更新日 2004/9/14

SoftwareDesign 2004/10 第2特集 第4章補足

SoftwareDesign 2004年10月号で執筆したものの本文中の記述に関する補足です。

P.148 はじめに

ウィルスについての説明は下記のようになります。

P.148 メールでのウィルス対策

各対策方法での概念的なイメージは下記のようになります。

各クライアントでの対策は、すべてのクライアントマシンにAnti-Virusソフトをインストールして対策をとる方法です。
利点としては、数多くある商用のクライアントマシン用のAnti-Virusから、用途にあった物を選択することができます。
また、サーバー側には何の手も加える必要がなく、簡単にウィルス対策をとることができます。 しかし欠点としては、クライアントマシンが増えてくると管理する手間が増えます。またクライアントマシンの管理が完全でないとアンチウィルスの機能を停止させて使用しないユーザーや、アンチウィルスのソフトがインストールされていないクライアントマシンなどがLAN内に存在して、そこからウィルスが広まる可能性があります。


メールサーバー側での一括対策は、メールサーバーにAnti-Virusソフトをインストールして対策をとる方法です。
利点としては、各クライアント側に何のソフトをインストールすることがなく、方法によっては設定の変更も必要なく、Anti-Virusの仕組みを導入できることです。
しかし欠点としては、OSによっては商用のAnti-Virusソフトが少ない、場合によっては存在しないということがあります。また構成が複雑であったりすると、構築がとても難しくなるケースがあります。

P.149 Postfixの動作確認

postfix単体で動作しない場合には後ろの手順もすべて動作しませんので、 必ずpostfixが単体で正しく動作することを必ず確認を取ってから、次のステップに移ってください。

telnetコマンドを使用してSMTPプロトコルを直接使用して確認を取る方法
下記は入力すべきコマンドのみを記しています。
# telnet localhost 25
helo test
mail from: kensuke@example.com
rcpt to: root@example.com
data
subject: test
(空行のままEnter)
test
.

P.152 CPANの設定とモジュールのインストール

CPANの設定時のログは下記の通りです。
 # perl -MCPAN -e shell
 We have to reconfigure CPAN.pm due to following uninitialized parameters:
 
 cpan_home, keep_source_where, build_dir, build_cache, scan_cache, 
index_expire, gzip, tar, unzip, make, pager, makepl_arg, make_arg, 
make_install_arg, urllist, inhibit_startup_message, ftp_proxy, 
http_proxy, no_proxy, prerequisites_policy, cache_metadata
 
 /usr/lib/perl5/5.8.3/CPAN/Config.pm initialized.
 
 
 CPAN is the world-wide archive of perl resources. It consists of about
 100 sites that all replicate the same contents all around the globe.
 Many countries have at least one CPAN site already. The resources
 found on CPAN are easily accessible with the CPAN.pm module. If you
 want to use CPAN.pm, you have to configure it properly.
 
 If you do not want to enter a dialog now, you can answer 'no' to this
 question and I'll try to autoconfigure. (Note: you can revisit this
 dialog anytime later by typing 'o conf init' at the cpan prompt.) 
 
 Are you ready for manual configuration? [yes] 
 
 
 The following questions are intended to help you with the
 configuration. The CPAN module needs a directory of its own to cache
 important index files and maybe keep a temporary mirror of CPAN files.
 This may be a site-wide directory or a personal directory.
 
 
 
 First of all, I'd like to create this directory. Where?
 
 CPAN build and cache directory? [/root/.cpan]
 
 
 If you want, I can keep the source files after a build in the cpan
 home directory. If you choose so then future builds will take the
 files from there. If you don't want to keep them, answer 0 to the
 next question.
 
 
 
 How big should the disk cache be for keeping the build directories
 with all the intermediate files?
 
 Cache size for build directory (in MB)? [10]
 
 
 By default, each time the CPAN module is started, cache scanning
 is performed to keep the cache size in sync. To prevent from this,
 disable the cache scanning with 'never'.
 
 Perform cache scanning (atstart or never)? [atstart]
 
 
 To considerably speed up the initial CPAN shell startup, it is
 possible to use Storable to create a cache of metadata. If Storable
 is not available, the normal index mechanism will be used.
 
 Cache metadata (yes/no)? [yes]
 
 
 The next option deals with the charset your terminal supports. In
 general CPAN is English speaking territory, thus the charset does not
 matter much, but some of the aliens out there who upload their
 software to CPAN bear names that are outside the ASCII range. If your
 terminal supports UTF-8, you say no to the next question, if it
 supports ISO-8859-1 (also known as LATIN1) then you say yes, and if it
 supports neither nor, your answer does not matter, you will not be
 able to read the names of some authors anyway. If you answer no, names
 will be output in UTF-8.
 
 Your terminal expects ISO-8859-1 (yes/no)? [yes]
 
 
 If you have one of the readline packages (Term::ReadLine::Perl,
 Term::ReadLine::Gnu, possibly others) installed, the interactive CPAN
 shell will have history support. The next two questions deal with the
 filename of the history file and with its size. If you do not want to
 set this variable, please hit SPACE RETURN to the following question. 
 
 File to save your history? [/root/.cpan/histfile]
 Number of lines to save? [100]
 
 
 The CPAN module can detect when a module that which you are trying to
 build depends on prerequisites. If this happens, it can build the
 prerequisites for you automatically ('follow'), ask you for
 confirmation ('ask'), or just ignore them ('ignore'). Please set your
 policy to one of the three values.
 
