I Pepeluali, ua paʻi ʻo Austrian Christian Haschek i kahi ʻatikala hoihoi ma kāna blog i kapa ʻia . ʻOiaʻiʻo, ua lilo wau i hoihoi i ka mea e hana ʻia inā e hana hou ʻia kēia haʻawina, akā me Ukraine. He mau pule o ka hōʻiliʻili ʻana i ka ʻike, ʻelua mau lā hou e hoʻomākaukau ai i ka ʻatikala, a ma kēia noiʻi ʻana, e kamaʻilio pū me nā ʻelele like ʻole o ko kākou kaiaulu, a laila wehewehe, a laila e ʻike hou aku. E ʻoluʻolu ma lalo o ka ʻoki...
Aku; DR
ʻAʻole i hoʻohana ʻia nā mea hana kūikawā no ka hōʻiliʻili ʻana i ka ʻike (ʻoiai ua ʻōlelo kekahi poʻe i ka hoʻohana ʻana i ka OpenVAS like e hoʻomaʻamaʻa i ka noiʻi ʻana a me ka ʻike). Me ka palekana o nā IP e pili ana iā Ukraine (ʻoi aʻe ma ke ʻano o ka hoʻoholo ʻana ma lalo nei), ʻo ke kūlana, i koʻu manaʻo, he ʻino loa (a ʻoi aku ka hewa ma mua o ka mea e hana nei ma Austria). ʻAʻole i hoʻāʻo ʻia a i hoʻolālā ʻia e hoʻohana i nā kikowaena pilikia i ʻike ʻia.
ʻO ka mea mua: pehea e hiki ai iā ʻoe ke kiʻi i nā helu IP āpau no kekahi ʻāina?
He mea maʻalahi loa. ʻAʻole hoʻokumu ʻia nā helu IP e ka ʻāina ponoʻī, akā hāʻawi ʻia iā ia. No laila, aia kahi papa inoa (a he lehulehu) o nā ʻāina āpau a me nā IP āpau i pili iā lākou.
Hiki i nā kānaka a pau a laila kānana iā ia grep Ukraine IP2LOCATION-LITE-DB1.CSV> ukraine.csv
, hiki iā ʻoe ke lawe i ka papa inoa i kahi ʻano hoʻohana hou aku.
Aia ʻo Ukraine i ka nui o nā helu IPv4 e like me Austria, ʻoi aku ma mua o 11 miliona 11 e pololei (no ka hoʻohālikelike ʻana, loaʻa iā Austria 640).
Inā ʻaʻole ʻoe makemake e pāʻani me nā leka IP iā ʻoe iho (a ʻaʻole pono ʻoe!), A laila hiki iā ʻoe ke hoʻohana i ka lawelawe. .
Aia kekahi mau mīkini Windows i hoʻopaʻa ʻole ʻia ma Ukraine e loaʻa pololei i ka Pūnaewele?
ʻOiaʻiʻo, ʻaʻole hoʻokahi Ukrainian ʻike e wehe i kēlā ʻike i kā lākou kamepiula. A i ʻole paha?
masscan -p445 --rate 300 -iL ukraine.ips -oG ukraine.445.scan && cat ukraine.445.scan | wc -lUa loaʻa nā mīkini Windows 5669 me ke komo pololei i ka pūnaewele (ma Austria aia wale nō 1273, akā he nui).
Auwe. Aia kekahi i waena o lākou e hiki ke hoʻouka ʻia me ka hoʻohana ʻana i nā hana ETHERNALBLUE, i ʻike ʻia mai 2017? ʻAʻole hoʻokahi kaʻa like ma Austria, a ua manaʻo wau ʻaʻole e loaʻa ia ma Ukraine. ʻO ka mea pōʻino, ʻaʻohe pono. Ua loaʻa iā mākou he 198 IP address i pani ʻole i kēia "puka" iā lākou iho.
DNS, DDoS a me ka hohonu o ka lua rabbit
Ua lawa no Windows. E ʻike kākou i nā mea i loaʻa iā mākou me nā kikowaena DNS, he mea wehe-hoʻoponopono a hiki ke hoʻohana ʻia no nā hoʻouka kaua DDoS.
He mea like me keia. Hoʻouna ka mea hoʻouka i kahi noi DNS liʻiliʻi, a pane ke kikowaena pilikia i ka mea i hōʻeha ʻia me kahi ʻeke ʻoi aku ka nui o 100 mau manawa. Boom! Hiki i nā ʻoihana ʻoihana ke hāʻule koke mai ka nui o ka ʻikepili, a koi ka hoʻouka ʻana i ka bandwidth e hiki ai i kahi kelepona hou ke hāʻawi. A he mau hoouka kaua ʻoiai ma GitHub.
