Mu February, Mkhristu wa ku Austria Haschek adasindikiza nkhani yosangalatsa pa blog yake yotchedwa . Inde, ndinakhala ndi chidwi ndi zomwe zingachitike ngati phunziroli libwerezedwa, koma ndi Ukraine. Milungu ingapo yosonkhanitsa zidziwitso nthawi zonse, masiku angapo okonzekera nkhaniyi, ndipo panthawi ya kafukufukuyu, kukambirana ndi oimira osiyanasiyana amtundu wathu, kufotokozera, kenako dziwani zambiri. Chonde pansi padula...
TL; DR
Palibe zida zapadera zomwe zidagwiritsidwa ntchito kusonkhanitsa zidziwitso (ngakhale anthu angapo adalangiza kugwiritsa ntchito OpenVAS yomweyi kuti kafukufukuyu akhale wozama komanso wodziwitsa zambiri). Ndi chitetezo cha ma IP chomwe chikugwirizana ndi Ukraine (zambiri momwe zidatsimikizidwira pansipa), momwe zinthu ziliri, m'malingaliro mwanga, ndizoyipa kwambiri (ndipo ndizoyipa kwambiri kuposa zomwe zikuchitika ku Austria). Palibe kuyesa komwe kwapangidwa kapena kukonzekera kugwiritsa ntchito ma seva omwe ali pachiwopsezo.
Choyamba: mungapeze bwanji ma adilesi onse a IP a dziko linalake?
Ndikosavuta kwambiri. Maadiresi a IP sapangidwa ndi dziko lomwelo, koma amaperekedwa kwa ilo. Chifukwa chake, pali mndandanda (ndipo ndi wapagulu) wamayiko onse ndi ma IP onse omwe ali awo.
Aliyense angathe ndiyeno sefa grep Ukraine IP2LOCATION-LITE-DB1.CSV> ukraine.csv
, amakulolani kubweretsa mndandanda mu mawonekedwe ogwiritsidwa ntchito kwambiri.
Ukraine ali ndi pafupifupi ma adilesi a IPv4 monga Austria, oposa 11 miliyoni 11 kukhala enieni (poyerekeza, Austria ili ndi 640).
Ngati simukufuna kusewera ndi ma adilesi a IP nokha (ndipo simuyenera!), ndiye kuti mutha kugwiritsa ntchito ntchitoyi. .
Kodi pali makina aliwonse a Windows osasinthidwa ku Ukraine omwe ali ndi intaneti mwachindunji?
Kumene, palibe mmodzi ozindikira Chiyukireniya adzatsegula mwayi wotero kwa makompyuta awo. Kapena zidzakhala?
masscan -p445 --rate 300 -iL ukraine.ips -oG ukraine.445.scan && cat ukraine.445.scan | wc -lMakina a Windows 5669 omwe ali ndi mwayi wopita ku intaneti adapezeka (ku Austria kuli 1273 kokha, koma ndizochuluka).
Oops. Kodi pali ena mwa iwo omwe angawukidwe pogwiritsa ntchito zochitika za ETHERNALBLUE, zomwe zadziwika kuyambira 2017? Munalibe galimoto imodzi yoteroyo ku Austria, ndipo ndinkayembekezera kuti siipezekanso ku Ukraine. Tsoka ilo, sizothandiza. Tidapeza ma adilesi 198 a IP omwe sanatseke "dzenje" mwa iwo okha.
DNS, DDoS ndi kuya kwa dzenje la kalulu
Zokwanira za Windows. Tiyeni tiwone zomwe tili nazo ndi ma seva a DNS, omwe ali otsegula-otsegula ndipo angagwiritsidwe ntchito pa DDoS.
Zimagwira ntchito monga chonchi. Wowukirayo amatumiza pempho laling'ono la DNS, ndipo seva yomwe ili pachiwopsezo imayankha wozunzidwayo ndi paketi yomwe ndi yayikulu nthawi 100. Bomu! Maukonde amakampani amatha kugwa mwachangu kuchokera ku kuchuluka kwa data, ndipo kuukira kumafuna bandwidth yomwe foni yamakono yamakono ingapereke. Ndipo panali kuukira koteroko ngakhale pa GitHub.
