弁財天

ゴフマン「専門家を信じるのではなく、自分自身で考えて判断せよ」

ランダム文字列のURLに3回連続HTTPアクセスする仕掛けはDNSサーバで追跡するためのビーコン?w update4

NICT(総務省)がIoT無差別侵入調査を口実にサイバー攻撃を開始。おまいらは本当に政府なのか?ありえないだろw

バックボタン攻撃をかわすためにWiFiルーターをNTTのルーターから隔離したw。

これ以上攻撃がひどくなったら自作WiFiルータを開発することになるかもw。 さらにAndroidのprivoxyのログを見てたらおもろいトラフィックを見つけーたw

/etc/privoxy/configをdebug 1に設定w

debug     1 # Log the destination for each request Privoxy let through. See also debug 1024.
#debug  1024 # Actions that are applied to all sites and maybe overruled later on.
#debug  4096 # Startup banner and warnings
#debug  8192 # Non-fatal errors
ひとつ前の1行を拾うとかコテコテな努力の /var/log/privoxy/logfile ログ解析スクリプトw

sw.sh

#!/bin/sh

for l in /var/log/privoxy/logfile.1 /var/log/privoxy/logfile
do
	perl sw.pl $l
done

sw.pl

#!/usr/bin/perl

strict;

my @items;

my $find = 0;
my $stamp = "";
my $stamp_f = "";
my $cnt = 0;
my @log;

while(<>) {
	chomp;
	my $line = $_;
	@items = split(/ /);
	my @stamps = split(/\./, $items[1]);
	$stamp = "$items[0] $stamps[0]";
	push(@log, $line);
	if ($items[4] =~ /\./) {
		if ($find == 1 && ($line =~ /$stamp_f/ || $cnt > 0)) {
			print "$line\n";
		} else {
			@log = ();
			push(@log, $line);
		}
		$cnt = 0 if ($cnt > 0);
	} else {
		$find = 1;
		$cnt++;
		if ($cnt >= 3) {
			print "\n\@log $stamp... \n";
			foreach my $l (@log) {
				print $l."\n";
			}
			$stamp_f = $stamp;
		}
	}
}

# sh sw.sh 

@log 2019-03-19 08:27:55... 
2019-03-19 08:27:50.295 7fbb69ffb700 Request: otf.msn.com:443/
2019-03-19 08:27:55.235 7fbb9743e700 Request: atbpboafbpg/
2019-03-19 08:27:55.236 7fbb94c39700 Request: kpytsrl/
2019-03-19 08:27:55.237 7fbb96c3d700 Request: huxwopwgy/
2019-03-19 08:28:00.244 7fbb9543a700 Request: accounts.google.com:443/

@log 2019-03-19 08:28:07... 
2019-03-19 08:28:07.081 7fbb58ff9700 Request: benzaiten.dyndns.org:80/
2019-03-19 08:28:07.178 7fbb597fa700 Request: yjteydmjfcjjxhr/
2019-03-19 08:28:07.178 7fbb59ffb700 Request: nbqouznat/
2019-03-19 08:28:07.182 7fbb137fe700 Request: shoynxolr/
2019-03-19 08:28:38.189 7fbb5bfff700 Request: settings.crashlytics.com:443/

@log 2019-03-19 08:46:07... 
2019-03-19 08:46:03.544 7fbb597fa700 Request: benzaiten.dyndns.org:80/
2019-03-19 08:46:07.453 7fbb777fe700 Request: cvpllbgl/
2019-03-19 08:46:07.454 7fbb96c3d700 Request: xnnuuaxejcbvfw/
2019-03-19 08:46:07.454 7fbb5affd700 Request: irjqnucfv/
2019-03-19 08:46:22.871 7fbb9743e700 Request: vortex.data.microsoft.com:443/

@log 2019-03-19 10:47:55... 
2019-03-19 10:47:54.702 7fbb117fa700 Request: is3-ssl.mzstatic.com:443/
2019-03-19 10:47:55.051 7fbb10ff9700 Request: nkpkbjga/
2019-03-19 10:47:55.052 7fbb0bfff700 Request: uluxrhxwrk/
2019-03-19 10:47:55.052 7fbb0b7fe700 Request: umhnrsfdbzddpno/
2019-03-19 10:47:55.185 7fbb0b7fe700 Request: certify.alexametrics.com:443/
2019-03-19 10:47:55.218 7fbb127fc700 Request: connect.facebook.net:443/
2019-03-19 10:47:55.289 7fbb137fe700 Request: static.xx.fbcdn.net:443/
2019-03-19 10:47:55.993 7fbb0bfff700 Request: facebook.com:443/

