Intaneti ikuwoneka ngati yolimba, yodziimira komanso yosawonongeka. Mwachidziwitso, maukonde ndi amphamvu mokwanira kuti apulumuke kuphulika kwa nyukiliya. Kwenikweni, intaneti imatha kugwetsa rauta imodzi yaying'ono. Zonse chifukwa intaneti ndi mulu wa zotsutsana, zofooka, zolakwika ndi makanema okhudza amphaka. Msana wa intaneti, BGP, uli ndi mavuto. N’zodabwitsa kuti akupumabe. Kuphatikiza pa zolakwika zomwe zili pa intaneti yokha, zimaswekanso ndi onse: opereka intaneti akuluakulu, mabungwe, mayiko ndi kuukira kwa DDoS. Zoyenera kuchita ndi momwe mungakhalire nazo?
Amadziwa yankho Alexey Uchakin () ndi mtsogoleri wa gulu la akatswiri opanga maukonde ku IQ Option. Ntchito yake yayikulu ndi kupezeka kwa nsanja kwa ogwiritsa ntchito. Muzolemba za lipoti la Alexey pa Tiyeni tikambirane za BGP, DDOS kuukira, zosintha Intaneti, zolakwa WOPEREKA, decentralization ndi milandu pamene rauta yaing'ono anatumiza Intaneti kugona. Pamapeto pake - malangizo angapo amomwe mungapulumukire zonsezi.
Tsiku Limene Intaneti Inasweka
Ndingotchulapo zochitika zingapo pomwe kulumikizana kwa intaneti kudasokonekera. Izi zidzakhala zokwanira pa chithunzi chonse.
Chithunzi cha AS7007. Nthawi yoyamba intaneti inasweka mu April 1997. Panali cholakwika mu pulogalamu ya router imodzi kuchokera ku autonomous system 7007. Panthawi ina, rauta adalengeza tebulo lake lamkati kwa oyandikana nawo ndikutumiza theka la intaneti mu dzenje lakuda.
"Pakistan motsutsana ndi YouTube". Mu 2008, anyamata olimba mtima ochokera ku Pakistan adaganiza zoletsa YouTube. Iwo anachita bwino kwambiri moti theka la dziko linatsala opanda amphaka.
"Kujambula kwa VISA, MasterCard ndi Symantec prefixes ndi Rostelecom". Mu 2017, Rostelecom molakwika adayamba kulengeza za VISA, MasterCard ndi Symantec prefixes. Zotsatira zake, magalimoto azachuma adayendetsedwa kudzera munjira zoyendetsedwa ndi wopereka. Kutayikirako sikunatenge nthawi yayitali, koma sikunali kosangalatsa kwa makampani azachuma.
Google vs Japan. Mu Ogasiti 2017, Google idayamba kulengeza ma prefixes a othandizira akuluakulu aku Japan a NTT ndi KDDI muzowonjezera zake. Magalimoto adatumizidwa ku Google ngati mayendedwe, mwina molakwika. Popeza Google siwothandizira ndipo salola kuti magalimoto aziyenda, gawo lalikulu la Japan linasiyidwa popanda intaneti.
"DV LINK idajambula zoyambira za Google, Apple, Facebook, Microsoft". Komanso mu 2017, wopereka chithandizo ku Russia DV LINK pazifukwa zina adayamba kulengeza maukonde a Google, Apple, Facebook, Microsoft ndi osewera ena akuluakulu.
"eNet yaku USA yajambula mawu oyamba a AWS Route53 ndi MyEtherwallet". Mu 2018, wothandizira ku Ohio kapena m'modzi mwa makasitomala ake adalengeza za Amazon Route53 ndi MyEtherwallet crypto wallet network. Kuukira kunali kopambana: ngakhale chiphaso chodzilembera chokha, chenjezo lomwe lidawonekera kwa wogwiritsa ntchito polowa patsamba la MyEtherwallet, zikwama zambiri zidabedwa ndipo gawo lina la cryptocurrency linabedwa.
