Tataiso ea Ts'ireletso ea DNS

Eng kapa eng eo khampani e e etsang, tšireletso DNS e lokela ho ba karolo ea bohlokoa ea moralo oa ts'ireletso ea eona. Litšebeletso tsa mabitso, tse rarollang mabitso a baeti ho liaterese tsa IP, li sebelisoa ke hoo e batlang e le ts'ebeliso e 'ngoe le e' ngoe le tšebeletso ea marang-rang.

Haeba mohlaseli a fumana taolo ea DNS ea mokhatlo, a ka khona:

• iphe matla holim'a lisebelisoa tse arolelanoang
• tsamaisa li-imeile tse kenang hape le likopo tsa tepo le liteko tsa ho netefatsa
• theha le ho netefatsa litifikeiti tsa SSL/TLS

Tataiso ena e sheba ts'ireletso ea DNS ho tsoa likhutlong tse peli:

1. Ho etsa tlhahlobo e tsoelang pele le taolo holim'a DNS
2. Kamoo liprothokholo tse ncha tsa DNS tse kang DNSSEC, DOH le DoT li ka thusang ho sireletsa botšepehi le lekunutu la likopo tse fetisoang tsa DNS

Ts'ireletso ea DNS ke eng?

Khopolo ea ts'ireletso ea DNS e kenyelletsa likarolo tse peli tsa bohlokoa:

1. Ho netefatsa botšepehi ka kakaretso le ho fumaneha ha litšebeletso tsa DNS tse rarollang mabitso a baeti ho liaterese tsa IP
2. Lekola ts'ebetso ea DNS ho tseba litaba tse ka bang teng tsa ts'ireletso kae kapa kae marang-rang a hau

Ke hobane'ng ha DNS e kotsing ea ho hlaseloa?

Theknoloji ea DNS e bōpiloe matsatsing a pele a Inthanete, nako e telele pele motho leha e le ofe a qala ho nahana ka ts'ireletso ea marang-rang. DNS e sebetsa ntle le netefatso kapa encryption, e sebetsana le likopo tse sa boneng ho tsoa ho mosebelisi ofe kapa ofe.

Ka lebaka la sena, ho na le mekhoa e mengata ea ho thetsa mosebelisi le ho etsa tlhahisoleseling e fosahetseng mabapi le hore na qeto ea mabitso ho liaterese tsa IP e hlile e etsahala hokae.

Tšireletso ea DNS: Litaba le likarolo

Ts'ireletso ea DNS e na le lintlha tse 'maloa tsa motheo likarolo, e 'ngoe le e' ngoe ea tsona e tlameha ho tsotelloa ho netefatsa tšireletso e felletseng:

• Ho matlafatsa ts'ireletso ea seva le mekhoa ea tsamaiso: eketsa boemo ba ts'ireletso ea seva mme u thehe template e tloaelehileng ea taelo
• Lintlafatso tsa protocol: kenya tshebetsong DNSSEC, DoT kapa DoH
• Litlhahlobo le tlaleho: Kenya lethathamo la liketsahalo tsa DNS ho sistimi ea hau ea SIEM bakeng sa maemo a eketsehileng ha u etsa lipatlisiso tsa liketsahalo
• Cyber ​​​​Intelligence le Ts'okelo: ingolisa ho fepa ea bohlale ba tšokelo e sebetsang
• Motlakase: theha lingoloa tse ngata kamoo ho ka khonehang ho iketsetsa lits'ebetso

Likarolo tse boletsoeng ka holimo tsa boemo bo holimo ke feela ntlha ea leqhoa la tšireletso la DNS. Karolong e latelang, re tla ikakhela ka setotsoana litabeng tsa tšebeliso e khethehileng le mekhoa e metle eo u hlokang ho tseba ka eona.