@log 2019-03-19 12:08:55... 
2019-03-19 12:08:55.098 7fbb697fa700 Request: c.msn.com:443/
2019-03-19 12:08:55.100 7fbb6a7fc700 Request: nyissxzhfll/
2019-03-19 12:08:55.100 7fbb5a7fc700 Request: zdcdudd/
2019-03-19 12:08:55.100 7fbb10ff9700 Request: gscqzxzb/
2019-03-19 12:08:55.104 7fbb0bfff700 Request: otf.msn.com:443/
2019-03-19 12:08:55.291 7fbb6a7fc700 Request: otf.msn.com:443/
2019-03-19 12:08:55.369 7fbb10ff9700 Request: c.bing.com:443/
2019-03-19 12:08:55.448 7fbb5a7fc700 Request: otf.msn.com:443/
2019-03-19 12:08:55.521 7fbb0b7fe700 Request: otf.msn.com:443/
2019-03-19 12:08:55.739 7fbb0affd700 Request: benzaiten.dyndns.org/ws
2019-03-19 12:08:55.912 7fbb09ffb700 Request: benzaiten.dyndns.org:80/

@log 2019-03-19 12:37:38... 
2019-03-19 12:37:35.170 7fbb68ff9700 Request: benzaiten.dyndns.org:80/
2019-03-19 12:37:38.741 7fbb5bfff700 Request: rdwccrmzkwdzw/
2019-03-19 12:37:38.741 7fbb9743e700 Request: vdotsesnipara/
2019-03-19 12:37:38.742 7fbb94c39700 Request: tluljhknmsufj/
2019-03-19 12:38:37.944 7fbb6a7fc700 Request: vortex.data.microsoft.com:443/

@log 2019-03-19 12:39:09... 
2019-03-19 12:39:07.205 7fbb76ffd700 Request: encrypted-tbn0.gstatic.com:443/
2019-03-19 12:39:09.871 7fbb767fc700 Request: bxgerwcsjphmq/
2019-03-19 12:39:09.872 7fbb74ff9700 Request: vfdujxvuzbsj/
2019-03-19 12:39:09.872 7fbb75ffb700 Request: vvdrbuyhryplha/
2019-03-19 12:39:43.615 7fbb76ffd700 Request: img.youtube.com:443/

@log 2019-03-19 14:07:34... 
2019-03-19 14:07:29.506 7fbb68ff9700 Request: otf.msn.com:443/
2019-03-19 14:07:34.341 7fbb9846f700 Request: tirvbpviqfpwurg/
2019-03-19 14:07:34.342 7fbb757fa700 Request: hpwbkdf/
2019-03-19 14:07:34.343 7fbb9543a700 Request: isqleqlxxl/
2019-03-19 14:07:49.252 7fbb94c39700 Request: vortex.data.microsoft.com:443/

@log 2019-03-19 14:43:15... 
2019-03-19 14:43:11.995 7fbb6bfff700 Request: otf.msn.com:443/
2019-03-19 14:43:15.251 7fbb9743e700 Request: lezlypaaojd/
2019-03-19 14:43:15.252 7fbb96c3d700 Request: hibbocsjuah/
2019-03-19 14:43:15.252 7fbb95c3b700 Request: hjbckrfjxr/
2019-03-19 14:43:17.700 7fbb097fa700 Request: img-s-msn-com.akamaized.net:443/

@log 2019-03-19 15:13:23... 
2019-03-19 15:13:21.250 7fbb127fc700 Request: pr-bh.ybp.yahoo.com:443/
2019-03-19 15:13:23.271 7fbb9543a700 Request: rtlvlqi/
2019-03-19 15:13:23.271 7fbb757fa700 Request: qegvwcdew/
2019-03-19 15:13:23.271 7fbb95c3b700 Request: dsikyrgf/
2019-03-19 15:13:24.963 7fbb94c39700 Request: api-21-0-0.twitter.com:443/

@log 2019-03-19 15:21:28... 
2019-03-19 15:21:24.916 7fbb94c39700 Request: www.google.com:443/
2019-03-19 15:21:28.762 7fbb76ffd700 Request: ybimhkwqgsntol/
2019-03-19 15:21:28.762 7fbb77fff700 Request: tcmpjgcpcv/
2019-03-19 15:21:28.763 7fbb75ffb700 Request: huhneoagskfi/
2019-03-19 15:21:29.597 7fbb117fa700 Request: benzaiten.dyndns.org/ws

