A taron karshe an gabatar da Black Hat , sadaukar da matsalolin tsaro a cikin tauraron dan adam tsarin shiga Intanet. Marubucin rahoton, ta yin amfani da na’urar karban DVB mai tsada, ta nuna yiwuwar katse hanyoyin sadarwar Intanet da ake yadawa ta hanyoyin sadarwar tauraron dan adam.
Abokin ciniki zai iya haɗawa da mai ba da tauraron dan adam ta hanyar asymmetric ko tashoshi masu ma'ana. A cikin yanayin tashar asymmetric, ana aika zirga-zirga mai fita daga abokin ciniki ta hanyar mai ba da ƙasa kuma an karɓa ta tauraron dan adam. A cikin madaidaitan hanyoyin haɗin kai, zirga-zirga mai fita da mai shigowa suna wucewa ta tauraron dan adam. Ana aika fakitin da aka tuntuɓar abokin ciniki daga tauraron dan adam ta amfani da watsa watsa shirye-shirye wanda ya haɗa da zirga-zirga daga abokan ciniki daban-daban, ba tare da la'akari da wurinsu na yanki ba. Ba shi da wahala a katse irin wannan zirga-zirgar, amma dakatar da zirga-zirgar da ta samo asali daga abokin ciniki ta tauraron dan adam bai kasance mai sauƙi ba.
Don musanya bayanai tsakanin tauraron dan adam da mai bayarwa, ana amfani da watsa mai da hankali akai-akai, wanda ke buƙatar maharin ya kasance dubun kilomita da yawa daga abubuwan samar da ababen more rayuwa, kuma yana amfani da kewayon mitar daban-daban da tsarin ɓoyewa, wanda bincikensa yana buƙatar kayan aiki masu tsada masu tsada. . Amma ko da mai bada yana amfani da Ku-band na yau da kullum, a matsayin mai mulkin, mitoci don kwatance daban-daban sun bambanta, wanda ke buƙatar yin amfani da tasa na biyu na tauraron dan adam da kuma magance matsalar daidaitawar rafi don shiga tsakani a bangarorin biyu.
An yi zaton cewa don tsara katse hanyoyin sadarwar tauraron dan adam, ana buƙatar kayan aiki na musamman, waɗanda ke kashe dubun dubatar daloli, amma a zahiri an kai irin wannan harin ta hanyar amfani da. mai gyara don tauraron dan adam talabijin (TBS 6983/6903) da eriya parabolic. Jimlar kudin kayan harin ya kai kusan dala 300. Don nuna eriya a tauraron dan adam, an yi amfani da bayanan da aka samu a bainar jama'a game da wurin tauraron dan adam, da kuma gano tashoshin sadarwa, an yi amfani da daidaitaccen aikace-aikacen da aka tsara don neman tashoshin talabijin na tauraron dan adam. An nuna eriya a tauraron dan adam kuma an fara aikin dubawa .
An gano tashoshi ta hanyar gano kololuwa a cikin bakan mitar rediyo waɗanda aka sani akan hayaniyar baya. Bayan gano kololuwar, an saita katin DVB don fassarawa da rikodin siginar azaman watsa shirye-shiryen bidiyo na dijital na yau da kullun don talabijin ta tauraron dan adam. Tare da taimakon gwaje-gwajen gwaje-gwaje, an ƙayyade yanayin zirga-zirga kuma an raba bayanan Intanet daga talabijin na dijital (an yi amfani da binciken banal a cikin juji da katin DVB ya bayar ta amfani da mashin "HTTP", idan an samo shi, an yi la'akari da cewa. an samu tasha mai bayanan Intanet).
Binciken zirga-zirgar ya nuna cewa duk masu samar da Intanet na tauraron dan adam da aka bincika ba sa amfani da ɓoyewa ta hanyar tsohuwa, wanda ke ba da damar satar bayanan zirga-zirgar da ba a hana su ba. Abin lura shi ne cewa gargadi game da tauraron dan adam matsalolin tsaro na Intanet shekaru goma da suka gabata, amma tun daga lokacin lamarin bai canza ba, duk da bullo da sabbin hanyoyin watsa bayanai. Sauye-sauye zuwa sabuwar yarjejeniyar GSE (Generic Stream Encapsulation) don ƙaddamar da zirga-zirgar Intanet da kuma amfani da tsarin daidaitawa mai rikitarwa irin su 32-dimensional amplitude modulation da APSK (Phase Shift Keying) ba su sa hare-hare ya fi wahala ba, amma farashin kayan aikin shiga tsakani. yanzu ya ragu daga $50000 zuwa $300.