M’chaka cha 2017 chokha, zinthu ngati zimenezi zinalipo zoposa 14! Maukonde akadali decentralized, kotero si zonse ndipo si onse akusweka. Koma pali masauzande a zochitika, zonse zokhudzana ndi protocol ya BGP yomwe imapereka mphamvu pa intaneti.
BGP ndi zovuta zake
Pulogalamu BGP - Border Gateway Protocol, idafotokozedwa koyamba mu 1989 ndi akatswiri awiri a IBM ndi Cisco Systems pa "zopukutira" zitatu - mapepala a A4. Izi ndikukhalabe ku likulu la Cisco Systems ku San Francisco ngati chotsalira chapadziko lonse lapansi.
Protocol imachokera ku kuyanjana kwa machitidwe odziyimira pawokha - Autonomous Systems kapena AS mwachidule. Dongosolo lodziyimira palokha ndi ID chabe yomwe ma IP network amaperekedwa mu registry ya anthu. Routa yokhala ndi ID iyi imatha kulengeza maukondewa padziko lonse lapansi. Chifukwa chake, njira iliyonse pa intaneti imatha kuyimiridwa ngati vector, yomwe imatchedwa Njira ya AS. Vector ili ndi manambala a machitidwe odziyimira pawokha omwe amayenera kudutsa kuti akafike ku netiweki komwe akupita.
Mwachitsanzo, pali maukonde angapo a machitidwe odziyimira pawokha. Muyenera kuchoka ku AS65001 system kupita ku AS65003 system. Njira yochokera kudongosolo limodzi imayimiridwa ndi AS Path pachithunzichi. Zili ndi machitidwe awiri odziyimira pawokha: 65002 ndi 65003. Pa adiresi iliyonse yopita pali AS Path vector, yomwe ili ndi chiwerengero cha machitidwe odziyimira pawokha omwe tiyenera kudutsamo.
Ndiye mavuto ndi BGP ndi chiyani?
BGP ndi protocol yodalirika
Protocol ya BGP ndi yokhazikika. Izi zikutanthauza kuti timakhulupirira anzathu mwachisawawa. Ichi ndi gawo la ma protocol ambiri omwe adapangidwa kumayambiriro kwa intaneti. Tiyeni tiwone chomwe "kukhulupirira" kumatanthauza.
Palibe kutsimikizika kwa mnansi. M'mbuyomu, pali MD5, koma MD5 mu 2019 ndiye ...
Palibe kusefa. BGP ili ndi zosefera ndipo zimafotokozedwa, koma sizigwiritsidwa ntchito kapena kugwiritsidwa ntchito molakwika. Ndifotokoza chifukwa chake pambuyo pake.
Ndikosavuta kukhazikitsa oyandikana nawo. Kukhazikitsa oyandikana nawo mu protocol ya BGP pafupifupi pafupifupi rauta iliyonse ndi mizere ingapo ya config.
Palibe ufulu woyang'anira BGP wofunikira. Simufunikanso kulemba mayeso kuti mutsimikizire ziyeneretso zanu. Palibe amene angakulandeni ufulu wanu wokonza BGP mutaledzera.
Mavuto akulu awiri
Kubera koyambirira. Kubera koyambirira ndikutsatsa maukonde omwe si anu, monga momwe zilili ndi MyEtherwallet. Tidatenga ma prefixes, kuvomerezana ndi woperekayo kapena kuwadula, ndipo kudzera mu izi timalengeza maukonde awa.
Kutaya kwa njira. Kuchucha kumakhala kovuta kwambiri. Leak ndikusintha kwa AS Path. Chabwino, kusinthaku kumabweretsa kuchedwa kwambiri chifukwa muyenera kuyenda njira yayitali kapena ulalo wocheperako. Choyipa kwambiri, mlandu wa Google ndi Japan udzabwerezedwa.
Google payokha si ntchito kapena njira yodziyimira payokha. Koma pamene adalengeza maukonde a ogwira ntchito ku Japan kwa omwe amamuthandizira, magalimoto kudzera pa Google kudzera pa AS Path adawonedwa ngati chinthu chofunikira kwambiri. Magalimoto adapita kumeneko ndikutsika chifukwa makonda amayendedwe mkati mwa Google ndi ovuta kuposa zosefera pamalire.