@log 2019-03-19 15:37:06... 
2019-03-19 15:37:03.974 7fbb03fff700 Request: www.facebook.com:443/
2019-03-19 15:37:06.078 7fbb597fa700 Request: uvdhibliivkzuxb/
2019-03-19 15:37:06.079 7fbb6b7fe700 Request: sbvlrflrlgq/
2019-03-19 15:37:06.079 7fbb68ff9700 Request: xxfdkiliac/
2019-03-19 15:37:06.954 7fbb11ffb700 Request: hbx.media.net:443/

@log 2019-03-19 15:56:16... 
2019-03-19 15:56:11.606 7fbb6a7fc700 Request: twitter.com:443/
2019-03-19 15:56:16.355 7fbb6b7fe700 Request: xcrjtfjvsltrsh/
2019-03-19 15:56:16.356 7fbb69ffb700 Request: udukzjn/
2019-03-19 15:56:16.357 7fbb697fa700 Request: gogrlavueczbm/
2019-03-19 15:57:00.401 7fbb697fa700 Request: storage.live.com:443/

@log 2019-03-19 16:02:43... 
2019-03-19 16:02:39.135 7fbb69ffb700 Request: benzaiten.dyndns.org:80/
2019-03-19 16:02:43.072 7fbb9643c700 Request: zduijmizsb/
2019-03-19 16:02:43.072 7fbb95c3b700 Request: qyqpmqwm/
2019-03-19 16:02:43.073 7fbb9543a700 Request: iaqajdbl/
2019-03-19 16:04:30.505 7fbb77fff700 Request: e.crashlytics.com:443/

@log 2019-03-19 16:09:50... 
2019-03-19 16:09:43.644 7fbb69ffb700 Request: www.google.com:443/
2019-03-19 16:09:50.134 7fbb94c39700 Request: ybcceohyibkcpu/
2019-03-19 16:09:50.134 7fbb9846f700 Request: dncppssthxiimq/
2019-03-19 16:09:50.134 7fbb97c3f700 Request: joyiueeaibfkmf/
2019-03-19 16:10:10.249 7fbb9846f700 Request: headlines.yahoo.co.jp:443/

@log 2019-03-19 16:14:51... 
2019-03-19 16:14:50.628 7fbb5bfff700 Request: otf.msn.com:443/
2019-03-19 16:14:51.169 7fbb76ffd700 Request: xjcqibefhxylb/
2019-03-19 16:14:51.170 7fbb5b7fe700 Request: clereorunetxs/
2019-03-19 16:14:51.171 7fbb5affd700 Request: pkwmmgfbyvsw/
2019-03-19 16:15:14.123 7fbb007f8700 Request: linkmaker.itunes.apple.com:443/

@log 2019-03-19 16:49:53... 
2019-03-19 16:49:47.420 7fbb9643c700 Request: edge-safety-service.trafficmanager.net:443/
2019-03-19 16:49:53.705 7fbb97c3f700 Request: mpxpnspoa/
2019-03-19 16:49:53.705 7fbb9846f700 Request: tvqfuoamrljj/
2019-03-19 16:49:53.705 7fbb94c39700 Request: oqsmvwm/
2019-03-19 16:50:22.719 7fbb777fe700 Request: upload.wikimedia.org:443/

@log 2019-03-19 17:40:46... 
2019-03-19 17:40:39.390 7fbb697fa700 Request: accounts.google.com:443/
2019-03-19 17:40:46.320 7fbb77fff700 Request: dhadtdkm/
2019-03-19 17:40:46.321 7fbb9846f700 Request: coujprtbmv/
2019-03-19 17:40:46.322 7fbb11ffb700 Request: jpitehohu/
2019-03-19 17:48:09.454 7fbb697fa700 Request: update.googleapis.com:443/

@log 2019-03-19 20:19:43... 
2019-03-19 18:03:58.213 7fbb96c3d700 Request: api.twitter.com:443/
2019-03-19 20:19:43.556 7fbb96c3d700 Request: tjtprggrzckvtg/
2019-03-19 20:19:43.558 7fbb697fa700 Request: hyudgorxdherce/
2019-03-19 20:19:43.560 7fbb9743e700 Request: xdxcfxnm/
2019-03-19 20:19:44.984 7fbb9743e700 Request: evoke-windowsservices-tas.msedge.net:443/

@log 2019-03-19 21:26:01... 
2019-03-19 21:25:55.946 7fbb757fa700 Request: benzaiten.dyndns.org:80/
2019-03-19 21:26:01.628 7fbb9846f700 Request: dtilcbrbzvsbnj/
2019-03-19 21:26:01.629 7fbb94c39700 Request: djuixdooz/
2019-03-19 21:26:01.630 7fbb767fc700 Request: qxkwhxntqkz/
2019-03-19 21:26:11.876 7fbb96c3d700 Request: vortex.data.microsoft.com:443/