 Policy on building prerequisites (follow, ask or ignore)? [ask] follow
 
 
 The CPAN module will need a few external programs to work properly.
 Please correct me, if I guess the wrong path for a program. Don't
 panic if you do not have some of them, just press ENTER for those. To
 disable the use of a download program, you can type a space followed
 by ENTER.
 
 Where is your gzip program? [/bin/gzip]
 Where is your tar program? [/bin/tar]
 Where is your unzip program? [/usr/bin/unzip]
 Where is your make program? [/usr/bin/make]
 Warning: links not found in PATH
 Where is your links program? []
 Where is your wget program? [/usr/bin/wget]
 Warning: ncftpget not found in PATH
 Where is your ncftpget program? []
 Warning: ncftp not found in PATH
 Where is your ncftp program? []
 Where is your ftp program? [/usr/bin/ftp]
 Where is your gpg program? [/usr/bin/gpg]
 What is your favorite pager program? [/usr/bin/less]
 What is your favorite shell? [/bin/bash]
 
 
 Every Makefile.PL is run by perl in a separate process. Likewise we
 run 'make' and 'make install' in processes. If you have any
 parameters (e.g. PREFIX, LIB, UNINST or the like) you want to pass
 to the calls, please specify them here.
 
 If you don't understand this question, just press ENTER.
 
 Parameters for the 'perl Makefile.PL' command?
 Typical frequently used settings:
 
    PREFIX=~/perl       non-root users (please see manual for more hints)
 
 Your choice:  []
 Parameters for the 'make' command?
 Typical frequently used setting:
 
    -j3              dual processor system
 
 Your choice:  []
 Parameters for the 'make install' command?
 Typical frequently used setting:
 
    UNINST=1         to always uninstall potentially conflicting files
 
 Your choice:  []
 
 
 Sometimes you may wish to leave the processes run by CPAN alone
 without caring about them. As sometimes the Makefile.PL contains
 question you're expected to answer, you can set a timer that will
 kill a 'perl Makefile.PL' process after the specified time in seconds. 
 
 If you set this value to 0, these processes will wait forever. This is
 the default and recommended setting.
 
 Timeout for inactivity during Makefile.PL? [0]
  
 
 If you're accessing the net via proxies, you can specify them in the
 CPAN configuration or via environment variables. The variable in
 the $CPAN::Config takes precedence.
 
 Your ftp_proxy?
 Your http_proxy?
 Your no_proxy?
 You have no /root/.cpan/sources/MIRRORED.BY
   I'm trying to fetch one
 CPAN: LWP::UserAgent loaded ok
 Fetching with LWP:
  ftp://ftp.perl.org/pub/CPAN/MIRRORED.BY
 
 
 Now we need to know where your favorite CPAN sites are located. Push
 a few sites onto the array (just in case the first on the array won't
 work). If you are mirroring CPAN to your local workstation, specify a
 file: URL.
 
 First, pick a nearby continent and country (you can pick several of
 each, separated by spaces, or none if you just want to keep your
 existing selections). Then, you will be presented with a list of URLs
 of CPAN mirrors in the countries you selected, along with previously
 selected URLs. Select some of those URLs, or just keep the old list.
 Finally, you will be prompted for any extra URLs -- file:, ftp:, or
 http: -- that host a CPAN mirror.
 
 (1) Africa
 (2) Asia
 (3) Central America
 (4) Europe
 (5) North America
 (6) Oceania
 (7) South America
 Select your continent (or several nearby continents) [] 2
 Sorry! since you don't have any existing picks, you must make a
 geographic selection.
 
 (1) China
 (2) Indonesia
 (3) Israel
 (4) Japan
 (5) Malaysia
 (6) Philippines
 (7) Republic of Korea
 (8) Russian Federation
 (9) Saudi Arabia
 (10) Singapore
 (11) Taiwan
 (12) Thailand
 Select your country (or several nearby countries) [] 4
 Sorry! since you don't have any existing picks, you must make a
 geographic selection.
 
 (1) ftp://ftp.ayamura.org/pub/CPAN/
 (2) ftp://ftp.dti.ad.jp/pub/lang/CPAN/
 (3) ftp://ftp.jaist.ac.jp/pub/lang/perl/CPAN/
 (4) ftp://ftp.kddlabs.co.jp/CPAN/
 (5) ftp://ftp.ring.gr.jp/pub/lang/perl/CPAN/
 (6) ftp://ftp.u-aizu.ac.jp/pub/CPAN
 (7) http://ftp.cpan.jp/
 Select as many URLs as you like (by number),
 put them on one line, separated by blanks, e.g. '1 4 5' [] 5
 
 Enter another URL or RETURN to quit: []
 New set of picks:
   ftp://ftp.ring.gr.jp/pub/lang/perl/CPAN/
 
 
 commit: wrote /usr/lib/perl5/5.8.3/CPAN/Config.pm
 Terminal does not support AddHistory.
 
 cpan shell -- CPAN exploration and modules installation (v1.7601)
 ReadLine support available (try 'install Bundle::CPAN')
 
 cpan> quit
 Terminal does not support GetHistory.
 Lockfile removed.

P.154 図9ウィルス付きメールの送信テスト

P.154 図9ウィルス付きメールの送信テスト のコマンドは出ていますが、とても打つには困難だと思いますので、下記のものをCopy&Pasteして利用してください。
  # telnet 127.0.0.1 10024
  MAIL FROM:
  RCPT TO:
  DATA
  Subject: test2 - virus test pattern
 
  X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


©2003-2004 kensuke.jp all rights reserved. maito:kensuke@kensuke.jp