Akuyomfihlo ukuba i-Intanethi yindawo enobutshaba kakhulu. Nje ukuba uphakamise iseva, iphantsi kohlaselo olukhulu kunye nokuskena okuninzi. Umzekelo
ITarpit lizibuko elisetyenziselwa ukucothisa udibaniso olungenayo. Ukuba inkqubo yomntu wesithathu idibanisa kweli zibuko, awuyi kukwazi ukuvala ngokukhawuleza uxhulumaniso. Kuya kufuneka achithe izixhobo zakhe zenkqubo kwaye alinde de kube lixesha lokuqhagamshelwa, okanye ayiphelise ngesandla.
Amaxesha amaninzi, iitarpits zisetyenziselwa ukukhusela. Ubuchwephesha baqale baphuhliswa ukukhusela kwiintshulube zekhompyuter. Kwaye ngoku ingasetyenziselwa ukonakalisa ubomi be-spammers kunye nabaphandi ababandakanyekayo kwi-scanning ebanzi yazo zonke iidilesi ze-IP ngokulandelelana (imizekelo kuHabrΓ©:
Omnye wabalawuli benkqubo ogama linguChris Wellons ngokucacileyo wadinwa kukubukela eli hlazo-kwaye wabhala inkqubo encinci.
Ukufakelwa koncedo:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Itarpit ephunyezwe ngokufanelekileyo iya kuthatha izixhobo ezininzi kumhlaseli kunawe. Kodwa ayingombandela wemithombo. Umbhali
Kwimo yokusebenza, i-Endlessh iseva kufuneka ifakwe kwi-port eqhelekileyo ye-22, apho i-hooligans inkqonkqoza ngobuninzi. Iingcebiso ezisemgangathweni zokhuseleko zihlala zicebisa ukuhambisa i-SSH kwi-port eyahlukileyo, enciphisa ngokukhawuleza ubukhulu beelogi ngomyalelo wobukhulu.
UChris Wellons uthi inkqubo yakhe isebenzisa umhlathi omnye wengcaciso SSH-
.
Yile nto kanye eyenziwa yi-Endlessh program: yona ithumela nga pheleli umjelo wedatha eyenziwe ngokungenamkhethe, ethobela i-RFC 4253, oko kukuthi, thumela phambi koqinisekiso, kwaye umgca ngamnye uqala ngo SSH-
kwaye ayidluli kuma-255 oonobumba, kuquka nomgca ophelayo. Ngokubanzi, yonke into ihambelana nomgangatho.
Ngokungagqibekanga, inkqubo ilinda imizuzwana eyi-10 phakathi kokuthumela iipakethi. Oku kuthintela umxhasi ukuba aphelelwe lixesha, ngoko umxhasi uya kubanjiswa ngonaphakade.
Ekubeni idatha ithunyelwa ngaphambi kokuba i-cryptography isetyenziswe, inkqubo ilula kakhulu. Ayidingi kuphumeza naziphi na ii-ciphers kwaye ixhasa iiprothokholi ezininzi.
Umbhali wazama ukuqinisekisa ukuba i-utility idla ubuncinci bezibonelelo kwaye isebenza ngokungaqatshelwanga ngokupheleleyo kumatshini. Ngokungafaniyo nee-antivirus zanamhlanje kunye nezinye "iinkqubo zokhuseleko," akufuneki ukuba icothise ikhompyuter yakho. Ukwazile ukunciphisa zombini i-traffic kunye nokusetyenziswa kwememori ngenxa yokuphunyezwa kwesoftware enobuqili ngakumbi. Ukuba iqalise inkqubo eyahlukileyo kuqhagamshelo olutsha, ke abahlaseli abanokuthi baqalise uhlaselo lwe-DDoS ngokuvula uqhagamshelo oluninzi ukukhupha izixhobo kumatshini. Intambo enye ngoqhagamshelo ayilolona khetho lungcono, kuba i-kernel iya kuchitha izixhobo zokulawula imisonto.
