Pehea wau i lilo ai i mea palupalu: ka nānā ʻana i ka ʻōnaehana IT me ka hoʻohana ʻana iā Qualys

Hello a pau!

I kēia lā makemake wau e kamaʻilio e pili ana i ka hopena ao no ka ʻimi ʻana a me ka nānā ʻana i nā nāwaliwali Qualys Vulnerability Management, kahi o kā mākou o nā lawelawe.

Ma lalo wau e hōʻike i ke ʻano o ka hoʻonohonoho ʻana iā ia iho a me ka ʻike e pili ana i nā nāwaliwali e ʻike ʻia ma muli o nā hopena.

He aha ka mea hiki ke nānā ʻia

Nā lawelawe waho. No ka nānā ʻana i nā lawelawe i loaʻa i ka Pūnaewele, hāʻawi ka mea kūʻai aku iā mākou i kā lākou IP address a me nā hōʻoia (inā makemake ʻia kahi scan me ka hōʻoia). Hoʻohana mākou i nā lawelawe me ke ao Qualys a hoʻouna i kahi hōʻike e pili ana i nā hopena.

Nā lawelawe kūloko. I kēia hihia, ʻimi ka scanner i nā mea palupalu i nā kikowaena kūloko a me ka ʻoihana pūnaewele. Me ka hoʻohana ʻana i ia scan, hiki iā ʻoe ke helu i nā mana o nā ʻōnaehana hana, nā noi, nā awa wehe a me nā lawelawe ma hope o lākou.

Hoʻokomo ʻia kahi scanner Qualys e nānā i loko o ka ʻōnaehana o ka mea kūʻai aku. ʻO ke ao Qualys ke kikowaena kauoha no kēia scanner maanei.

Ma waho aʻe o ka kikowaena kūloko me Qualys, hiki ke hoʻokomo ʻia nā ʻelele (Cloud Agent) ma nā mea i nānā ʻia. ʻOhi lākou i ka ʻike e pili ana i ka ʻōnaehana ma ka ʻāina a hana ʻole i ka ukana ma ka pūnaewele a i ʻole nā ​​​​mea hoʻokipa a lākou e hana ai. Hoʻouna ʻia ka ʻike i loaʻa i ke ao.

ʻEkolu mau mea koʻikoʻi ma ʻaneʻi: ka hōʻoia ʻana a me ke koho ʻana i nā mea e nānā.

1. Ke hoʻohana nei i ka Authentication. Ke noi nei kekahi mau mea kūʻai aku i ka nānā ʻana i ka pahu blackbox, ʻoi aku hoʻi no nā lawelawe o waho: hāʻawi lākou iā mākou i kahi ākea o nā helu IP me ka ʻole o ka wehewehe ʻana i ka ʻōnaehana a ʻōlelo ʻo "e like me ka hacker." Akā ʻaʻole hana makapō nā mea hacker. I ka wā e hoʻouka ai (ʻaʻole reconnaissance), ʻike lākou i ka mea a lākou e hacking nei. 

   Me ka makapō, hiki i nā Qualys ke hina i nā hae hoʻopunipuni a nānā iā lākou ma kahi o ka ʻōnaehana target. A me ka maopopo ʻole i ka mea e nānā pono ʻia, maʻalahi ka nalo i nā hoʻonohonoho scanner a "hoʻopili" i ka lawelawe e nānā ʻia nei. 

   E ʻoi aku ka maikaʻi o ka nānā ʻana inā hana ʻoe i nā hōʻoia hōʻoia i mua o nā ʻōnaehana e nānā ʻia ana (whitebox). Ma kēia ala e hoʻomaopopo ai ka scanner i kona wahi i hele mai ai, a e loaʻa iā ʻoe ka ʻikepili piha e pili ana i nā nāwaliwali o ka ʻōnaehana target.

   
   Nui nā koho hōʻoia ʻo Qualys.