@log 2019-03-19 21:30:19... 
2019-03-19 21:30:18.528 7fbb77fff700 Request: prod.rewardsplatform.microsoft.com:443/
2019-03-19 21:30:19.421 7fbb77fff700 Request: hseoskwqemb/
2019-03-19 21:30:19.422 7fbb9846f700 Request: ohslxrel/
2019-03-19 21:30:19.423 7fbb97c3f700 Request: tpxqlapmwpy/
2019-03-19 21:30:21.398 7fbb97c3f700 Request: www.msn.com:443/

@log 2019-03-19 21:49:04... 
2019-03-19 21:49:03.136 7fbb9743e700 Request: update.googleapis.com:443/
2019-03-19 21:49:04.518 7fbb95c3b700 Request: imrrhbchhc/
2019-03-19 21:49:04.518 7fbb9643c700 Request: nbwabvqetfdm/
2019-03-19 21:49:04.519 7fbb9543a700 Request: hofijrruobfjr/
2019-03-19 21:49:05.987 7fbb95c3b700 Request: www.googleapis.com:443/

@log 2019-03-19 22:03:27... 
2019-03-19 22:03:26.263 7fbb95c3b700 Request: prod.rewardsplatform.microsoft.com:443/
2019-03-19 22:03:27.217 7fbb95c3b700 Request: ortzdclzzn/
2019-03-19 22:03:27.217 7fbb9846f700 Request: rwdxcbkgiejrvx/
2019-03-19 22:03:27.217 7fbb97c3f700 Request: nijezozucxsr/
2019-03-19 22:03:28.354 7fbb95c3b700 Request: e.crashlytics.com:443/

@log 2019-03-19 22:04:16... 
2019-03-19 22:04:11.775 7fbb6bfff700 Request: c.bing.com:443/
2019-03-19 22:04:16.575 7fbb757fa700 Request: jgkhnjtyplibqur/
2019-03-19 22:04:16.575 7fbb6b7fe700 Request: euzhtxlppnkftda/
2019-03-19 22:04:16.575 7fbb6affd700 Request: gxdrhto/
2019-03-19 22:05:16.993 7fbb757fa700 Request: www.fnn.jp:443/

@log 2019-03-20 04:07:20... 
2019-03-20 03:59:49.506 7f66630af700 Request: accounts.google.com:443/
2019-03-20 04:07:20.437 7f666287f700 Request: ffysyfhqikq/
2019-03-20 04:07:20.437 7f66630af700 Request: vguntdcf/
2019-03-20 04:07:20.446 7f666207e700 Request: gahzuowqz/
2019-03-20 04:58:36.420 7f66630af700 Request: settings.data.microsoft.com:443/

@log 2019-03-20 04:58:44... 
2019-03-20 04:58:43.830 7f66630af700 Request: chromefeedcontentsuggestions-pa.googleapis.com:443/
2019-03-20 04:58:44.246 7f662ffff700 Request: roqzgspepvzb/
2019-03-20 04:58:44.246 7f662f7fe700 Request: hfqpxncfqsxspdk/
2019-03-20 04:58:44.247 7f662effd700 Request: wxwgmqmpae/
2019-03-20 04:58:45.133 7f662effd700 Request: static-spartan-eas-s-msn-com.akamaized.net:443/

@log 2019-03-20 05:28:20... 
2019-03-20 05:28:14.293 7f664a7fc700 Request: accounts.google.com:443/
2019-03-20 05:28:20.145 7f65d2ffd700 Request: gwocoetqcqvijt/
2019-03-20 05:28:20.146 7f65e97fa700 Request: zoqamis/
2019-03-20 05:28:20.147 7f66630af700 Request: rovuntd/
2019-03-20 05:28:42.468 7f65e97fa700 Request: www.fnn.jp:443/

@log 2019-03-20 08:37:52... 
2019-03-20 08:37:51.800 7f660affd700 Request: rink.hockeyapp.net:443/
2019-03-20 08:37:52.480 7f66097fa700 Request: abzdyyxojuo/
2019-03-20 08:37:52.482 7f6609ffb700 Request: pylrfwn/
2019-03-20 08:37:52.484 7f6608ff9700 Request: vwfuffmkalziho/
2019-03-20 08:37:52.837 7f65ebfff700 Request: c.bingapis.com:443/