Chifukwa chiyani zosefera sizikugwira ntchito?
Palibe amene amasamala. Ichi ndi chifukwa chachikulu - palibe amene amasamala. Woyang'anira wothandizira ang'onoang'ono kapena kampani yomwe idalumikizidwa ndi wothandizira kudzera pa BGP adatenga MikroTik, adakonza BGP pamenepo ndipo sakudziwa kuti zosefera zitha kukhazikitsidwa pamenepo.
Zolakwika zamasinthidwe. Adasokoneza china chake, adalakwitsa chigoba, adavala mauna olakwika - ndipo tsopano pali cholakwika kachiwiri.
Palibe luso laukadaulo. Mwachitsanzo, opereka ma telecom ali ndi makasitomala ambiri. Chinthu chanzeru kuchita ndikungosintha zosefera kwa kasitomala aliyense - kuwunika kuti ali ndi netiweki yatsopano, kuti wabwereka maukonde ake kwa wina. Ndizovuta kutsatira izi, komanso zovuta kwambiri ndi manja anu. Chifukwa chake, amangoyika zosefera zomasuka kapena osayika zosefera nkomwe.
Kupatulapo. Pali kuchotsera kwa okondedwa ndi akuluakulu makasitomala. Makamaka pankhani ya inter-operator interfaces. Mwachitsanzo, TransTeleCom ndi Rostelecom ali ndi ma network ambiri ndipo pali mawonekedwe pakati pawo. Ngati cholumikizira chikugwa, sichingakhale chabwino kwa aliyense, kotero zosefera zimamasuka kapena kuchotsedwa kwathunthu.
Zambiri zachikale kapena zosafunikira mu IRR. Zosefera zimamangidwa kutengera zomwe zalembedwamo IRR - Registry Yoyenda pa intaneti. Awa ndi zolembera za olembetsa pa intaneti. Nthawi zambiri, zolembera zimakhala ndi zidziwitso zakale kapena zosafunikira, kapena zonse ziwiri.
Olembetsa awa ndi ndani?
Maadiresi onse a intaneti ndi a bungwe IANA - Ulamuliro wa Nambala Zoperekedwa pa intaneti. Mukagula netiweki ya IP kwa munthu, simukugula ma adilesi, koma ufulu wowagwiritsa ntchito. Maadiresi ndi chinthu chosaoneka ndipo mogwirizana onse ndi a IANA.
Dongosololi limagwira ntchito motere. IANA imapereka kasamalidwe ka ma adilesi a IP ndi manambala odziyimira pawokha kwa olembetsa madera asanu. Amapereka machitidwe odziyimira pawokha LIR - olembetsa pa intaneti wamba. Ma LIR ndiye amagawira ma adilesi a IP kwa ogwiritsa ntchito.
Choyipa cha dongosololi ndikuti aliyense wa registrars amdera amasunga zolembera zake mwanjira yake. Aliyense ali ndi malingaliro ake pazambiri zomwe ziyenera kukhala m'kaundula, ndi ndani sayenera kuzifufuza. Zotsatira zake ndi chisokonezo chomwe tili nacho tsopano.
Kodi mungathane bwanji ndi mavutowa?
IRR - khalidwe lapakati. Ndizomveka ndi IRR - zonse ndi zoyipa pamenepo.
BGP-midzi. Izi ndi zina zomwe zikufotokozedwa mu protocol. Titha kuphatikizira, mwachitsanzo, gulu lapadera ku chilengezo chathu kuti mnansi asatumize maukonde athu kwa anansi ake. Tikakhala ndi ulalo wa P2P, timangosinthanitsa maukonde athu. Kuti tipewe njirayo kuti isapite mwangozi kumanetiweki ena, timawonjezera gulu.
