Chaka chatha tidatulutsa Nemesida WAF Yaulere, gawo lamphamvu la NGINX lomwe limaletsa kuwukira pa intaneti. Mosiyana ndi mtundu wamalonda, womwe umatengera kuphunzira pamakina, mtundu waulere umasanthula zopempha pongogwiritsa ntchito siginecha.
Mawonekedwe a kutulutsidwa kwa Nemesida WAF 4.0.129
Asanatulutsidwe pano, gawo lamphamvu la Nemesida WAF limangothandizira Nginx Stable 1.12, 1.14 ndi 1.16 yokha. Kutulutsidwa kwatsopano kumawonjezera thandizo la Nginx Mainline, kuyambira 1.17, ndi Nginx Plus, kuyambira 1.15.10 (R18).
Chifukwa chiyani WAF ina?
NAXSI ndi mod_security mwina ndi ma modules otchuka kwambiri a WAF, ndipo mod_security imalimbikitsidwa ndi Nginx, ngakhale poyamba idagwiritsidwa ntchito mu Apache2 yokha. Mayankho onsewa ndi aulere, gwero lotseguka ndipo ali ndi ogwiritsa ntchito ambiri padziko lonse lapansi. Kwa mod_security, ma signature aulere komanso amalonda aulere amapezeka kwa $ 500 pachaka, kwa NAXSI pali ma signature aulere kunja kwa bokosi, ndipo mutha kupezanso malamulo owonjezera, monga doxsi.
Chaka chino tinayesa ntchito ya NAXSI ndi Nemesida WAF Free. Mwachidule za zotsatira:
- NAXSI simapanga ma URL awiri mu makeke
- NAXSI imatenga nthawi yayitali kwambiri kuti ikonze - mwachisawawa, zosintha zokhazikika zidzaletsa zopempha zambiri mukamagwira ntchito ndi intaneti (chilolezo, kusintha mbiri kapena zinthu, kuchita nawo kafukufuku, ndi zina zotero) ndipo ndikofunikira kupanga mindandanda yosiyana. , zomwe zimawononga chitetezo. Nemesida WAF Yaulere yokhala ndi zosintha zosasintha sanachite zabodza pomwe akugwira ntchito ndi tsambalo.
- kuchuluka kwa kuphonya kwa NAXSI ndikokwera kwambiri, ndi zina zambiri.
Ngakhale pali zolakwika, NAXSI ndi mod_security zili ndi zabwino ziwiri - gwero lotseguka ndi ogwiritsa ntchito ambiri. Timagwirizana ndi lingaliro lowulula gwero, koma sitingathe kuchita izi chifukwa cha zovuta zomwe zingatheke ndi "piracy" ya mtundu wamalonda, koma kuti tipereke malipiro chifukwa cha vutoli, tikuwulula zonse zomwe zili mu siginecha. Timayamikira zachinsinsi ndipo tikukulimbikitsani kuti mutsimikizire nokha pogwiritsa ntchito seva yoyimira.
Zina za Nemesida WAF Free:
- Nawonso siginecha yapamwamba kwambiri yokhala ndi nambala yochepa ya False Positive and False Negative.
- kukhazikitsa ndikusintha kuchokera kunkhokwe (ndikofulumira komanso kosavuta);
- zochitika zosavuta komanso zomveka zokhudzana ndi zochitika, osati "zosokoneza" monga NAXSI;
- mfulu kwathunthu, alibe zoletsa kuchuluka kwa magalimoto, makamu pafupifupi, etc.
Pomaliza, ndipereka mafunso angapo kuti ndiwone momwe WAF imagwirira ntchito (ndikofunikira kuigwiritsa ntchito m'magawo aliwonse: URL, ARGS, Headers & Body):
')) un","ion se","lect 1,2,3,4,5,6,7,8,9,0,11#"]
')) union/**/select/**/1,/**/2,/**/3,/**/4,/**/5,/**/6,/**/7,/**/8,/**/9,/**/'some_text',/**/11#"]
union(select(1),2,3,4,5,6,7,8,9,0x70656e746573746974,11)#"]
')) union+/*!select*/ (1),(2),(3),(4),(5),(6),(7),(8),(9),(0x70656e746573746974),(11)#"]
')) /*!u%6eion*/ /*!se%6cect*/ (1),(2),(3),(4),(5),(6),(7),(8),(9.),(0x70656e746573746974),(11)#"]
')) %2f**%2funion%2f**%2fselect (1),(2),(3),(4),(5),(6),(7),(8),(9),(0x70656e746573746974),(11)#"]
%5B%221807182982%27%29%29%20uni%22%2C%22on
%20sel%22%2C%22ect%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C%2some_text%27%2C11%23%22%5D
cat /et?/pa?swd
cat /et'c/pa'ss'wd
cat /et*/pa**wd
e'c'ho 'swd test pentest' |awk '{print "cat /etc/pas"$1}' |bas'h
cat /etc/passwd
cat$u+/etc$u/passwd$u
<svg/onload=alert()//
Ngati zopempha sizikutsekedwa, ndiye kuti WAF idzaphonya kuukira kwenikweni. Musanagwiritse ntchito zitsanzo, onetsetsani kuti WAF sikuletsa zopempha zovomerezeka.
Source: www.habr.com