@log 2019-03-20 08:43:01... 
2019-03-20 08:43:01.031 7f666085d700 Request: edge-safety-service.trafficmanager.net:443/
2019-03-20 08:43:01.055 7f666207e700 Request: bbodlqlktckrjk/
2019-03-20 08:43:01.055 7f66630af700 Request: hycrjufyelvhjw/
2019-03-20 08:43:01.058 7f664a7fc700 Request: ngrkmxpd/
2019-03-20 08:43:01.059 7f6648ff9700 Request: benzaiten.dyndns.org/ws
2019-03-20 08:43:01.059 7f65ea7fc700 Request: www.msn.com:443/
2019-03-20 08:43:01.090 7f65e97fa700 Request: platform.twitter.com:443/
2019-03-20 08:43:01.415 7f662cff9700 Request: pbs.twimg.com:443/

@log 2019-03-20 12:05:01... 
2019-03-20 12:05:01.496 7fca42ffd700 Request: benzaiten.dyndns.org:80/
2019-03-20 12:05:01.555 7fca427fc700 Request: jjzwznxvb/
2019-03-20 12:05:01.555 7fca41ffb700 Request: jewenpwb/
2019-03-20 12:05:01.555 7fca417fa700 Request: zytkvqjy/
2019-03-20 12:05:04.098 7fca867fc700 Request: benzaiten.dyndns.org/ws

@log 2019-03-20 13:48:58... 
2019-03-20 13:48:52.857 7fcaa6ffd700 Request: www.google.com:443/
2019-03-20 13:48:58.970 7fcaa77fe700 Request: rtmtqnwspti/
2019-03-20 13:48:58.971 7fca86ffd700 Request: yjjvdslamtmzdj/
2019-03-20 13:48:58.971 7fcabeb3f700 Request: dndgxfg/
2019-03-20 13:49:03.549 7fcabeb3f700 Request: img.youtube.com:443/

@log 2019-03-20 13:52:25... 
2019-03-20 13:52:25.274 7fca437fe700 Request: api.twitter.com:443/
2019-03-20 13:52:25.370 7fca2ffff700 Request: wmjojyeymo/
2019-03-20 13:52:25.370 7fca2f7fe700 Request: zlyllggh/
2019-03-20 13:52:25.370 7fca2effd700 Request: nogkmihborozlj/
2019-03-20 13:52:27.871 7fca2effd700 Request: www.gstatic.com:443/

@log 2019-03-20 13:52:56... 
2019-03-20 13:52:53.973 7fca267ec700 Request: otf.msn.com:443/
2019-03-20 13:52:56.788 7fca69ffb700 Request: crnmylhopgepc/
2019-03-20 13:52:56.788 7fca267ec700 Request: cuszvhlcgjixh/
2019-03-20 13:52:56.788 7fca25feb700 Request: zmzrtwqumu/
2019-03-20 13:53:01.417 7fcaa67fc700 Request: ping.chartbeat.net:443/

@log 2019-03-20 14:20:51... 
2019-03-20 14:20:48.381 7fca267ec700 Request: c.bing.com:443/
2019-03-20 14:20:51.347 7fca867fc700 Request: yzjotbtcpfbo/
2019-03-20 14:20:51.347 7fca68ff9700 Request: dblsmgf/
2019-03-20 14:20:51.348 7fcaa5ffb700 Request: fkndxnzsggryxe/
2019-03-20 14:20:55.467 7fcaa57fa700 Request: linkmaker.itunes.apple.com:443/

@log 2019-03-20 14:25:11... 
2019-03-20 14:25:04.992 7fca2a7f4700 Request: accounts.google.com:443/
2019-03-20 14:25:11.930 7fca25feb700 Request: skassflplvpysob/
2019-03-20 14:25:11.930 7fca2b7f6700 Request: jomqjkpsvomo/
2019-03-20 14:25:11.930 7fca2f7fe700 Request: eakukkcvojul/
2019-03-20 14:26:14.259 7fca427fc700 Request: e.crashlytics.com:443/

@log 2019-03-20 14:42:20... 
2019-03-20 14:42:16.008 7fca857fa700 Request: benzaiten.dyndns.org:80/
2019-03-20 14:42:20.949 7fca86ffd700 Request: rkltztzxpxnhy/
2019-03-20 14:42:20.950 7fca697fa700 Request: ijjiadogiljweke/
2019-03-20 14:42:20.951 7fcaa57fa700 Request: vgnrurlx/
2019-03-20 14:44:13.224 7fcaa6ffd700 Request: vortex.data.microsoft.com:443/