Madera sasintha. Nthawi zonse ndi mgwirizano wa awiri, ndipo ichi ndi drawback awo. Sitingathe kugawa gulu lililonse, kupatula limodzi, lomwe limavomerezedwa ndi aliyense. Sitingakhale otsimikiza kuti aliyense avomereza gululi ndikulimasulira molondola. Choncho, mwabwino kwambiri, ngati mukugwirizana ndi uplink wanu, adzamvetsa zomwe mukufuna kuchokera kwa iye malinga ndi dera. Koma mnzako sangamvetse, kapena wogwiritsa ntchitoyo amangosintha chizindikiro chanu, ndipo simungakwaniritse zomwe mukufuna.
RPKI + ROA imathetsa gawo laling'ono chabe lamavuto. RPKI ndi Resource Public Key Infrastructure - dongosolo lapadera losaina zambiri zamayendedwe. Ndibwino kukakamiza a LIR ndi makasitomala awo kuti azikhala ndi malo osungiramo ma adilesi atsopano. Koma pali vuto limodzi ndi izo.
RPKI ndi njira yoyendetsera anthu onse. IANA ili ndi kiyi yomwe makiyi a RIR amapangidwa, ndipo ndi makiyi ati a LIR amapangidwa? zomwe amasaina malo awo adilesi pogwiritsa ntchito ROAs - Route Origin Authorisations:
- Ndikukutsimikizirani kuti mawu oyambawa adzalengezedwa m'malo mwa dera lodzilamulirali.
Kuphatikiza pa ROA, pali zinthu zina, koma zambiri za iwo pambuyo pake. Zikuwoneka ngati chinthu chabwino komanso chothandiza. Koma sizimatiteteza ku kutayikira kwa mawu oti "pang'ono pomwe" ndipo sizithetsa mavuto onse ndi kuba kwa prefix. Chifukwa chake, osewera safulumira kuchita izi. Ngakhale pali zitsimikizo kale kuchokera kwa osewera akuluakulu monga AT&T ndi makampani akuluakulu a IX omwe ma prefixes okhala ndi mbiri yolakwika ya ROA adzatsitsidwa.
Mwina adzachita izi, koma pakadali pano tili ndi ma prefixes ambiri omwe sanasainidwe mwanjira iliyonse. Kumbali imodzi, sizikudziwika ngati adalengezedwa movomerezeka. Kumbali ina, sitingathe kuwagwetsa mwachisawawa, chifukwa sitikudziwa ngati izi ndi zolondola kapena ayi.
Ndi chiyani chinanso?
BGPSec. Ichi ndi chinthu chabwino chomwe akatswiri adabwera nacho pagulu la mahatchi apinki. Iwo adati:
- Tili ndi RPKI + ROA - njira yotsimikizira siginecha ya ma adilesi. Tiyeni tipange mawonekedwe osiyana a BGP ndikuyitcha BGPSec Path. Router iliyonse imasaina ndi siginecha yake zomwe imalengeza kwa oyandikana nawo. Mwanjira iyi tipeza njira yodalirika kuchokera pazidziwitso zosainidwa ndipo titha kuzifufuza.
Zabwino m'malingaliro, koma muzochita pali mavuto ambiri. BGPSec imaphwanya makaniko ambiri omwe alipo a BGP posankha mahops otsatira ndikuwongolera magalimoto omwe akubwera/otuluka mwachindunji pa rauta. BGPSec siigwira ntchito mpaka 95% ya msika wonse itayigwiritsa ntchito, yomwe payokha ndi utopia.
BGPSec ili ndi zovuta zazikulu zogwira ntchito. Pazida zamakono, kuthamanga kwa zolengeza ndi pafupifupi 50 prefixes pamphindi. Poyerekeza: tebulo lapano la intaneti la ma prefixes 700 lidzakwezedwa m'maola a 000, pomwe lidzasintha ka 5.
BGP Open Policy (BGP Yotengera Maudindo). Malingaliro atsopano otengera chitsanzo Gao-Rexford. Awa ndi asayansi awiri omwe akufufuza za BGP.
Mtundu wa Gao-Rexford uli motere. Kuti muchepetse, ndi BGP pali mitundu yaying'ono yolumikizirana:
- Wopereka Makasitomala;
- P2P;
- kulankhulana mkati, kunena iBGP.