Yiyo loo nto uChris Wellons ekhethe olona khetho lukhaphukhaphu kwi-Endlessh: iseva enomsonto omnye poll(2)
, apho abathengi abakwi-trap badla phantse akukho zixhobo ezongezelelweyo, zingabali into ye-socket kwi-kernel kunye nezinye i-78 bytes zokulandelela kwi-Endlesssh. Ukuze ugweme ukwaba ii-buffers zokufumana kunye nokuthumela umxhasi ngamnye, i-Endlessh ivula i-socket yokufikelela ngokuthe ngqo kwaye iguqulela iipakethi ze-TCP ngokuthe ngqo, idlula phantse yonke inkqubo yokusebenza ye-TCP / IP stack. I-buffer engenayo ayidingeki kwaphela, kuba asinamdla kwidatha engenayo.
Umbhali uthi ngexesha lenkqubo yakhe
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
I-Asyncio ilungele ukubhala iitarpits. Umzekelo, le hook iya kumisa iFirefox, iChrome, okanye nawuphi na omnye umxhasi ozama ukuqhagamshela kwiseva yakho yeHTTP iiyure ezininzi:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
I-Tarpit sisixhobo esihle sokohlwaya abantu abaxhaphaza abantu kwi-intanethi. Enyanisweni, kukho umngcipheko, ngokuchaseneyo, ukutsala ingqalelo yabo kwindlela yokuziphatha engaqhelekanga yomncedisi othile. Umntu
Iindawo zokuhlala:
I-Python, ukhuseleko lolwazi, iSoftware, ulawulo lweNkqubo
tags:
SSH, Endlessh, tarpit, tarpit, trap, asycio
I-Trap (tarpit) yoqhagamshelwano lwe-SSH olungenayo
Akuyomfihlo ukuba i-Intanethi yindawo enobutshaba kakhulu. Nje ukuba uphakamise iseva, iphantsi kohlaselo olukhulu kunye nokuskena okuninzi. Umzekelo
ITarpit lizibuko elisetyenziselwa ukucothisa udibaniso olungenayo. Ukuba inkqubo yomntu wesithathu idibanisa kweli zibuko, awuyi kukwazi ukuvala ngokukhawuleza uxhulumaniso. Kuya kufuneka achithe izixhobo zakhe zenkqubo kwaye alinde de kube lixesha lokuqhagamshelwa, okanye ayiphelise ngesandla.
Amaxesha amaninzi, iitarpits zisetyenziselwa ukukhusela. Ubuchwephesha baqale baphuhliswa ukukhusela kwiintshulube zekhompyuter. Kwaye ngoku ingasetyenziselwa ukonakalisa ubomi be-spammers kunye nabaphandi ababandakanyekayo kwi-scanning ebanzi yazo zonke iidilesi ze-IP ngokulandelelana (imizekelo kuHabrΓ©:
Omnye wabalawuli benkqubo ogama linguChris Wellons ngokucacileyo wadinwa kukubukela eli hlazo-kwaye wabhala inkqubo encinci.
Ukufakelwa koncedo:
$ make
$ ./endlessh &
$ ssh -p2222 localhost
Itarpit ephunyezwe ngokufanelekileyo iya kuthatha izixhobo ezininzi kumhlaseli kunawe. Kodwa ayingombandela wemithombo. Umbhali
Kwimo yokusebenza, i-Endlessh iseva kufuneka ifakwe kwi-port eqhelekileyo ye-22, apho i-hooligans inkqonkqoza ngobuninzi. Iingcebiso ezisemgangathweni zokhuseleko zihlala zicebisa ukuhambisa i-SSH kwi-port eyahlukileyo, enciphisa ngokukhawuleza ubukhulu beelogi ngomyalelo wobukhulu.
UChris Wellons uthi inkqubo yakhe isebenzisa umhlathi omnye wengcaciso SSH-
.