2. Nā waiwai hui. Inā hoʻomaka ʻoe e nānā i nā mea āpau i ka manawa hoʻokahi a me ka ʻole, e lōʻihi ka manawa a hana i kahi ukana pono ʻole ma nā ʻōnaehana. ʻOi aku ka maikaʻi o ka hui pū ʻana i nā pūʻulu a me nā lawelawe i loko o nā pūʻulu e pili ana i ke koʻikoʻi, ka wahi, ka mana o ka OS, ka koʻikoʻi o ka ʻōnaehana a me nā ʻano ʻē aʻe (ma Qualys ua kapa ʻia lākou ʻo nā Pūʻulu waiwai a me nā ʻōlelo waiwai) a koho i kahi hui kikoʻī i ka wā e nānā ana.
3. E koho i kahi pukaaniani no ka scan. ʻOiai inā ua noʻonoʻo a hoʻomākaukau ʻoe, hoʻokumu ka scanning i ke koʻikoʻi hou ma ka ʻōnaehana. ʻAʻole ia e hoʻohaʻahaʻa i ka lawelawe, akā ʻoi aku ka maikaʻi o ke koho ʻana i kahi manawa no ia, e like me ka hoʻihoʻi ʻana a i ʻole rollover o nā mea hou.

He aha kāu e aʻo ai mai nā hōʻike?

Ma muli o nā hualoaʻa scan, loaʻa i ka mea kūʻai kahi hōʻike e loaʻa ʻaʻole wale ka papa inoa o nā nāwaliwali a pau i loaʻa, akā ʻo nā ʻōlelo aʻoaʻo kumu no ka hoʻopau ʻana iā lākou: nā mea hou, nā patch, a me nā mea ʻē aʻe. hiki iā ʻoe ke hana iā ʻoe iho. I ʻole e huikau i nā ʻokoʻa like ʻole, ʻoi aku ka maikaʻi o ka hoʻoholo mua ʻana iā ʻoe iho i kēia mau mea: 

• ʻO wai ka mea e nānā i kēia hōʻike: he luna a he loea loea paha?
• he aha ka ʻike āu e makemake ai e loaʻa mai nā hopena scan? No ka laʻana, inā makemake ʻoe e ʻike inā ua hoʻokomo ʻia nā pā pono āpau a pehea e hana ʻia ai ka hana e hoʻopau i nā nāwaliwali i ʻike mua ʻia, a laila hoʻokahi hōʻike kēia. Inā pono ʻoe e lawe i kahi papa helu o nā pūʻali āpau, a laila ʻo kekahi.

Inā ʻo kāu hana e hōʻike i kahi kiʻi pōkole akā maopopo i ka hoʻokele, a laila hiki iā ʻoe ke hana Hoike Hooko. E hoʻokaʻawale ʻia nā mea nāwaliwali a pau i nā papa, nā pae koʻikoʻi, nā kiʻi a me nā kiʻi. No ka laʻana, ʻo ka 10 kiʻekiʻe o nā mea koʻikoʻi koʻikoʻi a i ʻole nā ​​​​pilikia maʻamau.

No kahi technician aia ʻ Reportlelo Hoʻoao Pūnaewele me nā kiko'ī a me nā kiko'ī a pau. Hiki ke hana ʻia kēia mau hōʻike:

Hōʻike nā mea hoʻokipa. He mea maikaʻi inā pono ʻoe e lawe i kahi papa inoa o kāu ʻoihana a loaʻa i kahi kiʻi piha o nā nāwaliwali o ka host. 

ʻO kēia ke ʻano o ka papa inoa o nā pūʻali i kālailai ʻia, e hōʻike ana i ka holo ʻana o ka OS ma luna o lākou.

E wehe kākou i ka poʻe hoihoi a ʻike i kahi papa inoa o 219 mau nāwaliwali i loaʻa, e hoʻomaka ana mai ka pae koʻikoʻi, pae ʻelima:

A laila hiki iā ʻoe ke ʻike i nā kikoʻī no kēlā me kēia nāwaliwali. Eia mākou e ʻike ai:

• i ka wā i ʻike ʻia ai ka nāwaliwali no ka manawa mua a hope,
• nā helu pilikia o ka ʻoihana,
• patch e hoʻopau i ka nāwaliwali,
• aia kekahi pilikia me ka hoʻokō ʻana me PCI DSS, NIST, etc.,
• aia kahi hoʻohana a me ka polokalamu malware no kēia nāwaliwali,
• he mea nawaliwali i ʻike ʻia i ka nānā ʻana me ka hōʻoia ʻole i ka ʻōnaehana, etc.