Kutengera ndi gawo la rauta, ndizotheka kale kugawira malamulo ena olowetsa / kutumiza kunja mwachisawawa. Woyang'anira sayenera kukonza mndandanda wa prefix. Kutengera ndi gawo lomwe ma routers amavomerezana pakati pawo ndi omwe atha kukhazikitsidwa, timalandira kale zosefera zina. Uku ndikusintha komwe kukukambidwa mu IETF. Ndikuyembekeza kuti posachedwa tidzawona izi ngati mawonekedwe a RFC ndikukhazikitsa pa hardware.
Othandizira akuluakulu a intaneti
Tiyeni tiwone chitsanzo cha wothandizira CenturyLink. Ndilo gawo lachitatu lalikulu kwambiri ku US, likutumikira mayiko 37 ndipo lili ndi malo 15 a data.
Mu Disembala 2018, CenturyLink inali pamsika waku US kwa maola 50. Panthawiyi, panali mavuto ndi ntchito ya ATM m'mayiko awiri, ndipo chiwerengero cha 911 sichinagwire ntchito kwa maola angapo m'mayiko asanu. Lottery ku Idaho idawonongeka kwathunthu. Nkhaniyi ikufufuzidwa ndi bungwe la US Telecommunications Commission.
Chifukwa cha tsokali chinali khadi limodzi la network mu data center imodzi. Khadiyo idasokonekera, idatumiza mapaketi olakwika, ndipo malo onse 15 a data adatsika.
Lingaliroli silinagwire ntchito kwa wothandizira uyu "chachikulu kwambiri kuti chigwe". Lingaliro ili silikugwira ntchito konse. Mutha kutenga wosewera wamkulu aliyense ndikuyika zinthu zing'onozing'ono pamwamba. US ikuchita bwino ndi kulumikizana. Makasitomala a CenturyLink omwe anali ndi posungira adalowamo mwaunyinji. Kenako ogwiritsira ntchito ena adadandaula kuti maulalo awo adachulukidwa.
Ngati Kazakhtelecom yokhazikika ikagwa, dziko lonse lidzasiyidwa popanda intaneti.
Mabungwe
Mwina Google, Amazon, FaceBook ndi mabungwe ena amathandizira intaneti? Ayi, amaswanso.
Mu 2017 ku St. Petersburg pamsonkhano wa ENOG13 Jeff Houston kuchokera ZOKHUDZA anayambitsa . Amati takhala tizolowera kuyanjana, kuyenda kwa ndalama komanso kuchuluka kwa magalimoto pa intaneti kukhala ofukula. Tili ndi othandizira ang'onoang'ono omwe amalipira kulumikizidwa ku zazikulu, ndipo amalipira kale kulumikizidwa kumayendedwe apadziko lonse lapansi.
Tsopano tili ndi mawonekedwe olunjika. Chilichonse chikanakhala bwino, koma dziko likusintha - osewera akuluakulu akumanga zingwe zawo za transoceanic kuti adzipangire okha misana.
Nkhani za CDN chingwe.
Mu 2018, TeleGeography idatulutsa kafukufuku wopitilira theka la kuchuluka kwa anthu pa intaneti salinso pa intaneti, koma ma CDN akumbuyo kwa osewera akulu. Awa ndi magalimoto omwe amagwirizana ndi intaneti, koma iyi sinalinso netiweki yomwe timakamba.
Intaneti ikugawanika kukhala gulu lalikulu la maukonde olumikizidwa momasuka.
Microsoft ili ndi netiweki yake, Google ili nayo yake, ndipo amalumikizana pang'ono. Magalimoto omwe adachokera kwinakwake ku USA amadutsa munjira za Microsoft kudutsa nyanja kupita ku Europe kwinakwake pa CDN, kenako kudzera pa CDN kapena IX amalumikizana ndi omwe akukupatsani ndikukafika ku rauta yanu.
Decentralization ikutha.
