4%eb%a5%bc-%ec%82%ac%ec%9a%a9%ed%95%9c-log4j-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9c%bc%eb%a1%9c%eb%b6%80%ed%84%b0-%ec%9c%84%ed%97%98-%eb%85%b8%ec%b6%9c\/\" title=\"AWS \ubcf4\uc548 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud55c Log4j \ucde8\uc57d\uc810\uc73c\ub85c\ubd80\ud130 \uc704\ud5d8 \ub178\ucd9c \uc81c\ud55c, \uac10\uc9c0 \ubc0f \ub300\uc751 \ubc29\ubc95\">[ more&#8230; ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":44633,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[169],"tags":[656],"class_list":["post-44632","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-aws"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44632","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=44632"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44632\/revisions"}],"predecessor-version":[{"id":44634,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/44632\/revisions\/44634"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media\/44633"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=44632"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=44632"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=44632"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}