@log 2019-03-20 15:17:31... 
2019-03-20 15:17:31.663 7fca247e8700 Request: api.webpush.jp:443/
2019-03-20 15:17:31.787 7fca86ffd700 Request: jsocgomf/
2019-03-20 15:17:31.788 7fca23fe7700 Request: wcqaqnkvfcs/
2019-03-20 15:17:31.789 7fca237e6700 Request: zbtyswvgl/
2019-03-20 15:17:46.620 7fca2a7f4700 Request: vortex.data.microsoft.com:443/

@log 2019-03-20 15:36:02... 
2019-03-20 15:35:58.001 7fcaa67fc700 Request: img.youtube.com:443/
2019-03-20 15:36:02.283 7fca86ffd700 Request: dmxuynnqc/
2019-03-20 15:36:02.283 7fcaa57fa700 Request: xiqgyfnmlpepz/
2019-03-20 15:36:02.283 7fca6b7fe700 Request: sagrstvtcexe/
2019-03-20 15:36:07.100 7fca6b7fe700 Request: encrypted-tbn0.gstatic.com:443/

@log 2019-03-20 16:01:17... 
2019-03-20 16:01:17.006 7fcabcb0c700 Request: api.webpush.jp:443/
2019-03-20 16:01:17.499 7fcaa77fe700 Request: lmezkhjutrfkqrd/
2019-03-20 16:01:17.501 7fcaa57fa700 Request: eavtekup/
2019-03-20 16:01:17.501 7fca25feb700 Request: twupasonjzz/
2019-03-20 16:01:27.232 7fca84ff9700 Request: log.outbrainimg.com:443/

@log 2019-03-20 16:37:17... 
2019-03-20 16:37:17.121 7fcaa4ff9700 Request: api.webpush.jp:443/
2019-03-20 16:37:17.269 7fca277ee700 Request: ysqttintzpd/
2019-03-20 16:37:17.269 7fca237e6700 Request: ihdlydkfqtqvx/
2019-03-20 16:37:17.269 7fca22fe5700 Request: vbqfxclecmb/
2019-03-20 16:37:24.390 7fca247e8700 Request: log.outbrainimg.com:443/

@log 2019-03-20 17:13:09... 
2019-03-20 17:13:06.075 7fcaa77fe700 Request: benzaiten.dyndns.org:80/
2019-03-20 17:13:09.863 7fca87fff700 Request: ynpyogm/
2019-03-20 17:13:09.864 7fcaa57fa700 Request: cmusetvafcm/
2019-03-20 17:13:09.864 7fca877fe700 Request: ehzmfpzugsf/
2019-03-20 17:13:56.684 7fcaa77fe700 Request: blogos.com:443/

@log 2019-03-20 17:25:17... 
2019-03-20 17:25:13.930 7fca6affd700 Request: benzaiten.dyndns.org:80/
2019-03-20 17:25:17.248 7fcaa57fa700 Request: exnafyvshxhjswc/
2019-03-20 17:25:17.248 7fcabdb0e700 Request: wkdbwkugwlw/
2019-03-20 17:25:17.248 7fca437fe700 Request: ljygkozpdjefjxl/
2019-03-20 17:26:07.838 7fcaa4ff9700 Request: update.googleapis.com:443/

@log 2019-03-20 17:39:09... 
2019-03-20 17:39:07.270 7fca41ffb700 Request: scontent-nrt1-1.xx.fbcdn.net:443/
2019-03-20 17:39:09.248 7fca40ff9700 Request: dcinelz/
2019-03-20 17:39:09.248 7fca417fa700 Request: eulkewfvx/
2019-03-20 17:39:09.249 7fca2ffff700 Request: qpyccpjgntr/
2019-03-20 17:39:44.334 7fca867fc700 Request: e.crashlytics.com:443/

@log 2019-03-20 22:34:35... 
2019-03-20 22:34:34.770 7fca6affd700 Request: benzaiten.dyndns.org:80/
2019-03-20 22:34:35.207 7fca86ffd700 Request: zqigpcatvk/
2019-03-20 22:34:35.207 7fcabeb3f700 Request: lulfhiwdnbjxc/
2019-03-20 22:34:35.207 7fca6a7fc700 Request: oygjowdjb/
2019-03-20 22:34:53.069 7fca6b7fe700 Request: vortex.data.microsoft.com:443/

@log 2019-03-21 05:52:30... 
2019-03-21 05:52:30.843 7fcaa4ff9700 Request: benzaiten.dyndns.org/ws
2019-03-21 05:52:30.900 7fca877fe700 Request: fpfbamkj/
2019-03-21 05:52:30.900 7fca867fc700 Request: onrecnlm/
2019-03-21 05:52:30.902 7fca85ffb700 Request: medycdhoinmipkk/
2019-03-21 05:52:31.120 7fca867fc700 Request: benzaiten.dyndns.org:80/

