Hoʻolālā o ka leakage ʻikepili ma o Web Proxy Auto-Discovery (WPAD) ma muli o ka hui ʻana o ka inoa (ma kēia hihia, kahi hui ʻana o kahi kikowaena kūloko me ka inoa o kekahi o nā gTLD hou, akā ʻo ke ʻano like). Puna: , 2016
ʻO Mike O'Connor, kekahi o nā mea hoʻopukapuka kahiko loa ma nā inoa inoa, ʻo ka ʻāpana weliweli a hoʻopaʻapaʻa i kāna hōʻiliʻili: domain corp.com no $1,7 miliona. I ka makahiki 1994, ua kūʻai ʻo O'Connor i nā inoa kikowaena maʻalahi, e like me grill.com, place.com, pub.com a me nā mea ʻē aʻe. Ma waena o lākou ʻo corp.com, a Mike i mālama ai no 26 mau makahiki. He 70 mau makahiki ka mea hoʻopukapuka kālā a ua hoʻoholo e hoʻolilo i kāna mau hoʻopukapuka kahiko.
ʻO ka pilikia, hiki i ka corp.com ke pōʻino no ka liʻiliʻi o 375 mau kamepiula hui ma muli o ka hoʻonohonoho pono ʻole ʻana o Active Directory i ka wā o ke kūkulu ʻana i nā intranets hui i nā makahiki 000 ma muli o Windows Server 2000, i ka wā i kuhikuhi ʻia ai ke kumu kūloko ʻo "corp .” A hiki i ka hoʻomaka ʻana o ka makahiki 2010, ʻaʻole ia he pilikia, akā me ka piʻi ʻana o nā kamepiula i nā ʻoihana ʻoihana, ua hoʻomaka ka nui o nā limahana e hoʻoneʻe i kā lākou kamepiula hana ma waho o ka pūnaewele hui. ʻO nā hiʻohiʻona o ka Active Directory e alakaʻi i ka ʻoiaʻiʻo ʻoiai me ka ʻole o kahi noi mea hoʻohana pololei iā //corp, he nui o nā noi (e like me ka leka uila) kikeke i kahi helu kamaʻāina iā lākou iho. Akā i ka hihia o kahi pili waho i ka pūnaewele i loko o kahi cafe maʻamau a puni ke kihi, alakaʻi kēia i kahi kahawai o ka ʻikepili a me nā noi e ninini ʻia ma luna. corp.com.
I kēia manawa ke manaʻolana nei ʻo O'Connor e kūʻai ʻo Microsoft ponoʻī i ka domain a, ma nā kuʻuna maikaʻi loa o Google, e pohō iā ia ma kahi pōʻeleʻele a hiki ʻole i nā poʻe ʻē aʻe, e hoʻopau ʻia ka pilikia me kahi nāwaliwali o nā pūnaewele Windows.
Active Directory a me ka hui ʻana o ka inoa
Hoʻohana nā ʻoihana hui e holo ana i Windows i ka lawelawe papa kuhikuhi Active Directory. Hāʻawi ia i nā luna hoʻomalu e hoʻohana i nā kulekele hui e hōʻoia i ka hoʻonohonoho like ʻana o ke kaiapuni hana o ka mea hoʻohana, e kau i nā polokalamu ma nā kamepiula lehulehu ma o nā kulekele hui, hana i ka ʻae, etc.
Hoʻohui ʻia ka Active Directory me DNS a holo ma luna o TCP/IP. No ka ʻimi ʻana i nā pūʻali i loko o ka pūnaewele, ka protocol Web Proxy Auto-Discovery (WAPD) a me ka hana (i kūkulu ʻia i loko o ka Windows DNS Client). He mea maʻalahi kēia hiʻohiʻona i ka loaʻa ʻana o nā kamepiula ʻē aʻe a i ʻole nā kauka me ka ʻole e hāʻawi i kahi inoa kikowaena kūpono piha.
