Amincewa da asusun mai gudanarwa ya haifar da dakatarwar kusan sa'o'i hudu na kamfanin sadarwa na biyu mafi girma na Sipaniya, Orange Espagne, yana yiwa masu biyan kuɗi miliyan 11 hidima. Don samun damar dubawar mai rejista na RIPE NCC a cikin Orange Espagne, an yi amfani da kalmar “ripeadmin” da za a iya faɗi kuma ba a kunna tantance abubuwa biyu ba.
An katse kalmar sirri ta RIPE lokacin da tsarin ma'aikaci ya kamu da malware kuma yana cikin bayanan sirrin sirri da aka sayar a kasuwar baƙar fata tun Satumba. Abin lura cewa baya ga asusun Orange Espagne, waɗannan ma'ajin bayanai sun ƙunshi dubban wasu asusu don haɗawa zuwa access.ripe.net, waɗanda za a iya amfani da su don kai irin wannan harin.
Ba a gano lamarin ba har zuwa ranar 2 ga watan Janairu, lokacin da wani dan fashi ya shiga gidan yanar gizo na RIPE NCC ya yi sauye-sauye a tsarin BGP da RPKI (Resource Public Key Infrastructure), bayan haka ne aka samu cikas kusan rabin zirga-zirgar ma’aikacin na kusan awa hudu. sadarwa. Ayyukan maharan sun kai ga gaskiyar cewa an yi amfani da fasahar RPKI, da aka ƙera don kare sanarwar BGP daga jabu, don toshe sanarwar da ta dace.
Maharin ya ƙirƙiri sabbin bayanan RPKI ROA da yawa (Hanyar Asalin Izinin Hanya), daga cikinsu akwai bayanan da ke haɗa manyan adiresoshin Orange Espagne zuwa tsarin wani mai cin gashin kansa, wanda ya haifar da gaskiyar sanarwar BGP daidai daga tsarin mai cin gashin kansa na wannan ma'aikacin ya fara zama. an toshe a kan hanyoyin sadarwa na masu aiki da kashin baya da yawa. Sakamakon haka, an rage adadin hanyoyin BGP da ke da alaƙa da Orange Espagne daga 9200 zuwa 7400, kuma zirga-zirgar zirga-zirgar ta ragu da kusan rabin.
Ana amfani da RPKI (Maɓallin Maɓalli na Jama'a) don ba da izini ga sanarwar BGP kuma yana ba ku damar tantance ko sanarwar BGP ta fito daga mai cibiyar sadarwa ko a'a. Lokacin amfani da RPKI don tsarin kai tsaye da adiresoshin IP, ana gina sarkar amana daga IANA zuwa masu rajista na yanki (RIRs), sannan zuwa masu ba da sabis (LIRs) da masu amfani da ƙarshen, wanda ke ba da damar wasu kamfanoni don tabbatar da cewa aikin albarkatun ya kasance. wanda aka yi shi. Ba tare da izini ba, kowane ma'aikaci zai iya tallata rukunin yanar gizo tare da ƙagaggen bayanai game da tsayin hanya kuma ya fara wucewa ta hanyar kanta na ɓangaren zirga-zirga daga wasu tsarin da ba sa amfani da tace talla.
source: budenet.ru