Yile nto kanye eyenziwa yi-Endlessh program: yona ithumela nga pheleli umjelo wedatha eyenziwe ngokungenamkhethe, ethobela i-RFC 4253, oko kukuthi, thumela phambi koqinisekiso, kwaye umgca ngamnye uqala ngo SSH-
kwaye ayidluli kuma-255 oonobumba, kuquka nomgca ophelayo. Ngokubanzi, yonke into ihambelana nomgangatho.
Ngokungagqibekanga, inkqubo ilinda imizuzwana eyi-10 phakathi kokuthumela iipakethi. Oku kuthintela umxhasi ukuba aphelelwe lixesha, ngoko umxhasi uya kubanjiswa ngonaphakade.
Ekubeni idatha ithunyelwa ngaphambi kokuba i-cryptography isetyenziswe, inkqubo ilula kakhulu. Ayidingi kuphumeza naziphi na ii-ciphers kwaye ixhasa iiprothokholi ezininzi.
Umbhali wazama ukuqinisekisa ukuba i-utility idla ubuncinci bezibonelelo kwaye isebenza ngokungaqatshelwanga ngokupheleleyo kumatshini. Ngokungafaniyo nee-antivirus zanamhlanje kunye nezinye "iinkqubo zokhuseleko," akufuneki ukuba icothise ikhompyuter yakho. Ukwazile ukunciphisa zombini i-traffic kunye nokusetyenziswa kwememori ngenxa yokuphunyezwa kwesoftware enobuqili ngakumbi. Ukuba iqalise inkqubo eyahlukileyo kuqhagamshelo olutsha, ke abahlaseli abanokuthi baqalise uhlaselo lwe-DDoS ngokuvula uqhagamshelo oluninzi ukukhupha izixhobo kumatshini. Intambo enye ngoqhagamshelo ayilolona khetho lungcono, kuba i-kernel iya kuchitha izixhobo zokulawula imisonto.
Yiyo loo nto uChris Wellons ekhethe olona khetho lukhaphukhaphu kwi-Endlessh: iseva enomsonto omnye poll(2)
, apho abathengi abakwi-trap badla phantse akukho zixhobo ezongezelelweyo, zingabali into ye-socket kwi-kernel kunye nezinye i-78 bytes zokulandelela kwi-Endlesssh. Ukuze ugweme ukwaba ii-buffers zokufumana kunye nokuthumela umxhasi ngamnye, i-Endlessh ivula i-socket yokufikelela ngokuthe ngqo kwaye iguqulela iipakethi ze-TCP ngokuthe ngqo, idlula phantse yonke inkqubo yokusebenza ye-TCP / IP stack. I-buffer engenayo ayidingeki kwaphela, kuba asinamdla kwidatha engenayo.
Umbhali uthi ngexesha lenkqubo yakhe
import asyncio
import random
async def handler(_reader, writer):
try:
while True:
await asyncio.sleep(10)
writer.write(b'%xrn' % random.randint(0, 2**32))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 2222)
async with server:
await server.serve_forever()
asyncio.run(main())
I-Asyncio ilungele ukubhala iitarpits. Umzekelo, le hook iya kumisa iFirefox, iChrome, okanye nawuphi na omnye umxhasi ozama ukuqhagamshela kwiseva yakho yeHTTP iiyure ezininzi:
import asyncio
import random
async def handler(_reader, writer):
writer.write(b'HTTP/1.1 200 OKrn')
try:
while True:
await asyncio.sleep(5)
header = random.randint(0, 2**32)
value = random.randint(0, 2**32)
writer.write(b'X-%x: %xrn' % (header, value))
await writer.drain()
except ConnectionResetError:
pass
async def main():
server = await asyncio.start_server(handler, '0.0.0.0', 8080)
async with server:
await server.serve_forever()
asyncio.run(main())
I-Tarpit sisixhobo esihle sokohlwaya abantu abaxhaphaza abantu kwi-intanethi. Enyanisweni, kukho umngcipheko, ngokuchaseneyo, ukutsala ingqalelo yabo kwindlela yokuziphatha engaqhelekanga yomncedisi othile. Umntu
umthombo: www.habr.com