No ka laʻana, inā hana kahi hui i kahi pūnaewele kūloko i kapa ʻia internalnetwork.example.com, a makemake ka limahana e komo i kahi kaʻa like i kapa ʻia drive1, ʻaʻole pono e komo drive1.internalnetwork.example.com ma Explorer, e kikokiko wale i ka \drive1 - a na ka mea kūʻai Windows DNS e hoʻopau i ka inoa ponoʻī.
Ma nā mana mua o Active Directory—no ka laʻana, Windows 2000 Server—ʻo ka mea paʻamau no ka pae ʻoihana pae ʻelua. corp. A nui nā ʻoihana i mālama i ka paʻamau no kā lākou kikowaena kūloko. ʻOi aku ka maikaʻi, ua hoʻomaka ka nui e kūkulu i nā pūnaewele nui ma luna o kēia hoʻonohonoho hemahema.
I nā lā o nā lolouila papapihi, ʻaʻole kēia he pilikia palekana no ka mea ʻaʻohe mea i lawe i kēia mau kamepiula ma waho o ka pūnaewele hui. Akā he aha ka mea e hana ai kahi limahana i kahi hui me kahi ala pūnaewele corp ma Active Directory e lawe i kahi kamepiula hui a hele i ka Starbucks kūloko? A laila e hoʻokō ʻia ka protocol Web Proxy Auto-Discovery (WPAD) a me ka hana hoʻololi inoa DNS.
Loaʻa ka manaʻo nui e hoʻomau kekahi mau lawelawe ma ka kamepiula i ke kīkēkē ma ka pūnaewele kūloko corp, ʻaʻole naʻe e loaʻa, a e hoʻoholo ʻia nā noi i ka pūnaewele corp.com mai ka pūnaewele wehe.
I ka hoʻomaʻamaʻa, ʻo ia ka mea hiki i ka mea nona ka corp.com ke hoʻopaʻa paʻa i nā noi pilikino mai nā haneli haneli o nā kamepiula i haʻalele ʻole i ka ʻoihana hui me ka hoʻohana ʻana i ka inoa. corp no kāu kikowaena ma Active Directory.
Leakage o nā noi WPAD i ka holo ʻana o ʻAmelika. Mai kahi haʻawina 2016 University of Michigan,
No ke aha i kūʻai ʻole ʻia ai ka domain?
Ma 2014, ua paʻi ʻia nā loea ICANN nā hui inoa ma DNS. Ua hoʻolako kālā ʻia ke aʻo ʻana e ka US Department of Homeland Security no ka mea ʻaʻole hoʻoweliweli ka ʻike mai nā ʻoihana kūloko i nā ʻoihana kalepa wale nō, akā ʻo nā hui aupuni pū kekahi, me ka Secret Service, nā keʻena naʻauao a me nā lālā koa.
Ua makemake ʻo Mike e kūʻai aku i corp.com i ka makahiki i hala, akā ua hoʻohuli ʻo Jeff Schmidt i ka mea noiʻi e hoʻopaneʻe i ke kūʻai ʻana ma muli o ka hōʻike i haʻi ʻia aʻe nei. Ua ʻike pū ʻia ka noiʻi ʻana he 375 kamepiula e hoʻāʻo e hoʻopili iā corp.com i kēlā me kēia lā me ka ʻike ʻole o ka poʻe nona. Loaʻa i nā noi nā hoʻāʻo e komo i loko o nā intranets hui, komo i nā pūnaewele a i ʻole nā ʻāpana faila.