Mphamvu ya intaneti iyi, yomwe ingathandize kupulumuka kuphulika kwa nyukiliya, ikutayika. Malo omwe anthu ambiri amagwiritsa ntchito komanso kuchuluka kwa magalimoto amawonekera. Ngati Google Cloud yokhazikika ikagwa, padzakhala ozunzidwa ambiri nthawi imodzi. Tidamva izi pomwe Roskomnadzor adaletsa AWS. Ndipo chitsanzo cha CenturyLink chikuwonetsa kuti ngakhale zinthu zazing'ono ndizokwanira pa izi.
Poyamba, si zonse ndipo si onse anasweka. M’tsogolomu, tingafike potsimikiza kuti mwa kusonkhezera wosewera wamkulu mmodzi, tikhoza kuswa zinthu zambiri, m’malo ambiri ndiponso mwa anthu ambiri.
Mayiko
Maiko ali otsatira mzere, ndipo izi ndi zomwe zimachitika kwa iwo.
Pano Roskomnadzor wathu si mpainiya konse. Mchitidwe wofananawo wotseka intaneti ulipo ku Iran, India, ndi Pakistan. Ku England kuli bilu yoti mutha kutseka intaneti.
Boma lililonse lalikulu likufuna kusintha kuti muzimitse intaneti, kaya kwathunthu kapena m'magawo: Twitter, Telegraph, Facebook. Sikuti sakumvetsa kuti sangapambane, koma amafunadi. Kusinthaku kumagwiritsidwa ntchito, monga lamulo, pazolinga zandale - kuthetsa mpikisano wandale, kapena zisankho zikuyandikira, kapena owononga aku Russia athyolanso china.
Kuukira kwa DDoS
Sindidzachotsa mkate kwa anzanga a Qrator Labs, amachita bwino kuposa ine. Ali ndi pa kukhazikika kwa intaneti. Ndipo izi ndi zomwe adalemba mu lipoti la 2018.
Kutalika kwa nthawi ya DDoS kumatsika mpaka maola 2.5. Otsutsawo amayambanso kuwerengera ndalama, ndipo ngati gwero silikupezeka nthawi yomweyo, ndiye kuti amazisiya mwamsanga.
Kuchuluka kwa kuukira kukukulirakulira. Mu 2018, tidawona 1.7 Tb / s pa netiweki ya Akamai, ndipo iyi si malire.
Ma vectors atsopano akutuluka ndipo akale akuchulukirachulukira. Ma protocol atsopano akubwera omwe amatha kukulirakulira, ndipo kuukira kwatsopano kukubwera pama protocol omwe alipo, makamaka TLS ndi zina zotero.
Magalimoto ambiri amachokera pazida zam'manja. Nthawi yomweyo, kuchuluka kwa magalimoto pa intaneti kumasinthira makasitomala am'manja. Onse omwe akuwukira ndi omwe amateteza ayenera kukwanitsa kugwira ntchito ndi izi.
Zosawonongeka - ayi. Ili ndiye lingaliro lalikulu - palibe chitetezo chapadziko lonse lapansi chomwe chingateteze ku DDoS iliyonse.
Dongosolo silingayikidwe pokhapokha litalumikizidwa ndi intaneti.
Ndikukhulupirira ndakuwopani mokwanira. Tiyeni tsopano tiganizire zoyenera kuchita.
Zoyenera kuchita?!
Ngati muli ndi nthawi yaulere, chikhumbo komanso chidziwitso cha Chingerezi, tengani nawo magulu ogwira ntchito: IETF, RIPE WG. Awa ndi mndandanda wamakalata otseguka, lembani mndandanda wamakalata, kutenga nawo mbali pazokambirana, bwerani kumisonkhano. Ngati muli ndi udindo wa LIR, mutha kuvota, mwachitsanzo, mu RIPE pazoyeserera zosiyanasiyana.
Kwa anthu wamba izi ndizo kuyang'anira. Kudziwa chomwe chasweka.
Kuwunika: kuyang'ana chiyani?
Normal Ping, osati kokha cheke cha binary - chimagwira ntchito kapena ayi. Lembani RTT m'mbiri kuti mutha kuyang'ana zolakwika pambuyo pake.