Tiyeni tiwone ngati pali ma seva oterowo ku Ukraine.
masscan -pU 53 -iL ukraine.ips -oG ukraine.53.scan && cat ukraine.53.scan | wc -lGawo loyamba ndikupeza omwe ali ndi doko lotseguka 53. Chotsatira chake, tili ndi mndandanda wa ma adilesi a IP a 58, koma izi sizikutanthauza kuti onse angagwiritsidwe ntchito pa DDoS kuukira. Chofunikira chachiwiri chikuyenera kukwaniritsidwa, ndicho kuti akhale omasuka.
Kuti tichite izi, tingagwiritse ntchito lamulo losavuta kukumba ndikuwona kuti tikhoza "kukumba" kukumba + yochepa test.openresolver.com TXT @ip.of.dns.server. Ngati seva idayankha ndikuzindikira kotsegulira, ndiye kuti ikhoza kuonedwa ngati chandamale chowukira. Otsegula otsimikiza amapanga pafupifupi 25%, yomwe ikufanana ndi Austria. Pankhani ya chiwerengero chonse, izi ndi pafupifupi 0,02% ya ma IP onse aku Ukraine.
Ndi chiyani chinanso chomwe mungapeze ku Ukraine?
Wokondwa inu anafunsa. Ndizosavuta (komanso zosangalatsa kwambiri kwa ine ndekha) kuyang'ana IP ndi doko lotseguka 80 ndi zomwe zikuyenda pamenepo.
seva yapaintaneti
Ma IP a 260 aku Ukraine amayankha ku doko 849 (http). Maadiresi 80 adayankha bwino (125 status) ku pempho losavuta la GET lomwe msakatuli wanu angatumize. Zina zinapanga cholakwika chimodzi kapena china. Ndizosangalatsa kuti ma seva a 444 adapereka mawonekedwe a 200, ndipo magawo osowa kwambiri anali 853 (pempho la chilolezo cha proxy) ndi 500 yosagwirizana kwathunthu (IP osati mu "mndandanda woyera") pakuyankha kumodzi.
Apache ndiwopambana kwambiri - ma seva 114 amagwiritsa ntchito. Mtundu wakale kwambiri womwe ndidapeza ku Ukraine ndi 544, womwe unatulutsidwa pa Okutobala 1.3.29, 29 (!!!). nginx ili pamalo achiwiri ndi ma seva 2003.
Ma seva 11 amagwiritsa ntchito WinCE, yomwe idatulutsidwa mu 1996, ndipo adamaliza kuyiyika mu 2013 (pali 4 yokha mwa izi ku Austria).
Protocol ya HTTP/2 imagwiritsa ntchito ma seva 5, HTTP/144 - 1.1, HTTP/256 - 836.
Osindikiza ... chifukwa ... bwanji?
2 HP, 5 Epson ndi 4 Canon, zomwe zimapezeka pa netiweki, zina mwazo popanda chilolezo chilichonse.
ma webukamu
Si nkhani kuti ku Ukraine kuli makamera ambiri a intaneti omwe amadziwonetsera okha pa intaneti, omwe amasonkhanitsidwa pazinthu zosiyanasiyana. Makamera osachepera 75 amadziwonetsera okha pa intaneti popanda chitetezo chilichonse. Mukhoza kuyang'ana pa iwo .
Kodi yotsatira?
Ukraine ndi dziko laling'ono, monga Austria, koma ali ndi mavuto ofanana ndi mayiko akuluakulu mu IT gawo. Tiyenera kumvetsetsa bwino zomwe zili zotetezeka komanso zowopsa, ndipo opanga zida ayenera kupereka masinthidwe otetezeka a zida zawo.
Kuphatikiza apo, ndimasonkhanitsa makampani othandizana nawo (), zomwe zingakuthandizeni kutsimikizira kukhulupirika kwa zida zanu za IT. Gawo lotsatira lomwe ndikukonzekera kuchita ndikuwunikanso chitetezo cha mawebusayiti aku Ukraine. Osasintha!
Source: www.habr.com