Ma ke ʻano he ʻāpana o kāna hoʻokolohua ponoʻī, ua hoʻohālikelike ʻo Schmidt, me JAS Global, ma corp.com i ke ʻano o ka hana ʻana o Windows LAN i nā faila a me nā noi. Ma ka hana ʻana i kēia, ʻoiaʻiʻo, ua wehe lākou i kahi puka i Gehena no kekahi loea palekana ʻike:
He mea weliweli. Ua ho'ōki mākou i ka hoʻokolohua ma hope o 15 mau minuke a luku mākou i ka ʻikepili i loaʻa. Ua ʻike ʻia kahi mea hoʻāʻo kaulana i aʻo iā JAS e pili ana i kēia pilikia e like me ka "ua o ka ʻike huna" a ʻaʻole ʻo ia i ʻike i kekahi mea like.
[Hoʻonohonoho mākou i ka hoʻokipa leka ma corp.com] a ma hope o hoʻokahi hola ua loaʻa iā mākou ma luna o 12 miliona mau leka uila, a laila hoʻōki mākou i ka hoʻokolohua. ʻOiai ua maʻalahi ka hapa nui o nā leka uila, ua ʻike mākou he [security] koʻikoʻi kekahi a no laila ua luku mākou i ka ʻikepili holoʻokoʻa me ka ʻole o ka nānā ʻana.
Manaʻo ʻo Schmidt e hoʻomākaukau ana nā luna hoʻomalu a puni ka honua i ka botnet pōʻino loa i ka mōʻaukala no nā makahiki he mau makahiki. Ua mākaukau nā haneli haneli o nā kamepiula hana piha a puni ka honua e lilo i ʻāpana o ka botnet, akā e hāʻawi pū i ka ʻikepili huna e pili ana i kā lākou mau mea nona a me nā hui. ʻO nā mea a pau āu e hana ai no ka hoʻohana ʻana iā ia ʻo control corp.com. I kēia hihia, ʻo kēlā me kēia mīkini i hoʻopili ʻia i ka ʻoihana hui, nona ka Active Directory i hoʻonohonoho ʻia ma o //corp, lilo i ʻāpana o ka botnet.
Ua haʻalele ʻo Microsoft i ka pilikia 25 mau makahiki i hala
Inā manaʻo ʻoe ʻaʻole maopopo ʻo MS i ka bacchanalia e hoʻomau nei a puni corp.com, a laila ua kuhihewa ʻoe. ʻO kēia ka ʻaoʻao i kau ai nā mea hoʻohana o ka mana beta o FrontPage '97, me corp.com i helu ʻia ma ke ʻano he URL paʻamau:
I ka luhi ʻana o Mike i kēia, ua hoʻomaka ʻo corp.com e hoʻohuli i nā mea hoʻohana i ka pūnaewele hale kūʻai wahine. I ka pane ʻana, ua loaʻa iā ia nā kaukani o nā leka huhū mai nā mea hoʻohana, a ua hoʻihoʻi ʻo ia ma ke kope iā Bill Gates.
Ma ke ala, ua hoʻonohonoho ʻo Mike iā ia iho i kahi kikowaena leka uila a loaʻa iā ia nā leka huna ma corp.com. Ua ho'āʻo ʻo ia e hoʻoponopono iā ia iho i kēia mau pilikia ma ke kelepona ʻana i nā hui, akā ʻaʻole lākou i ʻike pehea e hoʻoponopono ai i ke kūlana:
I ka manawa koke, hoʻomaka wau e loaʻa nā leka uila huna, me nā mana mua o nā hōʻike kālā ʻoihana i ka US Securities and Exchange Commission, nā hōʻike waiwai kanaka a me nā mea weliweli ʻē aʻe. Ua ho'āʻo wau e launa pū me nā hui no kekahi manawa, akā ʻaʻole ʻike ka hapa nui o lākou i ka mea e hana ai me ia. No laila ua hoʻopau wau ia [ke kikowaena leka uila].