Traceroute. Iyi ndi pulogalamu yothandiza kudziwa mayendedwe a data pamanetiweki a TCP/IP. Imathandiza kuzindikira anomalies ndi blockages.
HTTP imayang'ana ma URL okhazikika ndi ziphaso za TLS zithandizira kuzindikira kutsekereza kapena DNS spoofing pakuwukira, zomwe zili zofanana. Kuletsa kumachitika nthawi zambiri ndi DNS spoofing ndikusintha magalimoto kukhala tsamba la stub.
Ngati ndi kotheka, yang'anani malingaliro amakasitomala anu za komwe munachokera kuchokera kumalo osiyanasiyana ngati muli ndi pulogalamu. Izi zikuthandizani kuti muwone zolakwika zakuba DNS, zomwe nthawi zina opereka chithandizo amachita.
Kuyang'anira: fufuzani kuti?
Palibe yankho lachilengedwe chonse. Onani komwe wogwiritsa akuchokera. Ngati ogwiritsa ntchito ali ku Russia, fufuzani kuchokera ku Russia, koma musadzichepetse. Ngati ogwiritsa ntchito amakhala m'madera osiyanasiyana, fufuzani kuchokera kumaderawa. Koma zabwino kuchokera padziko lonse lapansi.
Kuwunika: kuyang'ana chiyani?
Ndinapeza njira zitatu. Ngati mukudziwa zambiri, lembani mu ndemanga.
- RIPE Atlas.
- Kuwunika kwamalonda.
- Netiweki yanu yamakina enieni.
Tiye tikambirane za aliyense wa iwo.
RIPE Atlas - ndi bokosi laling'ono. Kwa iwo omwe amadziwa zapakhomo "Inspector" - ili ndi bokosi lomwelo, koma ndi chomata chosiyana.
RIPE Atlas ndi pulogalamu yaulere. Mukulembetsa, landirani rauta kudzera pa imelo ndikuyilumikiza pa intaneti. Chifukwa chakuti wina amagwiritsa ntchito chitsanzo chanu, mumapeza mbiri. Ndi ngongole izi mutha kufufuza nokha. Mutha kuyesa m'njira zosiyanasiyana: ping, traceroute, onani satifiketi. Kuphimba ndi kwakukulu, pali mfundo zambiri. Koma pali ma nuances.
Dongosolo la ngongole sililola njira zopangira zomanga. Sipadzakhala ndalama zokwanira pakufufuza kosalekeza kapena kuyang'anira malonda. Ngongole ndi zokwanira pa phunziro lalifupi kapena cheke kamodzi. Chizoloŵezi cha tsiku ndi tsiku kuchokera ku chitsanzo chimodzi chimadyedwa ndi macheke 1-2.
Kufalikira sikuli kofanana. Popeza pulogalamuyi ndi yaulere mbali zonse ziwiri, kufalikira kuli bwino ku Europe, ku Europe ku Russia ndi madera ena. Koma ngati mukufuna Indonesia kapena New Zealand, ndiye zonse ndi zoipa kwambiri - mwina mulibe zitsanzo 50 pa dziko.
Simungathe kuyang'ana http kuchokera ku chitsanzo. Izi ndichifukwa chaukadaulo waukadaulo. Amalonjeza kuti adzakonza mu mtundu watsopano, koma pakali pano http silingathe kufufuzidwa. Ndi satifiketi yokha yomwe ingatsimikizidwe. Mtundu wina wa cheke http ukhoza kuchitidwa ku chipangizo chapadera cha RIPE Atlas chotchedwa Anchor.
Njira yachiwiri ndiyo kuyang'anira malonda. Zonse zili bwino ndi iye, mukulipira ndalama, chabwino? Amakulonjezani malo angapo kapena mazana owunikira padziko lonse lapansi ndikujambula ma dashboard okongola m'bokosi. Koma, kachiwiri, pali mavuto.
