Si chinsinsi kuti intaneti ndi malo ovuta kwambiri. Mukangokweza seva, nthawi yomweyo imakumana ndi ziwopsezo zazikulu komanso ma scan angapo. Mwachitsanzo
Tarpit ndi doko la msampha lomwe limagwiritsidwa ntchito kuchepetsa kulumikizana komwe kukubwera. Ngati dongosolo la chipani chachitatu likugwirizanitsa ndi doko ili, simungathe kutseka mwamsanga. Ayenera kuwononga zida zake zamakina ndikudikirira mpaka nthawi yolumikizira itatha, kapena kuyimitsa pamanja.
Nthawi zambiri, tarpits imagwiritsidwa ntchito poteteza. Njirayi idapangidwa koyamba kuti iteteze ku nyongolotsi zamakompyuta. Ndipo tsopano itha kugwiritsidwa ntchito kuwononga miyoyo ya osuta ndi ofufuza omwe akuyang'ana kwambiri ma adilesi onse a IP motsatana (zitsanzo za Habre:
M'modzi mwa oyang'anira makinawa dzina lake Chris Wellons mwachiwonekere adatopa ndikuwona zamanyazi izi - ndipo adalemba pulogalamu yaying'ono.
Kuyika kwa zothandiza:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Tarpit yoyendetsedwa bwino itenga zinthu zambiri kuchokera kwa wowukira kuposa kwa inu. Koma si nkhani ya chuma. Wolemba
Pogwira ntchito, seva ya Endlessh iyenera kukhazikitsidwa pa doko 22 wamba, pomwe zigawenga zimagogoda mochuluka. Malingaliro achitetezo okhazikika nthawi zonse amalangiza kusuntha SSH kupita ku doko lina, komwe kumachepetsa kukula kwa zipika ndi dongosolo la kukula kwake.
Chris Wellons akuti pulogalamu yake imagwiritsa ntchito ndime imodzi yatsatanetsatane SSH-
.
Izi ndi zomwe pulogalamu ya Endlessh imachita: izo kutumiza osatha mtsinje wa deta yopangidwa mwachisawawa, zomwe zimagwirizana ndi RFC 4253, ndiko kuti, kutumiza musanatsimikizidwe, ndipo mzere uliwonse umayamba ndi SSH-
ndipo sichidutsa zilembo 255, kuphatikiza zilembo zomaliza. Nthawi zambiri, zonse zimayenderana ndi muyezo.
Mwachikhazikitso, pulogalamuyi imadikirira masekondi 10 pakati pa kutumiza mapaketi. Izi zimalepheretsa kasitomala kuti asamachedwe, kotero kuti kasitomala atsekeredwa kosatha.
Popeza deta imatumizidwa cryptography isanagwiritsidwe, pulogalamuyi ndi yosavuta kwambiri. Sichifunikira kukhazikitsa ma ciphers aliwonse ndikuthandizira ma protocol angapo.
Wolembayo adayesetsa kuwonetsetsa kuti ntchitoyo imagwiritsa ntchito zinthu zochepa ndipo imagwira ntchito mosazindikira pamakina. Mosiyana ndi ma antivayirasi amakono ndi "makina achitetezo," sayenera kuchedwetsa kompyuta yanu. Anatha kuchepetsa kugwiritsidwa ntchito kwa magalimoto ndi kukumbukira chifukwa chogwiritsa ntchito mwanzeru kwambiri mapulogalamu. Ngati idangoyambitsa njira yosiyana pakulumikiza kwatsopano, ndiye kuti omwe angawukire atha kuyambitsa kuwukira kwa DDoS potsegula maulumikizidwe angapo kuti awononge zida pamakina. Ulusi umodzi pa kulumikizana nawonso si njira yabwino kwambiri, chifukwa kernel idzawononga zinthu zowongolera ulusi.
Ichi ndichifukwa chake Chris Wellons adasankha njira yopepuka kwambiri ya Endlessh: seva yokhala ndi ulusi umodzi poll(2)
, kumene makasitomala mumsampha amadya pafupifupi palibe zowonjezera zowonjezera, osawerengera chinthu cha socket mu kernel ndi zina 78 bytes kuti azitsatira Endlesssh. Pofuna kupewa kugawa zolandirira ndi kutumiza ma buffers kwa kasitomala aliyense, Endlessh imatsegula socket yolowera mwachindunji ndikumasulira mapaketi a TCP mwachindunji, kudutsa pafupifupi makina onse opangira TCP/IP. Chosungira chomwe chikubwera sichikufunika nkomwe, chifukwa sitikhala ndi chidwi ndi zomwe zikubwera.