ʻAʻole i hana ʻo MS i kahi hana ikaika, a hōʻole ka hui e haʻi i ke kūlana. ʻAe, ua hoʻokuʻu ʻo Microsoft i nā mea hou Active Directory i nā makahiki i hoʻoponopono ʻia i ka pilikia o ka hui ʻana o ka inoa domain, akā he nui nā pilikia. Ua hana pū ka hui ino ma ka hoʻonohonoho ʻana i nā inoa kikowaena kūloko, nā ʻōlelo aʻoaʻo e pili ana i ka loaʻa ʻana o kahi kikowaena pae ʻelua e pale aku i nā paio, a me nā kumu aʻo ʻē aʻe i heluhelu ʻole ʻia.
Akā ʻo ka mea nui loa aia i nā mea hou. ʻO ka mea mua: no ka hoʻopili ʻana iā lākou, pono ʻoe e waiho i lalo i ka intranet o ka hui. ʻO ka lua: ma hope o ia mau mea hou, hiki i kekahi mau noi ke hoʻomaka e hana lohi, hewa, a i ʻole e pau ka hana. ʻIke ʻia ʻo ka hapa nui o nā ʻoihana me kahi ʻoihana ʻoihana i kūkulu ʻia ʻaʻole e lawe i kēlā mau pilikia i ka wā pōkole. Eia kekahi, ʻaʻole ʻike ka hapa nui o lākou i ka nui o ka hoʻoweliweli i piha i ka hoʻohuli ʻana o nā mea āpau i corp.com i ka wā e lawe ʻia ai ka mīkini ma waho o ka pūnaewele kūloko.
Loaʻa ka irony kiʻekiʻe ke nānā ʻoe . No laila, e like me kāna ʻikepili, ʻO kekahi mau noi i corp.com e hele mai ana mai ka pūnaewele pūnaewele ponoʻī o Microsoft.
A he aha ka hope?
Me he mea lā aia ka hopena o kēia kūlana ma luna o ka ʻili a ua wehewehe ʻia ma ka hoʻomaka ʻana o ka ʻatikala: e kūʻai ʻo Microsoft i kā Mike's domain mai iā ia a pāpā iā ia ma kahi o kahi keʻena mamao a mau loa.
Akā ʻaʻole ia maʻalahi. Ua hāʻawi aku ʻo Microsoft iā O'Connor e kūʻai aku i kāna kikowaena ʻona no nā ʻoihana a puni ka honua i nā makahiki i hala. ʻO ia wale nō Hāʻawi ka pilikua i $20 tausani wale nō no ka pani ʻana i kēlā lua i kāna mau pūnaewele ponoʻī.
I kēia manawa ua hāʻawi ʻia ke kikowaena no $ 1,7 miliona. A inā hoʻoholo ʻo Microsoft e kūʻai iā ia i ka manawa hope loa, e loaʻa iā lākou ka manawa?
Hiki i nā mea hoʻohana i hoʻopaʻa inoa ʻia ke komo i ka noiʻi. , e 'oluʻolu.
He aha kāu e hana ai inā ʻo ʻoe ʻo O'Connor?
-
59,6%E kūʻai ʻo Microsoft i ka waihona no $1,7 miliona, a i ʻole e kūʻai mai kekahi.501
-
3,4%E kūʻai aku au iā ia no $20 tausani, ʻaʻole au makemake e hele i lalo i ka mōʻaukala ʻo ia ka mea nāna i hoʻokuʻu i kahi kikowaena i kahi mea ʻike ʻole ʻia.29
-
3,3%E kanu au ia'u iho no ka wa pau ole ina aole hiki ia Microsoft ke hana i ka olelo hooholo pololei.28
-
21,2%E kūʻai pono aku au i ka domain i nā hackers ma ke ʻano e hoʻopau lākou i ka inoa o Microsoft i ka ʻoihana hui. Ua ʻike lākou i ka pilikia mai ka makahiki 1997!178
-
12,4%E hoʻonohonoho wau i kahi kikowaena botnet + mail a hoʻomaka wau e hoʻoholo i ka hopena o ka honua.104
840 mea hoʻohana i koho. 131 mea hoʻohana i hōʻole.
Source: www.habr.com