Pofika chaka cha 2016, vDos idakhala ntchito yotchuka kwambiri padziko lonse lapansi pakuyitanitsa ziwonetsero za DDoS
Ngati mumakhulupirira ziphunzitso zachiwembu, ndiye kuti makampani a antivayirasi amagawira ma virus, ndipo ntchito zoteteza DDoS zimayambitsa izi. Inde, izi ndi zopeka ... kapena ayi?
Januware 16, 2020 Federal District Court ku New Jersey Tucker Preston, 22, wa ku Macon, Georgia, pa mlandu umodzi wowononga makompyuta otetezedwa potumiza pulogalamu, code kapena lamulo. Tucker ndi woyambitsa mnzake wa BackConnect Security LLC, yomwe idapereka chitetezo ku DDoS. Wabizinesi wachichepereyo sanathe kukana chiyeso chobwezera makasitomala ake osatha.
Nkhani yomvetsa chisoni ya Tucker Preston inayamba mu 2014, pamene wobera wachinyamatayo, pamodzi ndi bwenzi lake Marshal Webb, adayambitsa kampani ya BackConnect Security LLC, yomwe idachotsedwa ku BackConnect, Inc. Mu September 2016, kampani iyi pa opareshoni kutseka vDos utumiki, amene pa nthawi imeneyo ankaona kuti utumiki wotchuka kwambiri padziko lonse kuyitanitsa DDoS kuukira. Kampani ya BackConnect ndiye imati idawukiridwa kudzera pa vDos - ndikuchita "kumenyana" kwachilendo, ndikugwira ma adilesi a IP a adani 255 ndi. (Kubedwa kwa BGP). Kuchita chiwembu chotere pofuna kuteteza zofuna za munthu kwadzetsa mkangano mβgulu lachitetezo cha zidziwitso. Ambiri amamva kuti BackConnect yadutsa.
Kutsata kosavuta kwa BGP kumachitika polengeza mawu oyamba amunthu wina ngati anu. Uplinks / anzawo amavomereza, ndipo imayamba kufalikira pa intaneti. Mwachitsanzo, mu 2017, akuti chifukwa cha kulephera kwa mapulogalamu, Rostelecom (AS12389) Mastercard (AS26380), Visa ndi mabungwe ena azachuma. BackConnect idagwira ntchito chimodzimodzi pomwe idalanda ma adilesi a IP kuchokera ku Bulgarian hoster Verdina.net.
Mkulu wa BackConnect Bryant Townsend m'makalata a NANOG kwa ogwiritsa ntchito ma network. Iye ananena kuti chigamulo choukira malo a adiresi a adani sichinatengedwe mopepuka, koma ali okonzeka kuyankha chifukwa cha zochita zawo: βNgakhale tinali ndi mwayi wobisa zimene tachita, tinaona kuti nβkulakwa. Ndinakhala nthawi yambiri ndikuganiza za chisankhochi komanso momwe chingawononge kampaniyo ndi ine pamaso pa anthu ena, koma pamapeto pake ndinachichirikiza. "
M'mene zinakhalira, aka si nthawi yoyamba kuti BackConnect igwiritse ntchito BGP, ndipo kampaniyo nthawi zambiri imakhala ndi mbiri yakuda. Ngakhale ziyenera kuzindikirika kuti kutsekera kwa BGP sikugwiritsidwa ntchito nthawi zonse pazolinga zoyipa. Brian Krebs kuti iye mwini amagwiritsa ntchito ntchito za Prolexic Communications (tsopano ndi gawo la Akamai Technologies) pofuna kuteteza DDoS. Ndi iye amene adaganiza momwe angagwiritsire ntchito hijack ya BGP kuteteza ku DDoS.
Ngati wozunzidwa ndi DDoS alumikizana ndi Prolexic kuti amuthandize, womalizayo amasamutsa ma adilesi a IP a kasitomala kwa iyeyo, zomwe zimalola kuti azisanthula ndikusefa magalimoto omwe akubwera.
Popeza BackConnect idapereka chithandizo chachitetezo cha DDoS, kuwunika kunachitika kuti adziwe kuti ndi ziti mwazinthu za BGP zomwe zitha kuonedwa kuti ndizovomerezeka kwa makasitomala awo, ndi zomwe zimawoneka zokayikitsa. Izi zimaganizira nthawi ya kugwidwa kwa maadiresi a anthu ena, momwe chiwerengero choyambirira cha munthu wina chinalengezedwa ngati chawo, kaya pali mgwirizano wotsimikiziridwa ndi kasitomala, ndi zina zotero. Gome likuwonetsa kuti zina mwazochita za BackConnect zikuwoneka zokayikitsa kwambiri.
Zikuoneka kuti ena mwa ozunzidwawo adasumira kumbuyo BackConnect. MU Dzina la kampani yomwe khothi lidazindikira kuti ndi yomwe yachitiridwa nkhanza silinasonyezedwe. Wozunzidwayo akutchulidwa mu chikalatacho ngati Wozunzidwa 1.
Monga tafotokozera pamwambapa, kufufuza kwa ntchito za BackConnect kunayamba ntchito ya vDos itabedwa. Ndiye oyang'anira ntchito, komanso nkhokwe ya vDos, kuphatikiza ogwiritsa ntchito omwe adalembetsa ndi mbiri yamakasitomala omwe adalipira ma vDos pochita ziwonetsero za DDoS.
Zolemba izi zikuwonetsa kuti imodzi mwa maakaunti pa tsamba la vDos idatsegulidwa ku ma adilesi a imelo okhudzana ndi domain yomwe idalembetsedwa m'dzina la Tucker Preston. Akauntiyi idayambitsa kuwukira anthu ambiri omwe akufuna kutsata, kuphatikiza zida zambiri zamanetiweki ake (FSF).
Mu 2016, yemwe kale anali FSF sysadmin adanena kuti bungwe lopanda phindu linaganiza kuti likugwirizana ndi BackConnect, ndipo zigawengazo zinayamba nthawi yomweyo FSF inanena kuti idzayang'ana kampani ina yopereka chitetezo cha DDoS.
Malingana ndi U.S. Department of Justice, pa mlanduwu, Tucker Preston akukumana ndi zaka 10 m'ndende komanso chindapusa chofikira $250, zomwe ndi kuwirikiza kawiri phindu kapena kutayika kwathunthu pamlanduwo. Chigamulochi chidzalengezedwa pa Meyi 000, 7.
GlobalSign imapereka mayankho owopsa a PKI m'mabungwe amitundu yonse.
Zambiri: +7 (499) 678 2210, [imelo ndiotetezedwa].
Source: www.habr.com