Ọ bụghị ihe nzuzo na ịntanetị bụ ebe na-adịghị mma. Ozugbo i buliri ihe nkesa, a na-etinye ya ozugbo na nnukwu mwakpo yana nyocha ọtụtụ. Ọmụmaatụ
Tarpit bụ ọdụ ụgbọ mmiri a na-eji ebelata njikọ mbata. Ọ bụrụ na sistemụ ndị ọzọ jikọọ na ọdụ ụgbọ mmiri a, ị gaghị enwe ike imechi njikọ ngwa ngwa. Ọ ga-emefusị akụrụngwa sistemụ ya wee chere ruo mgbe njikọ ahụ kwụsịrị, ma ọ bụ jiri aka kwụsị ya.
Ọtụtụ mgbe, a na-eji tarpits maka nchekwa. Ebu ụzọ mepụta usoro a iji chebe ikpuru kọmputa. Ma ugbu a enwere ike iji ya mebie ndụ ndị spammers na ndị nyocha na-etinye aka na nyocha sara mbara nke adreesị IP niile n'usoro (atụ na Habré:
Otu n'ime ndị na-ahụ maka sistemụ ahụ aha ya bụ Chris Wellons ka ike gwụrụ ilele ihere a - wee dee obere mmemme.
Nwụnye nke akụrụngwa:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Tarpit etinyere nke ọma ga-enweta ọtụtụ akụrụngwa n'aka onye mwakpo karịa n'aka gị. Ma ọ bụghị ọbụna okwu gbasara akụrụngwa. Odee
Na ọnọdụ arụ ọrụ, ekwesịrị itinye ihe nkesa na-adịghị agwụ agwụ na ọdụ ụgbọ mmiri 22 na-emebu, ebe hooligans na-akụ aka n'ọtụtụ. Ndụmọdụ nchekwa ọkọlọtọ na-adụ ọdụ mgbe niile ịkwaga SSH n'ọdụ ụgbọ mmiri dị iche, nke na-ebelata nha ndekọ ozugbo site n'usoro ịdị ukwuu.
Chris Wellons kwuru na mmemme ya na-eji otu paragraf nke nkọwapụta SSH-
.
Nke a bụ kpọmkwem ihe mmemme Endlessh na-eme: ya na-eziga enweghi ngwụcha iyi nke data ewepụtara enweghị usoro, nke kwekọrọ na RFC 4253, ya bụ, zipu tupu nyocha, na ahịrị ọ bụla na-amalite na SSH-
ma ọ gafere mkpụrụedemede 255, gụnyere akara agwụcha. N'ozuzu, ihe niile dị ka ọkọlọtọ.
Site na ndabara, mmemme na-echere 10 sekọnd n'etiti izipu ngwugwu. Nke a na-egbochi onye ahịa ka ọ ghara igbu oge, ya mere onye ahịa ahụ ga-ejide ya ruo mgbe ebighị ebi.
Ebe ọ bụ na ezipụ data ahụ tupu etinyere cryptography, mmemme ahụ dị oke mfe. Ọ dịghị mkpa ka emejuputa ciphers ọ bụla ma na-akwado ọtụtụ protocol.
Onye edemede ahụ gbalịrị ịhụ na ọrụ ahụ na-eri obere ihe onwunwe ma na-arụ ọrụ kpamkpam na-ahụghị na igwe. N'adịghị ka antiviruses ọgbara ọhụrụ na "sistemụ nchekwa" ndị ọzọ, ọ gaghị eme ka kọmputa gị daa. O jisiri ike belata ma okporo ụzọ na oriri ebe nchekwa n'ihi mmejuputa ngwanrọ aghụghọ karịa. Ọ bụrụ na ọ malitere usoro dị iche na njikọ ọhụrụ, mgbe ahụ ndị nwere ike ịwakpo nwere ike ịmalite ọgụ DDoS site na imepe ọtụtụ njikọ iji kpochapụ akụrụngwa na igwe. Otu eriri n'otu njikọ abụghịkwa nhọrọ kacha mma, n'ihi na kernel ga-emebi akụrụngwa ijikwa eriri.
