I-Rostelecom yenze uphando lokuhlaselwa kwe-DDoS olwenziwa kwicandelo laseRashiya le-Intanethi kwi-2018. Njengoko ingxelo ibonisa, kwi-2018 kwakukho ukunyuka okubukhali kungekhona nje kwinani lokuhlaselwa kwe-DDoS, kodwa nakumandla abo. Ingqalelo yabahlaseli idla ngokujikela kwiiseva zomdlalo.
Inani elipheleleyo lokuhlaselwa kwe-DDoS kwi-2018 lenyuke nge-95% xa kuthelekiswa nonyaka odlulileyo. Inani elikhulu lokuhlaselwa libhalwe ngoNovemba noDisemba. Iinkampani ezininzi ze-e-commerce zifumana inxalenye ebalulekileyo yeenzuzo zabo ekupheleni konyaka, okt. ngeeholide zoNyaka oMtsha nakwiiveki ezandulelayo. Ukhuphiswano luqatha ngakumbi ngeli xesha. Ukongeza, ngexesha leeholide kukho incopho yomsebenzi wabasebenzisi kwimidlalo ye-intanethi.
Uhlaselo olude kakhulu olubhalwe nguRostelecom kwi-2017 lwenzeka ngo-Agasti kwaye lwahlala iiyure ze-263 (phantse iintsuku ze-11). Kwi-2018, uhlaselo olubhalwe ngo-Matshi kwaye luhlala iiyure ze-280 (iintsuku ze-11 kunye neeyure ze-16) zifikelele kumanqanaba okurekhoda.
Unyaka odlulileyo ubone ukunyuka okubukhali kwamandla okuhlaselwa kweDDoS. Ukuba ngo-2017 eli nani alidlulanga i-54 Gbit / s, ngoko ngo-2018 uhlaselo olubi kakhulu lwenziwa ngesantya se-450 Gbit / s. Oku ibingekuko ukuguquguquka okukodwa: kabini kuphela enyakeni apho eli nani lehla kakhulu ngaphantsi kwe-50 Gbit/s - ngoJuni nango-Agasti.
Ngubani ohlaselwa rhoqo?
Izibalo ezivela kwi-2018 ziqinisekisa ukuba isongelo se-DDoS sisona sifanelekileyo kumashishini aneenkqubo zoshishino ezibalulekileyo ezixhomekeke ekufumanekeni kweenkonzo ze-intanethi kunye nezicelo - ngokuyinhloko icandelo lokudlala kunye ne-e-commerce.
Isabelo sokuhlaselwa kweeseva zomdlalo sasingama-64%. Ngokutsho kwabahlalutyi, umfanekiso awuyi kutshintsha kwiminyaka ezayo, kwaye ngokuphuhliswa kwe-e-sports, sinokulindela ukwanda okungaphezulu kwinani lokuhlaselwa kwishishini. Amashishini e-e-commerce ahlala βebambaβ indawo yesibini (16%). Xa kuthelekiswa no-2017, isabelo sokuhlaselwa kwe-DDoS kwi-telecoms sanda ukusuka kwi-5% ukuya kwi-10%, ngelixa isabelo samaziko emfundo, ngokuchaseneyo, sinciphile - ukusuka kwi-10% ukuya kwi-1%.
Kuyaqikelelwa ukuba ngokwenani eliphakathi lohlaselo lomxumi ngamnye, icandelo lemidlalo kunye ne-e-commerce lithatha izabelo ezibalulekileyo - i-45% kunye ne-19%, ngokulandelanayo. Okungalindelekanga ngakumbi kukwanda okubalulekileyo kokuhlaselwa kweebhanki kunye neenkqubo zokuhlawula. Nangona kunjalo, oku kunokwenzeka ngenxa ye-2017 ethule kakhulu emva kwephulo elichasene necandelo lebhanki laseRashiya ekupheleni kwe-2016. Kwi-2018, yonke into ibuyele ngokuqhelekileyo.
Iindlela zokuhlasela
Eyona ndlela idumileyo ye-DDoS yi-UDP yezikhukhula - phantse i-38% yazo zonke izihlaselo zenziwa ngokusebenzisa le ndlela. Oku kulandelwa ngumkhukula we-SYN (i-20,2%) kwaye phantse ihlulwe ngokulinganayo ngokuhlaselwa kweepakethe eziqhekezayo kunye ne-DNS amplification - 10,5% kunye ne-10,1%, ngokulandelanayo.
Ngexesha elifanayo, ukuthelekiswa kwezibalo ze-2017 kunye ne-2018. ibonisa ukuba isabelo sohlaselo lwesikhukula seSYN siphantse saphinda kabini. Sicinga ukuba oku kungenxa yokulula kwabo kunye neendleko eziphantsi - ukuhlaselwa okunjalo akufuni ubukho be-botnet (oko kukuthi, iindleko zokudala / ukurenta / ukuyithenga).
Inani lokuhlaselwa usebenzisa i-amplifiers liye landa. Xa uququzelela i-DDoS nge-amplification, abahlaseli bathumela izicelo ngedilesi yomthombo womgunyathi kwiiseva, eziphendula kwixhoba lohlaselo kunye neepakethi eziphindaphindayo. Le ndlela yokuhlaselwa kwe-DDoS inokufikelela kwinqanaba elitsha kwaye ixhaphake kakhulu kwixesha elizayo, ekubeni nayo ayifuni iindleko zokulungiselela okanye zokuthenga i-botnet. Ngakolunye uhlangothi, ngophuhliso lwe-Intanethi ye-Intanethi kunye nenani elikhulayo lezinto ezinobungozi ezaziwayo kwizixhobo ze-IoT, sinokulindela ukuvela kweebhotnets ezintsha ezinamandla, kwaye ngenxa yoko, ukunciphisa iindleko zeenkonzo zokuququzelela ukuhlaselwa kweDDoS.
umthombo: www.habr.com