Koox cilmi-baarayaal ah oo ka socda Jaamacadda Peking, Jaamacadda Tsinghua iyo Jaamacadda Texas ee Dallas fasalka cusub ee weerarrada DoS - RangeAmp, oo ku salaysan isticmaalka madax HTTP ah si loo abaabulo kordhinta taraafikada iyada oo loo marayo shabakadaha gudbinta macluumaadka (CDN). Nuxurka habka ayaa ah in habka madax-weyneyaasha Range loogu habeeyo CDN badan, weerarku wuxuu ka codsan karaa hal byte oo fayl weyn ah iyada oo loo marayo CDN, laakiin CDN waxay soo dejin doontaa faylka oo dhan ama xog aad u weyn oo ka sii weyn server-ka bartilmaameedka ah in lagu dhejiyo khasnadda. Heerka kordhinta taraafikada inta lagu jiro weerarkan oo kale, iyadoo ku xiran CDN-ga, waxay u dhexeysaa 724 ilaa 43330 jeer, taas oo loo isticmaali karo in lagu badiyo CDN-ga taraafikada soo socota ama la yareeyo awoodda kanaalka ugu dambeeya ee isgaarsiinta goobta dhibbanaha.
Madaxa Range wuxuu siinayaa macmiilka awood uu ku qeexo jagooyin kala duwan oo faylka ah oo ay tahay in la soo dejiyo halkii laga soo celin lahaa faylka oo dhan. Tusaale ahaan, macmiilku wuxuu cayimi karaa "Range: bytes=0-1023" oo serverku wuxuu gudbin doonaa 1024 bytes ee ugu horreeya oo keliya. Habkani waa baahi loo qabo marka la soo dejinayo faylal waaweyn - isticmaaluhu wuu joojin karaa soo dejinta ka dibna wuu ka sii wadi karaa booska go'ay. Marka la tilmaamayo "bytes=0-0", halbeeggu wuxuu farayaa in la siiyo byte-ka ugu horreeya ee faylka, "bytes=-1" - kan u dambeeya, "bytes=1-" - laga bilaabo 1 byte ilaa dhammaadka faylka. Waxaa suurtagal ah in lagu gudbiyo dhowr saf oo hal madax ah, tusaale ahaan "Range: bytes=0-1023,8192-10240".
Intaa waxaa dheer, ikhtiyaarka labaad ee weerarka ayaa la soo jeediyay, oo loogu talagalay in lagu kordhiyo culeyska shabakadda marka loo gudbinayo taraafikada CDN kale, kaas oo loo isticmaalo wakiil ahaan (tusaale ahaan, marka Cloudflare u dhaqmo sidii hore (FCDN), iyo Akamai u dhaqmo sida dhabarka. BCDN). Habka wuxuu la mid yahay weerarkii ugu horreeyay, laakiin wuxuu ku dhex jiraa shabakadaha CDN wuxuuna u oggolaanayaa kordhinta taraafikada marka laga galo CDN-yada kale, kordhinta culeyska kaabayaasha iyo yareynta tayada adeegga.
Fikradda ayaa ah in weeraryahanku u soo diro codsiyada Range ee dhowr saf ah CDN-ga, sida "bytes=0-,0-,0-...", "bytes=1-,0-,0-..." ama "bytes=-1024,0 ,0-,0-..." Codsiyada waxaa ku jira tiro badan oo ah "0-", oo tilmaamaya in faylka laga soo celiyay booska eber ilaa dhamaadka. Sababo la xiriira hirgelinta khaldan ee kala shaandheynta kala-duwanaanshaha, marka CDN-ga ugu horreeya uu galo kan labaad, fayl dhamaystiran ayaa loo diraa "53-" kasta (kala duwanaanshiyaha lama soo wada ururin, laakiin si isdaba joog ah ayaa loo soo celiyay), haddii ay jirto isku-duubni iyo is-goysyada safafka Codsiga uu markii hore soo diray qofka weerarka geystay. Heerka kordhinta taraafikada ee weerarkan oo kale waxay u dhaxaysaa 7432 ilaa XNUMX jeer.
Inta lagu jiro daraasadda, habdhaqanka 13 CDNs ayaa la bartay -
Akamai, Alibaba Cloud, Azure, CDN77, CDNsun, Cloudflare, CloudFront, Fastly, G-Core Labs, Huawei Cloud, KeyCDN, StackPath iyo Tencent Cloud. Dhammaan CDN-yada la baaray ayaa oggolaaday nooca ugu horreeya ee weerarka server-ka dhammaadka ah. Kala duwanaanshaha labaad ee weerarka CDN wuxuu saameeyay adeegyada 6, kuwaas oo afar ka mid ah ay u dhaqmi karaan sidii hore ee weerarka (CDN77, CDNsun, Cloudflare iyo StackPath) iyo saddex sida dhabarka (Akamai, Azure iyo StackPath). Faa'iidada ugu weyn waxaa lagu gaaraa Akamai iyo StackPath, kuwaas oo u oggolaanaya in ka badan 10 kun oo kala duwan in lagu qeexo madaxa Range. Milkiilayaasha CDN ayaa la ogeysiiyay dayacanka 7 bilood ka hor, iyo markii xogta si guud loo shaaciyay, 12 ka mid ah 13 CDN-yada ayaa hagaajiyay dhibaatooyinka la aqoonsaday ama waxay muujiyeen diyaar u ah inay hagaajiyaan iyaga (kaliya adeegga StackPath ayaan ka jawaabin).
Source: opennet.ru