Inā ʻaʻole kēia ka scan mua - ʻae, pono ʻoe e nānā maʻamau 🙂 - a laila me ke kōkua Hōʻike Kūlana Hiki iā ʻoe ke ʻimi i ka dynamics o ka hana me nā nāwaliwali. E hōʻike ʻia ke kūlana o nā nāwaliwali i ka hoʻohālikelike ʻia me ka scan mua: nā nāwaliwali i ʻike ʻia ma mua a pani ʻia e hōʻailona ʻia he paʻa, ʻaʻole i pani ʻia - hana, nā mea hou - hou.

Hōʻike hikiwawe. Ma kēia hōʻike, e kūkulu ʻo Qualys i kahi papa inoa o nā nāwaliwali, e hoʻomaka me ka mea koʻikoʻi loa, e hōʻike ana i ka mea hoʻokipa e hopu i kēia nāwaliwali. Pono ka hōʻike inā hoʻoholo ʻoe e hoʻomaopopo koke, no ka laʻana, nā nāwaliwali āpau o ka pae ʻelima.

Hiki iā ʻoe ke hana i kahi hōʻike kaʻawale wale nō i nā nāwaliwali o ka pae ʻehā a me ka ʻelima.

Hōʻike paʻi. Maanei hiki iā ʻoe ke ʻike i kahi papa inoa piha o nā patch e pono e hoʻokomo ʻia e hoʻopau i nā nāwaliwali i loaʻa. No kēlā me kēia pākuʻi aia ka wehewehe ʻana i nā mea nāwaliwali e hoʻoponopono ai, ma luna o ka host / ʻōnaehana pono e hoʻokomo ʻia, a me kahi loulou download pololei.

Hōʻike hoʻokō PCI DSS. Pono ka maʻamau PCI DSS e nānā i nā ʻōnaehana ʻike a me nā noi i loaʻa mai ka Pūnaewele i kēlā me kēia 90 lā. Ma hope o ka scan, hiki iā ʻoe ke hana i kahi hōʻike e hōʻike ana i ka mea i kūpono ʻole ka ʻōnaehana i nā koi o ka maʻamau.

Nā Hōʻike Hoʻoponopono Hoʻopilikia. Hiki ke hoʻohui ʻia ʻo Qualys me ka pākaukau lawelawe, a laila e unuhi ʻia nā mea nāwaliwali a pau i nā tiketi. Ke hoʻohana nei i kēia hōʻike, hiki iā ʻoe ke hahai i ka holomua ma nā tiketi i hoʻopau ʻia a hoʻoholo i nā nāwaliwali.

Wehe i nā hōʻike awa. Hiki iā ʻoe ke loaʻa ka ʻike ma nā awa hāmama a me nā lawelawe e holo ana ma luna o lākou:

a i ʻole e hana i kahi hōʻike e pili ana i nā nāwaliwali o kēlā me kēia awa:

He mau hōʻike hōʻike maʻamau wale nō kēia. Hiki iā ʻoe ke hana iā ʻoe iho no nā hana kikoʻī, no ka laʻana, hōʻike wale i nā nāwaliwali ʻaʻole i haʻahaʻa ma mua o ka pae ʻelima o ka koʻikoʻi. Loaʻa nā hōʻike a pau. Hōʻike hōʻike: CSV, XML, HTML, PDF a me docx.

A hoʻomanaʻo: ʻAʻole he hopena ka palekana, akā he kaʻina hana. ʻO kahi scan hoʻokahi manawa e kōkua i ka ʻike ʻana i nā pilikia i kēia manawa, akā ʻaʻole kēia e pili ana i kahi kaʻina hana hoʻokele vulnerability piha.
I mea e maʻalahi ai iā ʻoe ke hoʻoholo i kēia hana maʻamau, ua hana mākou i kahi lawelawe e pili ana i ka Qualys Vulnerability Management.

Aia kahi hoʻolaha no nā mea heluhelu Habr a pau: Ke kauoha ʻoe i kahi lawelawe scanning no hoʻokahi makahiki, ʻelua mahina o nā scans he manuahi. Hiki ke waiho ʻia nā noi maanei, ma ke kahua "Comment" e kākau iā Habr.

Source: www.habr.com