NgoFebruwari, i-Austrian Christian Haschek yapapasha inqaku elinomdla kwiblogi yakhe enesihloko . Ewe, ndaba nomdla kwinto eyayiza kwenzeka ukuba esi sifundo siphindwe, kodwa ngeUkraine. Iiveki ezininzi zokuqokelelwa kolwazi, iintsuku ezimbalwa zokulungiselela inqaku, kwaye ngeli xesha lophando, iincoko kunye nabameli abohlukeneyo boluntu lwethu, emva koko ucacise, emva koko ufumane okungakumbi. Ndicela phantsi kwe cut...
TL; DR
Akukho zixhobo zikhethekileyo zisetyenzisiweyo ukuqokelela ulwazi (nangona abantu abaninzi bacetyiswe ngokusebenzisa i-OpenVAS efanayo ukwenza uphando lube nzulu kwaye lube nolwazi). Ngokhuseleko lwe-IPs olunxulumene ne-Ukraine (ngaphezulu malunga nendlela eyamiselwa ngayo ngezantsi), imeko, ngokombono wam, imbi kakhulu (kwaye ngokuqinisekileyo imbi kakhulu kunoko kwenzeka e-Austria). Akukho malinge enziweyo okanye acetywayo ukuxhaphaza iiseva ezifunyenweyo ezisesichengeni.
Okokuqala: ungazifumana njani zonke iidilesi ze-IP ezizezelizwe elithile?
Ngokwenene ilula kakhulu. Iidilesi ze-IP aziveliswanga lilizwe ngokwalo, kodwa zabelwe kulo. Ke ngoko, kukho uluhlu (kwaye lusesidlangalaleni) lwawo onke amazwe kunye nazo zonke ii-IP ezizezabo.
Wonke umntu unako kwaye emva koko uyihluze grep Ukraine IP2LOCATION-LITE-DB1.CSV> ukraine.csv
, ikuvumela ukuba uzise uluhlu kwifomu esebenzisekayo ngakumbi.
Ukraine ngabanini phantse iidilesi ezininzi IPv4 njengoko Austria, ngaphezu 11 million 11 ukuba ngqo (uthelekiso, Austria has 640).
Ukuba awufuni ukudlala ngeedilesi ze-IP ngokwakho (kwaye akufanele!), ngoko ungasebenzisa inkonzo. .
Ngaba kukho oomatshini beWindows abangafakwanga eUkraine abanokufikelela ngokuthe ngqo kwi-Intanethi?
Ewe kunjalo, akukho namnye umntu waseUkraine owaziyo oza kuvula ukufikelela okunjalo kwiikhompyuter zabo. Okanye ngaba kuya kuba njalo?
masscan -p445 --rate 300 -iL ukraine.ips -oG ukraine.445.scan && cat ukraine.445.scan | wc -lOomatshini beWindows 5669 abanokufikelela ngokuthe ngqo kwinethiwekhi bafunyenwe (e-Austria kukho i-1273 kuphela, kodwa ininzi).
Yhu. Ngaba kukho na phakathi kwabo abanokuhlaselwa ngokusetyenziswa kwe-ETHERNALBLUE, eyaziwayo ukususela kwi-2017? Kwakungekho nanye inqwelo-mafutha enjalo eOstriya, yaye ndandinethemba lokuba yayingayi kufunyanwa naseUkraine. Ngelishwa, ayiloncedo. Sifumene iidilesi ze-IP eziyi-198 ezingawuvalanga lo βmngxunyaβ ngokwawo.
DNS, DDoS kunye nobunzulu bomngxuma womvundla
Kwanele malunga neWindows. Makhe sibone into esinayo ngeeseva ze-DNS, ezizisombululi ezivulekileyo kwaye zingasetyenziselwa ukuhlaselwa kwe-DDoS.
Isebenza into enje. Umhlaseli uthumela isicelo esincinci se-DNS, kwaye umncedisi osengozini uphendula kwixhoba ngepakethi ephindwe ngama-100 amakhulu. Boom! Amanethiwekhi oshishino anokukhawuleza ukuwa ukusuka kumthamo onjalo wedatha, kwaye uhlaselo lufuna i-bandwidth enokubonelela nge-smartphone yanamhlanje. Kwaye kwakukho uhlaselo olunjalo nakwi-GitHub.
