A watan Fabrairu, Kiristan Ostiriya Haschek ya buga labari mai ban sha'awa a shafinsa mai suna . Hakika, na yi sha'awar abin da zai faru idan aka maimaita wannan binciken, amma tare da Ukraine. Makonni da yawa na tattara bayanai na yau da kullun, ƙarin kwanaki biyu don shirya labarin, kuma yayin wannan bincike, tattaunawa da wakilan al'ummarmu daban-daban, sannan a fayyace, sannan a sami ƙarin bayani. Don Allah a ƙarƙashin yanke ...
TL, DR
Ba a yi amfani da kayan aiki na musamman don tattara bayanai ba (ko da yake mutane da yawa sun ba da shawarar yin amfani da OpenVAS iri ɗaya don sa binciken ya zama cikakke kuma mai ba da labari). Tare da tsaro na IPs da ke da alaka da Ukraine (ƙarin yadda aka ƙayyade a ƙasa), halin da ake ciki, a ganina, yana da mummunar mummunan (kuma tabbas ya fi abin da ke faruwa a Austria). Babu wani yunƙuri da aka yi ko shirin yin amfani da sabar da aka gano masu rauni.
Da farko: ta yaya za ku iya samun duk adiresoshin IP na wata ƙasa?
A zahiri abu ne mai sauqi qwarai. Adireshin IP ba ƙasar da kanta ce ke samar da ita ba, amma an ware mata. Saboda haka, akwai jerin (kuma jama'a ne) na duk ƙasashe da duk IPs ɗin da ke nasu.
Kowa zai iya sannan tace shi grep Ukraine IP2LOCATION-LITE-DB1.CSV> ukraine.csv
, yana ba ku damar kawo lissafin zuwa mafi kyawun nau'i mai amfani.
Ukraine ta mallaki kusan adiresoshin IPV4 da yawa kamar Ostiriya, sama da miliyan 11 11 don zama daidai (don kwatantawa, Austria tana da 640).
Idan ba ku son yin wasa da adiresoshin IP da kanku (kuma bai kamata ku yi ba!), To, zaku iya amfani da sabis ɗin. .
Shin akwai injinan Windows da ba a buɗe ba a cikin Ukraine waɗanda ke da damar shiga Intanet kai tsaye?
Tabbas, ba wani ɗan Ukrainian mai hankali ba zai buɗe irin wannan damar zuwa kwamfutocin su. Ko zai kasance?
masscan -p445 --rate 300 -iL ukraine.ips -oG ukraine.445.scan && cat ukraine.445.scan | wc -lAn samo injunan Windows 5669 tare da hanyar shiga kai tsaye zuwa hanyar sadarwar (a Austria akwai 1273 kawai, amma wannan yana da yawa).
Kash Shin a cikinsu akwai wanda za a iya kaiwa hari ta hanyar amfani da abubuwan amfani na ETHERNALLUE, wanda aka sani tun 2017? Babu irin wannan mota ko guda a Ostiriya, kuma ina fatan ba za a same ta a Ukraine ma ba. Abin takaici, ba shi da amfani. Mun sami adiresoshin IP 198 waɗanda ba su rufe wannan "rami" a kansu ba.
DNS, DDoS da zurfin ramin zomo
Ya isa game da Windows. Bari mu ga abin da muke da shi tare da sabar DNS, waɗanda suke buɗe-ƙulle ne kuma ana iya amfani da su don harin DDoS.
Yana aiki da wani abu kamar wannan. Maharin ya aika da ƙaramin buƙatar DNS, kuma uwar garken mai rauni yana amsawa wanda aka azabtar da fakitin da ya fi girma sau 100. Boom! Cibiyoyin sadarwar kamfanoni na iya rushewa da sauri daga irin wannan adadin bayanai, kuma harin yana buƙatar bandwidth ɗin da wayar zamani zata iya bayarwa. Kuma akwai irin wadannan hare-hare har ma akan GitHub.