@log 2019-03-21 06:22:40... 
2019-03-21 06:22:33.440 7fca6bfff700 Request: accounts.google.com:443/
2019-03-21 06:22:40.344 7fca6b7fe700 Request: dpfbctcmwbqkln/
2019-03-21 06:22:40.344 7fca84ff9700 Request: gggqyiz/
2019-03-21 06:22:40.345 7fca6affd700 Request: dixwluj/
2019-03-21 06:22:51.399 7fca84ff9700 Request: www.googleapis.com:443/

@log 2019-03-21 06:25:29... 
2019-03-21 06:25:26.126 7fca2d7fa700 Request: mtcs.nhk.or.jp:443/
2019-03-21 06:25:29.423 7fca697fa700 Request: psuwbpuey/
2019-03-21 06:25:29.423 7fca6a7fc700 Request: buhbfmobm/
2019-03-21 06:25:29.424 7fcaa4ff9700 Request: zgjtzfit/
2019-03-21 06:25:40.860 7fcabdb0e700 Request: ping.chartbeat.net:443/

@log 2019-03-21 09:33:20... 
2019-03-21 09:33:20.762 7fca867fc700 Request: static-spartan-eas-s-msn-com.akamaized.net:443/
2019-03-21 09:33:20.822 7fcaa77fe700 Request: kthqtnn/
2019-03-21 09:33:20.823 7fca85ffb700 Request: lmjsmtsv/
2019-03-21 09:33:20.823 7fcaa7fff700 Request: jbehytlzjhkja/
2019-03-21 09:33:20.980 7fcaa7fff700 Request: otf.msn.com:443/
2019-03-21 09:33:20.984 7fca85ffb700 Request: www.bing.com:443/
2019-03-21 09:33:20.998 7fcaa77fe700 Request: img-s-msn-com.akamaized.net:443/
# 

毎回3ヶ所に連続してHTTPリスエストしてるw。 ぶっへー。この仕掛けでプロバイダーのDNSサーバー側でスマホの現在位置を追跡してるのか?w

毎回ドメイン文字列が変化してるのでキルスイッチではないと思われw
ランサムウェアのキルスイッチが見つかり【ギフハフ団】のマルウェアの拡散がとまる。IPAが原因をミスリード。欧州警察機構(Europol)長官「Wannacryは少なくとも150カ国20万台のPCを攻撃。」

English is at the bottom of the message.
 
拝啓 時下ますますご清祥のこととお慶び申し上げます。
平素は弊社サービスをご利用いただき、誠にありがとうございます。

さて、この度弊社では、お客様に安心・安全にインターネットを利用していただくた
め、マルウェアに感染した通信をブロックする「DNSフィルタリング」機能の適用を開
始することとなりましたので、お知らせいたします。

株式会社インターネットイニシアティブとしての発表に関しては、下記をご確認くだ
さい。

https://www.iij.ad.jp/sec-statement/

 
なお、ご不明な点などございましたら、下記問い合わせ窓口までお問い合わせくだ
さいますようお願い申し上げます。
 
                                                                        敬具
                                     <記>
 
【適用開始日】
2019年 7月 1日 (月)
 
【対象サービス】
■ モバイル系サービス
 ・IIJmioモバイルサービス
 ・IIJmioモバイルプラスサービス
 ・IIJmio IoTサービス
 ・IIJmioプリペイドパック
 ・Japan Travel SIM
 ・Japan Travel SIM for Unlocked Phone
 
■ 固定回線系サービス
 ・IIJmioひかり(PPPoE接続時のみ)
 ・IIJmio FiberAccess/NF(PPPoE接続時のみ)
 ・IIJmio FiberAccess/DF
 ・IIJmio FiberAccess/SF 
 ・IIJmio FiberAccess/DC
 ・IIJmio DSL/DF
 ・IIJmio DSL/SF

【DNSフィルタリング機能概要】
IIJmioで提供している回線を利用している端末が、マルウェアに感染し、C&Cサー
バ等と通信しようとした場合に、自動的に検知しDNSサーバで該当通信を遮断するも
のです。
※ 通常の通信には一切影響ございません。
※ 通信が遮断されるのは、IIJがマルウェアサーバとして登録したもののみです。
※ マルウェアサーバへの登録は、弊社でDNSサーバへのクエリログを分析することに
より行います。
 