Ọ bụ ya mere Chris Wellons ji họrọ nhọrọ kacha fechaa maka Endless: ihe nkesa nwere otu eriri poll(2)
, ebe ndị ahịa nọ na ọnyà ahụ na-eri ihe fọrọ nke nta ka ọ bụrụ akụrụngwa ọ bụla, na-agụghị ihe oghere dị na kernel yana 78 bytes ọzọ maka nsuso na Endlessh. Iji zere ịnwe ikenye ịnata na izipu ndị ahịa ọ bụla, Endlessh na-emepe oghere ohere ozugbo wee tụgharịa ngwugwu TCP ozugbo, na-agafe ihe fọrọ nke nta ka ọ bụrụ sistemụ arụmọrụ TCP/IP niile. Ihe nchekwa na-abata adịghị mkpa ma ọlị, n'ihi na anyị enweghị mmasị na data na-abata.
Onye edemede ahụ kwuru na n'oge mmemme ya
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
Asyncio dị mma maka ide tarpits. Dịka ọmụmaatụ, nko a ga-ahapụ Firefox, Chrome, ma ọ bụ onye ahịa ọ bụla na-agbalị ijikọ na sava HTTP gị ruo ọtụtụ awa:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
Tarpit bụ ngwá ọrụ dị ukwuu maka ịta ndị na-emegbu mmadụ n'ịntanetị ahụhụ. N'ezie, enwere ụfọdụ ihe ize ndụ, n'ụzọ megidere nke ahụ, nke ịdọrọ uche ha gaa na omume na-adịghị ahụkebe nke otu ihe nkesa. Onye
Ebe:
Eke Ọgba, Nchekwa Ozi, Software, Njikwa Sistemu
Tags:
SSH, adịghị agwụ agwụ, tarpit, tarpit, ọnyà, asycio
Ọnyà (tarpit) maka njikọ SSH na-abata
Ọ bụghị ihe nzuzo na ịntanetị bụ ebe na-adịghị mma. Ozugbo i buliri ihe nkesa, a na-etinye ya ozugbo na nnukwu mwakpo yana nyocha ọtụtụ. Ọmụmaatụ
Tarpit bụ ọdụ ụgbọ mmiri a na-eji ebelata njikọ mbata. Ọ bụrụ na sistemụ ndị ọzọ jikọọ na ọdụ ụgbọ mmiri a, ị gaghị enwe ike imechi njikọ ngwa ngwa. Ọ ga-emefusị akụrụngwa sistemụ ya wee chere ruo mgbe njikọ ahụ kwụsịrị, ma ọ bụ jiri aka kwụsị ya.
Ọtụtụ mgbe, a na-eji tarpits maka nchekwa. Ebu ụzọ mepụta usoro a iji chebe ikpuru kọmputa. Ma ugbu a enwere ike iji ya mebie ndụ ndị spammers na ndị nyocha na-etinye aka na nyocha sara mbara nke adreesị IP niile n'usoro (atụ na Habré:
Otu n'ime ndị na-ahụ maka sistemụ ahụ aha ya bụ Chris Wellons ka ike gwụrụ ilele ihere a - wee dee obere mmemme.
Nwụnye nke akụrụngwa:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Tarpit etinyere nke ọma ga-enweta ọtụtụ akụrụngwa n'aka onye mwakpo karịa n'aka gị. Ma ọ bụghị ọbụna okwu gbasara akụrụngwa. Odee
Na ọnọdụ arụ ọrụ, ekwesịrị itinye ihe nkesa na-adịghị agwụ agwụ na ọdụ ụgbọ mmiri 22 na-emebu, ebe hooligans na-akụ aka n'ọtụtụ. Ndụmọdụ nchekwa ọkọlọtọ na-adụ ọdụ mgbe niile ịkwaga SSH n'ọdụ ụgbọ mmiri dị iche, nke na-ebelata nha ndekọ ozugbo site n'usoro ịdị ukwuu.