Makhe sibone ukuba kukho iiseva ezinjalo e-Ukraine.
masscan -pU 53 -iL ukraine.ips -oG ukraine.53.scan && cat ukraine.53.scan | wc -lInyathelo lokuqala kukufumana abo banezibuko elivulekileyo 53. Ngenxa yoko, sinoluhlu lweedilesi ze-IP ze-58, kodwa oku akuthethi ukuba zonke zingasetyenziselwa ukuhlaselwa kwe-DDoS. Imfuno yesibini kufuneka ifezekiswe, eyile, mazibe zisisombululo esivulekileyo.
Ukwenza oku, sinokusebenzisa umyalelo olula wokumba kwaye sibone ukuba sinako "ukumba" ukumba + uvavanyo olufutshane.openresolver.com TXT @ip.of.dns.server. Ukuba umncedisi uphendule nge-open-resolver-efunyenwe, ngoko inokuthathwa njengento ekujoliswe kuyo ekuhlaselweni. Izisombululi ezivulelekileyo zenza malunga ne-25%, ethelekiseka ne-Austria. Ngokwenani elipheleleyo, oku malunga ne-0,02% yazo zonke ii-IP zase-Ukraine.
Yintoni enye ongayifumana eUkraine?
Ndiyavuya ubuze. Kulula (kwaye eyona nto inomdla kum ngokobuqu) ukujonga i-IP nge-port evulekile 80 kunye nokuba yintoni eqhuba kuyo.
umncedisi wewebhu
I-260 IPs yaseUkraine iphendula kwi-port 849 (http). Iidilesi ze-80 ziphendule kakuhle (i-125 status) kwisicelo esilula se-GET esinokusithumela isikhangeli sakho. Abanye bavelise impazamo enye okanye enye. Kuyathakazelisa ukuba abancedisi be-444 bakhuphe isimo se-200, kwaye iimeko ezinqabileyo ziyi-853 (isicelo sokugunyazwa kwe-proxy) kunye ne-500 engekho ngokupheleleyo (i-IP engekho "kuluhlu olumhlophe") kwimpendulo enye.
I-Apache yongamele ngokupheleleyo - iiseva ezingama-114 ziyayisebenzisa. Inguqulo endala endiyifumene e-Ukraine yi-544, yakhululwa ngo-Oktobha 1.3.29, 29 (!!!). i-nginx ikwindawo yesibini kunye nama-server angama-2003.
Iiseva ezili-11 zisebenzisa i-WinCE, eyakhululwa ngo-1996, kwaye bagqiba ukuyidibanisa ngo-2013 (kukho ezi-4 kuphela kwezi e-Austria).
Iprotocol ye-HTTP/2 isebenzisa iiseva ze-5, i-HTTP/144 - 1.1, i-HTTP/256 - 836.
Abashicileli ... kuba ... kutheni kungenjalo?
2 HP, 5 Epson kunye 4 Canon, ezifikelelekayo ukusuka kuthungelwano, ezinye zazo ngaphandle kogunyaziso.
iiwebcams
Akunjalo iindaba ukuba e-Ukraine kukho i-LOT ye-webcams ezisasaza kwi-Intanethi, eqokelelwe kwizibonelelo ezahlukeneyo. Ubuncinci iikhamera ezingama-75 zisasaza kwi-Intanethi ngaphandle kokhuseleko. Unokuzijonga .
Yintoni elandelayo?
I-Ukraine lilizwe elincinci, njenge-Austria, kodwa lineengxaki ezifanayo njengamazwe amakhulu kwicandelo le-IT. Kufuneka siphuhlise ukuqonda ngcono ukuba yintoni na ekhuselekileyo kwaye yintoni eyingozi, kwaye abavelisi bezixhobo kufuneka babonelele ngolungelelwaniso lokuqala olukhuselekileyo lwezixhobo zabo.
Ukongeza, ndiqokelela iinkampani zamaqabane (), enokukunceda uqinisekise ingqibelelo yesiseko sakho se-IT. Inyathelo elilandelayo endiceba ukulenza kukuphonononga ukhuseleko lwewebhusayithi zaseUkraine. Musa ukutshintsha!
umthombo: www.habr.com