Babban koma baya yayin watsa bayanai ta tashoshin sadarwar tauraron dan adam shine babban jinkiri a isar da fakiti (~ 700 ms), wanda ya ninka sau goma fiye da jinkiri lokacin aika fakiti ta tashoshin sadarwa ta duniya. Wannan fasalin yana da mummunan tasiri guda biyu akan tsaro: rashin yawan amfani da VPNs da kuma rashin kariya daga zubewa (masanin fakiti). An lura cewa amfani da VPN yana rage saurin watsawa da kusan 90%, wanda, la'akari da manyan jinkirin kansu, ya sa VPN a zahiri ba zai iya amfani da tashoshi na tauraron dan adam ba.
An bayyana rashin lahani ga spoofing ta gaskiyar cewa maharin zai iya sauraron zirga-zirgar da ke zuwa ga wanda aka azabtar, wanda ya sa ya yiwu a ƙayyade jerin lambobin a cikin fakitin TCP da ke gano haɗin. Lokacin aika fakitin karya ta hanyar tashar ƙasa, kusan ana ba da garantin isa kafin fakiti na gaske da aka watsa ta tashar tauraron dan adam tare da dogon jinkiri da ƙari ta hanyar mai ba da jigilar kayayyaki.
Maƙasudin mafi sauƙi na hare-hare akan masu amfani da hanyar sadarwar tauraron dan adam sune zirga-zirgar DNS, HTTP da ba a ɓoye ba da imel, waɗanda abokan cinikin da ba a ɓoye su galibi ke amfani da su. Don DNS, yana da sauƙi don tsara aikawa da amsoshi na almara na DNS waɗanda ke danganta yankin zuwa uwar garken maharin (mai hari na iya haifar da amsa ta gaskiya nan da nan bayan ya ji buƙatu a cikin zirga-zirga, yayin da ainihin buƙatar dole ne ta wuce ta hanyar mai ba da sabis. zirga-zirgar tauraron dan adam). Binciken zirga-zirgar imel yana ba ku damar kutse bayanan sirri, alal misali, zaku iya fara aiwatar da dawo da kalmar wucewa akan gidan yanar gizo kuma kuyi leken asiri a cikin zirga-zirgar saƙon da aka aiko ta imel tare da lambar tabbatarwa don aiki.
A yayin gwajin, an kama kusan TB 4 na bayanan da tauraron dan adam 18 ke yadawa. Tsarin da aka yi amfani da shi a wasu yanayi bai samar da abin dogaro na haɗin kai ba saboda girman sigina-zuwa amo da kuma karɓar fakitin da ba su cika ba, amma bayanan da aka tattara sun isa don daidaitawa. Wasu misalan abin da aka samo a cikin bayanan da aka katse:
- An katse bayanan kewayawa da sauran bayanan jiragen sama da aka aika zuwa jirgin sama. Ba wai kawai an watsa wannan bayanin ba ba tare da ɓoyewa ba, har ma a cikin tashar guda ɗaya tare da zirga-zirgar cibiyar sadarwar kan-jirgin gabaɗaya, ta hanyar da fasinjoji ke aika wasiku da bincika gidajen yanar gizo.
- An kama kuki ɗin zaman ma'aikacin janareta na iska a kudancin Faransa, wanda ya haɗa da tsarin sarrafawa ba tare da ɓoyewa ba.
- An shiga musayar bayanai dangane da matsalolin fasaha kan wani jirgin ruwan dakon mai na Masar. Baya ga bayanin cewa jirgin ba zai iya tafiya cikin teku ba har na tsawon wata guda, an samu bayanai game da suna da lambar fasfo na injiniyan da ke da alhakin gyara matsalar.
- Jirgin ruwan yana isar da mahimman bayanai game da cibiyar sadarwar gida ta Windows, gami da bayanan haɗin da aka adana a LDAP.
- Lauyan dan kasar Spain ya aika wa abokin kara wasika tare da cikakkun bayanai game da shari'ar da ke tafe.
- A lokacin da ake tsaka da zirga-zirga zuwa jirgin ruwan wani hamshakin attajirin Girka, an kama kalmar sirrin dawo da asusun da aka aika ta imel a cikin ayyukan Microsoft.
source: budenet.ru