Humwe husiku hwakanaka hwechirimo, pandakanga ndisingadi kuenda kumba, uye chishuwo chisingadzoreki chekurarama nekudzidza chaive kukwenya nekupisa kunge simbi inopisa, zano rakamuka rekutora chinhu chinoedza kurasika pamadziro emoto anonzi "IP DOS mutemo".
Mushure mekutanga caress uye kujairana nebhuku, ndakarimisa mumodhi Pass-and-Log, kuti titarise exhaust in general uye kusavimbika kubatsira kweiyi gadziriro.
Mushure memazuva mashoma (kuitira kuti zviverengero zviunganidze, hongu, uye kwete nekuti ndakanganwa), ndakatarisa matanda uye, ndichitamba ipapo, ndakarovanisa maoko angu - pakanga paine marekodhi akakwana, usatambe. Zvingaite senge zvisingaite nyore - batidza mutemo kudzivirira mafashama ese, kuongorora, kuisa. hafu yakazaruka zvirongwa nekurambidzwa kweawa uye kurara murugare nekuziva kwekuti muganhu wakavharwa. Asi gore remakumi matatu nemana rehupenyu rakakunda hudiki hudiki uye kune imwe nzvimbo kumashure kweuropi izwi rakatetepa rakanzwika: "Ngatisimudze maziso edu uye tione kuti ndeani kero yedu yatinoda firewall inozivikanwa semafashama ane utsinye? Zvakanaka, mukuronga zvisina maturo."
Isu tinotanga kuongorora iyo yakagamuchirwa data kubva pane rondedzero yeanomalies. Ini ndinomhanyisa kero kuburikidza neyakapfava script Powershell uye meso anogumburwa pamavara anozivikanwa google.
Ndinokwenya maziso angu uye ndichibwaira kweanenge maminetsi mashanu kuti ndive nechokwadi chekuti handisi kufungidzira zvinhu - zvechokwadi, pane rondedzero yeavo vakaonekwa nefirewall semafashama ane hutsinye, rudzi rwekurwisa ndirwo - udp flood, kero dzekambani yakanaka.
Ndiri kukwenya musoro wangu, panguva imwe chete kuseta packet capture pane yekunze interface kuti iongororwe. Pfungwa dzakajeka dzinopenya mumusoro mangu: "Sei kuti chimwe chinhu chatapukirwa muGoogle Scope? Uye izvi ndizvo zvandakawana? Hongu, iyi, iyi mibairo, kukudzwa uye kapeti tsvuku, uye kasino yayo ine blackjack uye, zvakanaka, unonzwisisa...β
Kuongorora faira yakagamuchirwa Wireshark-ohm.
Hongu, zvirokwazvo kubva kukero kubva kuhukuru Google UDP mapaketi ari kutorwa kubva pachiteshi 443 kuenda kune yakasarudzika chiteshi pane yangu kifaa.
Asi, mira kweminiti ... Pano iyo protocol inoshanduka kubva UDP pamusoro GQUIC.
Semyon Semenych...
Ndakabva ndangorangarira report kubva HighLoad Alexandra Tobolya Β«UDP against TCP kana ramangwana retiweki stack"().
Kune rimwe divi, kuodzwa mwoyo kushoma kunogadzika-hapana mahara, hapana rukudzo kwauri, tenzi. Kune rumwe rutivi, dambudziko rakajeka, rinosara kuti rinzwisise kupi uye zvakadini kuchera.
Maminitsi mashoma ekutaurirana neGood Corporation - uye zvese zvinowira munzvimbo. Mukuyedza kuvandudza kukurumidza kwekuburitsa zvemukati, kambani Google yakazivisa protocol kumashure muna 2012 QUIC, iyo inokutendera kuti ubvise kwakawanda kwekukanganisa kweTCP (hongu, hongu, hongu, muzvinyorwa izvi - ΠΈ Vanotaura pamusoro pechimurenga chose nzira, asi, ngative vakatendeseka, ndinoda mafoto ane katsi kuti atakure nekukurumidza, uye kwete ese aya mabhindauko ekuziva uye kufambira mberi). Sekumwe kutsvagisa kwakaratidza, masangano mazhinji ave kuchinjika kune iyi mhando yekuburitsa zvemukati sarudzo.
Dambudziko mune yangu uye, ndinofunga, kwete chete mune yangu, yaive yekuti pakupedzisira kune akawanda mapaketi uye firewall inovaona semafashama.
Paive nemhinduro shoma dzaigoneka:
1. Wedzera kune rondedzero yekusabatanidzwa ye DoS Policy Kuwanda kwemakero pafirewall Google. Pakungofunga nezvehuwandu hwemakero angaite, ziso rake rakatanga kubvunda nekutya - pfungwa iyi yakasendekwa parutivi seanopenga.
2. Wedzerai chikumbaridzo chekupindura udp flood policy - zvakare kwete comme il faut, asi ko kana mumwe munhu ane hutsinye achipinda mukati.
3. Rambidza mafoni kubva kunetiweki yemukati kuburikidza UDP pamusoro 443 port out.
Mushure mekuverenga zvakawanda nezve kuita uye kubatanidzwa QUIC Π² Google Chrome Sarudzo yekupedzisira yakagamuchirwa sechiratidzo chechiito. Chokwadi ndechekuti, anodiwa nemunhu wese kwese kwese uye asina tsitsi (ini handinzwisisi kuti sei, zviri nani kuve nemusoro mutsvuku unozvikudza. Firefox-ovskaya muzzle ichagashira kune inopedzwa gigabytes ye RAM), Google Chrome pakutanga anoedza kumisikidza chinongedzo uchishandisa yayo yakaoma-yakawana QUIC, asi kana chishamiso chisingaitiki, zvino chinodzokera kunzira dzakapupurirwa dzakadai TLS, kunyange zvazvo achinyara zvikuru nazvo.
Gadzira yekupinda sevhisi pane firewall QUIC:
Isu tinogadzira mutemo mutsva uye tinouisa pane imwe nzvimbo yakakwirira mumaketani.
Mushure mekushandura mutemo mune rondedzero yeanomalies, runyararo nekunyarara, kunze kwevanotyora zvechokwadi.
Ndinokutendai mose nekuteerera kwenyu.
Zvishandiso zvakashandiswa:
1.
2.
3.
4.
Source: www.habr.com