Bari mu ga idan akwai irin waɗannan sabobin a cikin Ukraine.
masscan -pU 53 -iL ukraine.ips -oG ukraine.53.scan && cat ukraine.53.scan | wc -lMataki na farko shi ne nemo wadanda ke da bude tashar jiragen ruwa 53. Sakamakon haka, muna da jerin adiresoshin IP guda 58, amma wannan baya nufin cewa duka ana iya amfani da su don harin DDoS. Dole ne a cika buƙatu na biyu, wato dole ne su kasance masu warwarewa.
Don yin wannan, zamu iya amfani da umarni mai sauƙi kuma mu ga cewa za mu iya "tono" tono + short test.openresolver.com TXT @ip.of.dns.server. Idan uwar garken ya amsa tare da gano mai warwarewa, to ana iya la'akari da yiwuwar hari. Bude masu warwarewa sun kai kusan kashi 25%, wanda yayi daidai da Austria. Dangane da jimlar lamba, wannan shine kusan 0,02% na duk IPs na Ukrainian.
Menene kuma za ku iya samu a Ukraine?
Na yi murna da kuka tambaya. Ya fi sauƙi (kuma mafi ban sha'awa a gare ni da kaina) don duba IP tare da bude tashar jiragen ruwa 80 da abin da ke gudana akan shi.
uwar garken yanar gizo
260 IPs na Yukren suna amsa tashar jiragen ruwa 849 (http). adireshi 80 sun amsa da kyau (Matsayi 125) zuwa buƙatun GET mai sauƙi wanda mai binciken ku zai iya aikawa. Sauran sun haifar da kuskure ɗaya ko wani. Yana da ban sha'awa cewa sabobin 444 sun ba da matsayi na 200, kuma mafi ƙarancin matsayi sune 853 (buƙatar izini na wakili) da kuma gabaɗayan 500 mara daidaituwa (IP ba a cikin "jerin fari") don amsa ɗaya ba.
Apache yana da rinjaye sosai - 114 sabobin suna amfani da shi. Mafi tsufa sigar da na samu a Ukraine shine 544, wanda aka saki a ranar 1.3.29 ga Oktoba, 29 (!!!). nginx yana matsayi na biyu tare da sabobin 2003.
Sabbin 11 suna amfani da WinCE, wanda aka saki a cikin 1996, kuma sun gama faci a cikin 2013 (akwai 4 kawai a cikin waɗannan a Austria).
Ka'idar HTTP/2 tana amfani da sabar 5, HTTP/144 - 1.1, HTTP/256 - 836.
Printers... saboda... me zai hana?
2 HP, 5 Epson da 4 Canon, waɗanda ake samun dama daga cibiyar sadarwar, wasu daga cikinsu ba tare da izini ba.
kyamaran yanar gizo
Ba labari ba ne cewa a cikin Ukraine akwai KYAUTA na kyamaran yanar gizon da ke watsa kansu zuwa Intanet, waɗanda aka tattara akan albarkatu daban-daban. Akalla kyamarori 75 ne ke yada kansu zuwa Intanet ba tare da wata kariya ba. Kuna iya kallon su .
Abin da ke gaba?
Yukren wata ƙaramar ƙasa ce, kamar Ostiriya, amma tana da matsaloli iri ɗaya da manyan ƙasashe a fannin IT. Muna buƙatar haɓaka fahimtar abin da ke da lafiya da abin da ke da haɗari, kuma masu sana'a na kayan aiki dole ne su samar da saitunan farko masu aminci don kayan aikin su.
Bugu da ƙari, Ina tattara kamfanoni masu haɗin gwiwa (), wanda zai iya taimaka maka tabbatar da amincin kayan aikin IT naka. Mataki na gaba da na shirya yi shine bitar tsaron gidajen yanar gizon Ukrainian. Kar a canza!
source: www.habr.com