Litlhaselo tsa DNS

• DNS spoofing kapa chefo ea cache: ho sebelisa kotsi ea sistimi ho theola cache ea DNS ho fetisetsa basebelisi sebakeng se seng.
• DNS tunneling: haholo-holo e sebelisetsoang ho tlola ts'ireletso ea khokahanyo e hole
• DNS ho koeteloa: ho tsamaisa sephethephethe se tloaelehileng sa DNS ho seva sa DNS se fapaneng ka ho fetola registrar ea domain
• NXDOMAIN tlhaselo: ho etsa tlhaselo ea DDoS ho seva se nang le matla sa DNS ka ho romella lipotso tse seng molaong ho fumana karabo e qobelloang.
• Phantom domain: e etsa hore DNS solver e emele karabo ho tsoa libakeng tse seng teng, e leng se bakang ts'ebetso e mpe
• tlhaselo ho subdomain e sa reroang: mabotho a senyehileng le li-botnets li qala tlhaselo ea DDoS sebakeng se nepahetseng, empa li lebisa mollo oa tsona ho li-subdomain tse seng tsa nnete ho qobella seva sa DNS ho sheba lirekoto le ho laola ts'ebeletso.
• domain blocking: e romela likarabo tse ngata tsa spam ho thibela lisebelisoa tsa seva sa DNS
• Tlhaselo ea Botnet ho tsoa ho lisebelisoa tsa ba ngolisitseng: pokello ea likhomphutha, li-modem, li-routers le lisebelisoa tse ling tse lebisang matla a komporo webosaeteng e itseng ho e tlatsa ka likopo tsa sephethephethe.

Litlhaselo tsa DNS

Litlhaselo tseo ka tsela e itseng li sebelisang DNS ho hlasela lits'ebetso tse ling (ke hore, ho fetola lirekoto tsa DNS ha se sepheo sa ho qetela):

• Fast-Flux
• Li-network tsa Flux tse le 'ngoe
• Marang-rang a Flux Networks
• DNS tunneling

Litlhaselo tsa DNS

Litlhaselo tse etsang hore aterese ea IP e hlokoang ke mohlaseli e khutlisetsoe ho tsoa ho seva sa DNS:

• DNS spoofing kapa chefo ea cache
• DNS ho koeteloa

DNSSEC ke eng?

DNSSEC - Lienjineri tsa Ts'ireletso ea Lebitso la Domain - li sebelisetsoa ho netefatsa lirekoto tsa DNS ntle le ho hloka ho tseba lintlha tse akaretsang bakeng sa kopo e 'ngoe le e 'ngoe e khethehileng ea DNS.

DNSSEC e sebelisa Digital Signature Keys (PKIs) ho netefatsa hore na liphetho tsa potso ea lebitso la domain li tsoa mohloling o nepahetseng.
Ho kenya ts'ebetsong DNSSEC ha se feela mokhoa o motle oa indasteri, empa hape ho sebetsa ho qoba litlhaselo tse ngata tsa DNS.

Kamoo DNSSEC e sebetsang kateng

DNSSEC e sebetsa ka mokhoa o ts'oanang le TLS/HTTPS, e sebelisa li-pair tsa linotlolo tsa sechaba le tsa poraefete ho saena lirekoto tsa DNS. Kakaretso ea ts'ebetso:

1. Lirekote tsa DNS li saennoe ka linotlolo tsa poraefete le tsa poraefete
2. Likarabo ho lipotso tsa DNSSEC li na le rekoto e kopiloeng hammoho le signature le senotlolo sa sechaba
3. ebe senotlolo sa sechaba se sebedisoang ho bapisa bonnete ba rekoto le tshaeno

Tšireletso ea DNS le DNSSEC

DNSSEC ke sesebelisoa sa ho lekola botšepehi ba lipotso tsa DNS. Ha e ame boinotši ba DNS. Ka mantsoe a mang, DNSSEC e ka u fa kholiseho ea hore karabo ea potso ea hau ea DNS ha ea senyeha, empa mohlaseli leha e le ofe a ka bona liphetho joalo ka ha li rometsoe ho uena.

DoT - DNS holim'a TLS

Transport Layer Security (TLS) ke mokhoa oa ho sireletsa litaba tse fetisoang ka khokahanyo ea marang-rang. Hang ha khokahanyo e sireletsehileng ea TLS e thehiloe pakeng tsa moreki le seva, data e fetisoang e koetsoe 'me ha ho mokena-lipakeng ea ka e bonang.

TLS e sebelisoang haholo joalo ka karolo ea HTTPS (SSL) ho sebatli sa hau sa marang-rang hobane likopo li romeloa ho boloka li-server tsa HTTP.

DNS-over-TLS (DNS over TLS, DoT) e sebelisa protocol ea TLS ho patala sephethephethe sa UDP sa likopo tse tloaelehileng tsa DNS.
Ho ngolla likopo tsena ka mongolo o hlakileng ho thusa ho sireletsa basebelisi kapa lits'ebetso tse etsang likopo ho tsoa litlhaselong tse 'maloa.