E ʻike inā aia kekahi mau kikowaena ma Ukraine.
masscan -pU 53 -iL ukraine.ips -oG ukraine.53.scan && cat ukraine.53.scan | wc -lʻO ka hana mua, ʻo ia ka ʻimi ʻana i nā mea i wehe i ke awa 53. ʻO ka hopena, loaʻa iā mākou kahi papa inoa o 58 IP address, akā ʻaʻole kēia manaʻo e hiki ke hoʻohana ʻia lākou a pau no kahi hoʻouka kaua DDoS. Pono e hoʻokō ʻia ka lua o nā koi, ʻo ia hoʻi he mea hoʻonā wehe.
No ka hana ʻana i kēia, hiki iā mākou ke hoʻohana i kahi kauoha ʻeli maʻalahi a ʻike hiki iā mākou ke "eli" eli + short test.openresolver.com TXT @ip.of.dns.server. Inā pane ke kikowaena me ka wehe ʻana i ka mea hoʻonā, a laila hiki ke noʻonoʻo ʻia he mea hiki ke hoʻouka ʻia. Loaʻa i nā mea hoʻonā wehe ma kahi o 25%, i hoʻohālikelike ʻia me Austria. Ma keʻano o ka helu helu, aia kēia ma kahi o 0,02% o nā IP Ukrainian a pau.
He aha hou kāu e ʻike ai ma Ukraine?
Hauʻoli ʻoe i nīnau mai. ʻOi aku ka maʻalahi (a ʻo ka mea hoihoi loa iaʻu iho) e nānā i ka IP me ka puka wehe 80 a me ka mea e holo nei ma luna.
kikowaena pūnaewele
260 Ukrainian IPs pane i ke awa 849 (http). 80 pane maikaʻi (125 kūlana) i kahi noi GET maʻalahi i hiki i kāu polokalamu kele pūnaewele ke hoʻouna. ʻO ke koena i hana i hoʻokahi a i ʻole kekahi hewa. He mea hoihoi ia i ka 444 mau kikowaena i hoʻopuka i kahi kūlana o 200, a ʻo nā kūlana larest he 853 (noi no ka mana koho) a me ka 500 maʻamau ʻole (IP ʻaʻole i ka "papa inoa keʻokeʻo") no hoʻokahi pane.
Manaʻo loa ʻo Apache - 114 mau kikowaena hoʻohana ia. ʻO ka mana kahiko loa i loaʻa iaʻu ma Ukraine ʻo 544, hoʻokuʻu ʻia ma ʻOkakopa 1.3.29, 29 (!!!). Aia ʻo nginx ma kahi lua me nā kikowaena 2003.
Hoʻohana nā kikowaena 11 iā WinCE, i hoʻokuʻu ʻia ma 1996, a ua hoʻopau lākou i ka paʻi ʻana iā ia ma 2013 (he 4 wale nō o kēia ma Austria).
Hoʻohana ka protocol HTTP/2 i nā kikowaena 5, HTTP/144 - 1.1, HTTP/256 - 836.
Nā mea paʻi ... no ka mea ... no ke aha?
2 HP, 5 Epson a me 4 Canon, hiki ke loaʻa mai ka pūnaewele, ʻo kekahi o lākou me ka ʻole o ka ʻae.
webcams
ʻAʻole ia he nūhou ma Ukraine he LOT o nā webcams e hoʻolaha ana iā lākou iho i ka Pūnaewele, i hōʻiliʻili ʻia ma nā kumuwaiwai like ʻole. ʻO ka liʻiliʻi loa he 75 mau kāmela i hoʻolaha iā lākou iho i ka Pūnaewele me ka ʻole o ka pale. Hiki iā ʻoe ke nānā iā lākou .
He aha ka mea e hiki mai ana?
He ʻāina liʻiliʻi ʻo Ukraine, e like me Austria, akā loaʻa nā pilikia like me nā ʻāina nui i ka ʻāpana IT. Pono mākou e hoʻomohala i kahi ʻike maikaʻi aʻe i ka mea palekana a me ka mea pōʻino, a pono e hāʻawi nā mea hana mea hana i nā hoʻonohonoho mua palekana no kā lākou mea hana.
Eia hou, ohi au i na hui hoapili (), hiki iā ia ke kōkua iā ʻoe e hōʻoia i ka pono o kāu ʻōnaehana IT ponoʻī. ʻO ka hana aʻe aʻu e hoʻolālā ai e nānā i ka palekana o nā pūnaewele Ukrainian. Mai hoʻololi!
Source: www.habr.com