Amalipidwa, m'malo ena ndizovuta kwambiri. Kuwunika kwa ping, cheke padziko lonse lapansi, ndi macheke ambiri a http amatha kuwononga madola masauzande angapo pachaka. Ngati ndalama zilola ndipo mukufuna yankho ili, pitirirani.
Kufotokozera kungakhale kosakwanira m'dera lachidwi. Ndi ping yomweyo, gawo lalikulu la dziko lapansi limafotokozedwa - Asia, Europe, North America. Njira zowunikira zomwe sizichitika kawirikawiri zimatha kupita kudziko kapena dera linalake.
Thandizo lofooka pamayeso achizolowezi. Ngati mukufuna chinachake chachizolowezi, osati "zopiringa" pa ulalo, ndiye palinso mavuto ndi izo.
Njira yachitatu ndikuwunika kwanu. Ichi ndi chodziwika bwino: "Tiyeni tilembe zathu!"
Kuyang'anira kwanu kumasandulika kupanga pulogalamu yamapulogalamu, ndikugawidwa. Mukuyang'ana wothandizira zomangamanga, yang'anani momwe mungatumizire ndikuwunika - kuyang'anira kuyenera kuyang'aniridwa, chabwino? Ndipo chithandizo chimafunikanso. Ganizirani kakhumi musanatenge izi. Zingakhale zosavuta kulipira wina kuti akuchitireni.
Kuyang'anira BGP anomalies ndi DDoS kuwukira
Pano, kutengera zomwe zilipo, zonse zimakhala zosavuta. BGP anomalies amapezeka pogwiritsa ntchito ntchito zapadera monga QRadar, BGPmon. Amavomereza tebulo lathunthu kuchokera kwa ogwiritsa ntchito angapo. Kutengera zomwe amawona kuchokera kwa ogwiritsa ntchito osiyanasiyana, amatha kuzindikira zolakwika, kuyang'ana ma amplifiers, ndi zina zotero. Kulembetsa nthawi zambiri kumakhala kwaulere - mumalowetsa nambala yanu yafoni, kulembetsa zidziwitso za imelo, ndipo ntchitoyi idzakuchenjezani zamavuto anu.
Kuwunika kuukira kwa DDoS ndikosavuta. Kawirikawiri izi NetFlow-based and logs. Pali machitidwe apadera monga FastNetMon, modules za Zosakanizika. Monga njira yomaliza, pali wothandizira wanu wa DDoS. Itha kutsitsanso NetFlow ndipo, kutengera izo, imakudziwitsani zakuukira komwe mukupita.
anapezazo
Osanyengerera - intaneti idzasweka. Osati zonse ndipo si aliyense amene adzasweka, koma zochitika 14 mu 2017 zikusonyeza kuti padzakhala zochitika.
Ntchito yanu ndikuzindikira mavuto mwachangu momwe mungathere. Osachepera, pasachedwe kuposa wogwiritsa ntchito. Sikofunikira kungozindikira, nthawi zonse sungani "Plan B" posungira. Dongosolo ndi njira ya zomwe mungachite zikawonongeka.: osungira, DC, CDN. Dongosolo ndi mndandanda wosiyana womwe umatsimikizira ntchito ya chilichonse. Dongosololi liyenera kugwira ntchito popanda kukhudzidwa ndi akatswiri opanga maukonde, chifukwa nthawi zambiri amakhala ochepa ndipo amafuna kugona.
Ndizomwezo. Ndikukufunirani kupezeka kwakukulu komanso kuwunika kobiriwira.
Sabata yamawa ku Novosibirsk kuwala kwa dzuwa, kukwera komanso kuchuluka kwa opanga akuyembekezeredwa . Ku Siberia, kutsogolo kwa malipoti owunikira, kupezeka ndi kuyesa, chitetezo ndi kasamalidwe zimanenedweratu. Kugwa kwamvula kumayembekezeredwa ngati zolemba zolembedwa, maukonde, zithunzi ndi zolemba pamasamba ochezera. Tikukulimbikitsani kuchedwetsa zochitika zonse pa June 24 ndi 25 ndi . Tikuyembekezerani ku Siberia!
Source: www.habr.com