Chris Wellons kwuru na mmemme ya na-eji otu paragraf nke nkọwapụta SSH-
.
Nke a bụ kpọmkwem ihe mmemme Endlessh na-eme: ya na-eziga enweghi ngwụcha iyi nke data ewepụtara enweghị usoro, nke kwekọrọ na RFC 4253, ya bụ, zipu tupu nyocha, na ahịrị ọ bụla na-amalite na SSH-
ma ọ gafere mkpụrụedemede 255, gụnyere akara agwụcha. N'ozuzu, ihe niile dị ka ọkọlọtọ.
Site na ndabara, mmemme na-echere 10 sekọnd n'etiti izipu ngwugwu. Nke a na-egbochi onye ahịa ka ọ ghara igbu oge, ya mere onye ahịa ahụ ga-ejide ya ruo mgbe ebighị ebi.
Ebe ọ bụ na ezipụ data ahụ tupu etinyere cryptography, mmemme ahụ dị oke mfe. Ọ dịghị mkpa ka emejuputa ciphers ọ bụla ma na-akwado ọtụtụ protocol.
Onye edemede ahụ gbalịrị ịhụ na ọrụ ahụ na-eri obere ihe onwunwe ma na-arụ ọrụ kpamkpam na-ahụghị na igwe. N'adịghị ka antiviruses ọgbara ọhụrụ na "sistemụ nchekwa" ndị ọzọ, ọ gaghị eme ka kọmputa gị daa. O jisiri ike belata ma okporo ụzọ na oriri ebe nchekwa n'ihi mmejuputa ngwanrọ aghụghọ karịa. Ọ bụrụ na ọ malitere usoro dị iche na njikọ ọhụrụ, mgbe ahụ ndị nwere ike ịwakpo nwere ike ịmalite ọgụ DDoS site na imepe ọtụtụ njikọ iji kpochapụ akụrụngwa na igwe. Otu eriri n'otu njikọ abụghịkwa nhọrọ kacha mma, n'ihi na kernel ga-emebi akụrụngwa ijikwa eriri.
Ọ bụ ya mere Chris Wellons ji họrọ nhọrọ kacha fechaa maka Endless: ihe nkesa nwere otu eriri poll(2)
, ebe ndị ahịa nọ na ọnyà ahụ na-eri ihe fọrọ nke nta ka ọ bụrụ akụrụngwa ọ bụla, na-agụghị ihe oghere dị na kernel yana 78 bytes ọzọ maka nsuso na Endlessh. Iji zere ịnwe ikenye ịnata na izipu ndị ahịa ọ bụla, Endlessh na-emepe oghere ohere ozugbo wee tụgharịa ngwugwu TCP ozugbo, na-agafe ihe fọrọ nke nta ka ọ bụrụ sistemụ arụmọrụ TCP/IP niile. Ihe nchekwa na-abata adịghị mkpa ma ọlị, n'ihi na anyị enweghị mmasị na data na-abata.
Onye edemede ahụ kwuru na n'oge mmemme ya
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
Asyncio dị mma maka ide tarpits. Dịka ọmụmaatụ, nko a ga-ahapụ Firefox, Chrome, ma ọ bụ onye ahịa ọ bụla na-agbalị ijikọ na sava HTTP gị ruo ọtụtụ awa:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
Tarpit bụ ngwá ọrụ dị ukwuu maka ịta ndị na-emegbu mmadụ n'ịntanetị ahụhụ. N'ezie, enwere ụfọdụ ihe ize ndụ, n'ụzọ megidere nke ahụ, nke ịdọrọ uche ha gaa na omume na-adịghị ahụkebe nke otu ihe nkesa. Onye
isi: www.habr.com