Wolembayo akunena kuti panthawi ya pulogalamu yake
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
Asyncio ndi yabwino kulemba tarpits. Mwachitsanzo, mbedza iyi idzaundana Firefox, Chrome, kapena kasitomala wina aliyense yemwe akuyesera kulumikiza ku seva yanu ya HTTP kwa maola ambiri:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
Tarpit ndi chida chabwino kwambiri cholanga anthu ovutitsa anzawo pa intaneti. Zowona, pali chiopsezo china, m'malo mwake, chokopa chidwi chawo ku khalidwe lachilendo la seva inayake. Winawake
Malo:
Python, Information Security, Software, System Administration
Tags:
SSH, Endlesssh, tarpit, tarpit, trap, asycio
Trap (tarpit) pamalumikizidwe obwera a SSH
Si chinsinsi kuti intaneti ndi malo ovuta kwambiri. Mukangokweza seva, nthawi yomweyo imakumana ndi ziwopsezo zazikulu komanso ma scan angapo. Mwachitsanzo
Tarpit ndi doko la msampha lomwe limagwiritsidwa ntchito kuchepetsa kulumikizana komwe kukubwera. Ngati dongosolo la chipani chachitatu likugwirizanitsa ndi doko ili, simungathe kutseka mwamsanga. Ayenera kuwononga zida zake zamakina ndikudikirira mpaka nthawi yolumikizira itatha, kapena kuyimitsa pamanja.
Nthawi zambiri, tarpits imagwiritsidwa ntchito poteteza. Njirayi idapangidwa koyamba kuti iteteze ku nyongolotsi zamakompyuta. Ndipo tsopano itha kugwiritsidwa ntchito kuwononga miyoyo ya osuta ndi ofufuza omwe akuyang'ana kwambiri ma adilesi onse a IP motsatana (zitsanzo za Habre:
M'modzi mwa oyang'anira makinawa dzina lake Chris Wellons mwachiwonekere adatopa ndikuwona zamanyazi izi - ndipo adalemba pulogalamu yaying'ono.
Kuyika kwa zothandiza:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Tarpit yoyendetsedwa bwino itenga zinthu zambiri kuchokera kwa wowukira kuposa kwa inu. Koma si nkhani ya chuma. Wolemba
Pogwira ntchito, seva ya Endlessh iyenera kukhazikitsidwa pa doko 22 wamba, pomwe zigawenga zimagogoda mochuluka. Malingaliro achitetezo okhazikika nthawi zonse amalangiza kusuntha SSH kupita ku doko lina, komwe kumachepetsa kukula kwa zipika ndi dongosolo la kukula kwake.
Chris Wellons akuti pulogalamu yake imagwiritsa ntchito ndime imodzi yatsatanetsatane SSH-
.
Izi ndi zomwe pulogalamu ya Endlessh imachita: izo kutumiza osatha mtsinje wa deta yopangidwa mwachisawawa, zomwe zimagwirizana ndi RFC 4253, ndiko kuti, kutumiza musanatsimikizidwe, ndipo mzere uliwonse umayamba ndi SSH-
ndipo sichidutsa zilembo 255, kuphatikiza zilembo zomaliza. Nthawi zambiri, zonse zimayenderana ndi muyezo.
Mwachikhazikitso, pulogalamuyi imadikirira masekondi 10 pakati pa kutumiza mapaketi. Izi zimalepheretsa kasitomala kuti asamachedwe, kotero kuti kasitomala atsekeredwa kosatha.
Popeza deta imatumizidwa cryptography isanagwiritsidwe, pulogalamuyi ndi yosavuta kwambiri. Sichifunikira kukhazikitsa ma ciphers aliwonse ndikuthandizira ma protocol angapo.
Wolembayo adayesetsa kuwonetsetsa kuti ntchitoyo imagwiritsa ntchito zinthu zochepa ndipo imagwira ntchito mosazindikira pamakina. Mosiyana ndi ma antivayirasi amakono ndi "makina achitetezo," sayenera kuchedwetsa kompyuta yanu. Anatha kuchepetsa kugwiritsidwa ntchito kwa magalimoto ndi kukumbukira chifukwa chogwiritsa ntchito mwanzeru kwambiri mapulogalamu. Ngati idangoyambitsa njira yosiyana pakulumikiza kwatsopano, ndiye kuti omwe angawukire atha kuyambitsa kuwukira kwa DDoS potsegula maulumikizidwe angapo kuti awononge zida pamakina. Ulusi umodzi pa kulumikizana nawonso si njira yabwino kwambiri, chifukwa kernel idzawononga zinthu zowongolera ulusi.
Ichi ndichifukwa chake Chris Wellons adasankha njira yopepuka kwambiri ya Endlessh: seva yokhala ndi ulusi umodzi poll(2)
, kumene makasitomala mumsampha amadya pafupifupi palibe zowonjezera zowonjezera, osawerengera chinthu cha socket mu kernel ndi zina 78 bytes kuti azitsatira Endlesssh. Pofuna kupewa kugawa zolandirira ndi kutumiza ma buffers kwa kasitomala aliyense, Endlessh imatsegula socket yolowera mwachindunji ndikumasulira mapaketi a TCP mwachindunji, kudutsa pafupifupi makina onse opangira TCP/IP. Chosungira chomwe chikubwera sichikufunika nkomwe, chifukwa sitikhala ndi chidwi ndi zomwe zikubwera.
Wolembayo akunena kuti panthawi ya pulogalamu yake
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
Asyncio ndi yabwino kulemba tarpits. Mwachitsanzo, mbedza iyi idzaundana Firefox, Chrome, kapena kasitomala wina aliyense yemwe akuyesera kulumikiza ku seva yanu ya HTTP kwa maola ambiri:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
Tarpit ndi chida chabwino kwambiri cholanga anthu ovutitsa anzawo pa intaneti. Zowona, pali chiopsezo china, m'malo mwake, chokopa chidwi chawo ku khalidwe lachilendo la seva inayake. Winawake
Source: www.habr.com