• MitM, kapa "monna ea bohareng": Ntle le encryption, sistimi e mahareng lipakeng tsa moreki le seva ea DNS e nang le matla e ka romella moreki tlhahisoleseling ea bohata kapa e kotsi ho moreki ka lebaka la kopo.
• Espionage le ho latedisa: Ntle le likopo tsa encrypting, ho bonolo hore litsamaiso tsa middleware li bone hore na mosebelisi kapa sesebelisoa se itseng se fihlella libaka life. Leha DNS e le 'ngoe e ke ke ea senola leqephe le ikhethileng le eteloang sebakeng sa marang-rang, ho tseba feela libaka tse kopiloeng ho lekane ho theha profil ea sistimi kapa motho ka mong.

Source: Univesithi ea California Irvine

DoH - DNS holim'a HTTPS

DNS-over-HTTPS (DNS over HTTPS, DoH) ke protocol ea liteko e khothaletsoang ka kopanelo ke Mozilla le Google. Lipakane tsa eona li tšoana le protocol ea DoT-ho ntlafatsa boinotšing ba batho inthaneteng ka ho kenya likopo le likarabo tsa DNS.

Lipotso tse tloaelehileng tsa DNS li romelloa ka UDP. Likopo le likarabo li ka lateloa ho sebelisoa lisebelisoa tse kang Wireshark. DoT e pata likopo tsena, empa li ntse li tsejoa e le sephethephethe sa UDP se ikhethileng marang-rang.

DoH e nka mokhoa o fapaneng 'me e romela likopo tse patiloeng tsa tharollo ea lebitso la moamoheli holim'a likhokahano tsa HTTPS, tse shebahalang joalo ka kopo efe kapa efe ea webo marang-rang.

Phapang ena e na le litlamorao tsa bohlokoa haholo ho batsamaisi ba sistimi le bakeng sa bokamoso ba tharollo ea mabitso.

1. Ho sefa ka DNS ke mokhoa o tloaelehileng oa ho sefa sephethephethe sa Marang-rang ho sireletsa basebelisi tlhaselong ea bosholu, liwebsaete tse abang malware, kapa lintho tse ling tse ka bang kotsi tsa Marang-rang marangrang a khoebo. Protocol ea DoH e feta lihloela tsena, 'me e ka pepesetsa basebelisi le marang-rang kotsing e kholo.
2. Moetsong oa hona joale oa ho rarolla mabitso, sesebelisoa se seng le se seng sa marang-rang se fumana lipotso tsa DNS ho tsoa sebakeng se le seng (seva e boletsoeng ea DNS). DoH, haholo-holo ts'ebetsong ea Firefox ho eona, e bontša hore sena se ka fetoha nakong e tlang. Sesebelisoa se seng le se seng se komporong se ka fumana data ho tsoa mehloling e fapaneng ea DNS, ea etsa hore ho rarolla mathata, ts'ireletso le mohlala oa kotsi o be thata haholoanyane.

Source: www.varonis.com/blog/what-is-powershell

Phapano ke efe lipakeng tsa DNS holim'a TLS le DNS holim'a HTTPS?

Ha re qaleng ka DNS holim'a TLS (DoT). Taba ea mantlha mona ke hore protocol ea mantlha ea DNS ha e fetoloe, empa e fetisoa ka mokhoa o sireletsehileng ka mocha o sireletsehileng. Ka lehlakoreng le leng, DoH e kenya DNS sebopeho sa HTTP pele e etsa likopo.

Litlhokomeliso tsa Tlhokomelo ea DNS

Bokhoni ba ho beha leihlo sephethephethe sa DNS marang-rang a hau bakeng sa liphoso tse belaetsang bo bohlokoa bakeng sa ho lemoha tlolo ea molao kapele. Ho sebelisa sesebelisoa se kang Varonis Edge ho tla u fa bokhoni ba ho lula holim'a metrics eohle ea bohlokoa le ho etsa litlaleho bakeng sa akhaonto e 'ngoe le e' ngoe ho marang-rang a hau. U ka hlophisa litlhokomeliso hore li hlahisoe ka lebaka la motsoako oa liketso tse etsahalang ka nako e itseng.

Ho beha leihlo liphetoho tsa DNS, libaka tsa li-account, ts'ebeliso ea lekhetlo la pele le phihlello ea data ea bohlokoa, le mesebetsi ea kamora lihora tse 'maloa ke metrics e' maloa e ka hokahanngoang ho aha setšoantšo se batsi sa ho lemoha.

Source: www.habr.com