詳しくはこちらをご覧ください。
https://pr.iijmio.jp/guide/env/filtering.html
 
【手続き】
お客様によるお手続きの必要はありません。
適用開始日から、全てのお客様へ自動的に設定が適用されます。
 
【費用】
本機能適用による費用は発生いたしません。
 
【機能解除の方法】
お客様がフィルタリング機能を希望されない場合、いつでも回線単位で
フィルタリング機能を解除いただくことが可能です。

解除の具体的な方法につきましては、こちらをご覧ください。
https://help.iijmio.jp/s/article/000002251
 
[接続サービスをご契約のお客様]
https://www.iijmio.jp/service/detail/imh/setup.jsp [IIJmioひかり]
https://www.iijmio.jp/service/detail/nbd/setup.jsp [IIJmio FiberAccess/NF]
https://www.iijmio.jp/service/detail/bd/setup.jsp [IIJmio FiberAccess/DF]
https://www.iijmio.jp/service/detail/bn/setup.jsp [IIJmio FiberAccess/SF]
https://www.iijmio.jp/service/detail/dc/setup.jsp [IIJmio FiberAccess/DC]
https://www.iijmio.jp/service/detail/xd/setup.jsp [IIJmio DSL/DF]
https://www.iijmio.jp/service/detail/xn/setup.jsp [IIJmio DSL/SF]

※会員専用ページへのログインが必要です
 
                                                                         以上
                                                                         
----
We hope this correspondence finds you well.
Thank you very much for continuing to use services by Internet Initiative
Japan Inc. (IIJ).

This is to inform you that IIJ has decided to initiate the application of a 
"DNS filtering" function that blocks communications infected with malware 
so that you may use the Internet safely and securely.

For the related announcement by IIJ, please see the below.

https://www.iij.ad.jp/sec-statement/


Initiative Application Start Date
July 1, 2019 (Mon.)

Applicable services
- Mobile Service 
  - IIJmio Mobile Service 
  - IIJmio Mobile Plus Service 
  - IIJmio IoT Service 
  - IIJmio Prepaid Pack 
  - Japan Travel SIM 
  - Japan Travel SIM for Unlocked Phone

- Connection Service
  - IIJmio Hikari (※) 
  - IIJmio FiberAccess/NF(※) 
  - IIJmio FiberAccess/DF 
  - IIJmio FiberAccess/SF 
  - IIJmio FiberAccess/DC 
  - IIJmio DSL/DF 
  - IIJmio DSL/SF

※ Only PPPoE connection

Overview of DNS Filtering Function

When devices using lines provided for IIJmio become infected with malware and
 attempt to communicate with C&C servers, etc., this function automatically 
detects that attempt and said communication is blocked by the DNS server.

* The function has no impact on standard communications whatsoever.
* The only servers with which communications are blocked are those registered
 by IIJ  as malware servers.
* The registration of servers as malware servers is conducted through analys-
es of query logs for DNS servers by IIJ.

For details, please go here.
https://pr.iijmio.jp/guide/env/filtering.html

Procedures
No procedures have to be carried out on your end.
Settings will automatically be applied to all users from the initiative 
application start date onward.

Cost
You will not incur any costs as a result of the application of this function.

How to Disable Function
If you do not wish to have the filtering function enables, you may disable it
at any time for each individual line.

For detailed information on how to disable the function, please go here.

[Customers with a Mobile Service Agreement]
https://help.iijmio.jp/s/article/000002251 (Japanese Only)

[Customers with a Connection Service Agreement]
https://www.iijmio.jp/service/detail/imh/setup.jsp [IIJmio Hikari]
https://www.iijmio.jp/service/detail/nbd/setup.jsp [IIJmio FiberAccess/NF]
https://www.iijmio.jp/service/detail/bd/setup.jsp [IIJmio FiberAccess/DF]
https://www.iijmio.jp/service/detail/bn/setup.jsp [IIJmio FiberAccess/SF]
https://www.iijmio.jp/service/detail/dc/setup.jsp [IIJmio FiberAccess/DC]
https://www.iijmio.jp/service/detail/xd/setup.jsp [IIJmio DSL/DF]
https://www.iijmio.jp/service/detail/xn/setup.jsp [IIJmio DSL/SF]

We apologize for the inconvenience. We can not respond even if you
reply mail in English. Please contact us in Japanese or inquire from
those who understand Japanese.


ご不明な点がございましたら下記のお問い合わせ先までご連絡ください。
本メールへ直接ご返信いただいても、回答できない場合がございます。
------------------------------------------------------------------------
○ お問い合わせ先
TEL: 03-5205-4408 (年中無休 日本時間 9:00~19:00)
URL: https://pr.iijmio.jp/guide/env/filtering.html
* お問い合わせ時には、お客様のお名前やmioIDをお伺いする場合があります
------------------------------------------------------------------------

投稿されたコメント:

コメント
コメントは無効になっています。