Ake sikuxoxele indaba emnandi yokuthi "abantu besithathu" bazama kanjani ukuphazamisa umsebenzi wamakhasimende ethu, nokuthi le nkinga yaxazululwa kanjani.
Kwaqala kanjani konke
Konke kwaqala ekuseni ngo-Okthoba 31, usuku lokugcina lwenyanga, lapho abaningi bedinga kakhulu ukuba nesikhathi sokuxazulula izinkinga eziphuthumayo nezibalulekile.
Omunye wabalingani, ogcina imishini embalwa ebonakalayo yamakhasimende awakhonzayo efwini lethu, ubike ukuthi kusukela ngo-9:10 kuye ku-9:20 amaseva amaningana e-Windows asebenza kusayithi lethu lase-Ukraine awazange akwamukele ukuxhunywa kusevisi yokufinyelela kude , abasebenzisi abakwazanga. ukungena kumadeskithophu abo, kodwa ngemva kwemizuzu embalwa inkinga yabonakala izixazulula ngokwayo.
Siphakamise izibalo zokusebenza kweziteshi zokuxhumana, kodwa asizange sithole noma yikuphi ukunyuka kwethrafikhi noma ukwehluleka. Sibheke izibalo zomthwalo wezinsiza zekhompyutha - akukho okudidayo. Kwakuyini lokho?
Khona-ke omunye umlingani, ophethe amaseva angaba yikhulu efwini lethu, ubike izinkinga ezifanayo eziphawulwe amanye amaklayenti abo, futhi kwavela ukuthi ngokuvamile amaseva ayefinyeleleka (ephendula kahle ukuhlolwa kwe-ping nezinye izicelo), kodwa isevisi yokufinyelela kude kulawa maseva yamukela ukuxhumeka okusha noma iyakwenqaba, futhi besikhuluma ngamaseva kumasayithi ahlukene, ithrafikhi evela eziteshini ezihlukene zokudlulisa idatha.
Ake sibheke le traffic. Iphakethe elinesicelo sokuxhuma lifika kuseva:
xx:xx:xx.xxxxxx IP xxx.xxx.xxx.xxx.58355 > 192.168.xxx.xxx.3389: Flags [S], seq 467744439, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
Iseva ithola leli phakethe, kodwa yenqaba uxhumano:
xx:xx:xx.xxxxxx IP 192.168.xxx.xxx.3389 > xxx.xxx.xxx.xxx.58355: Flags [R.], seq 0, ack 467744440, win 0, length 0
Lokhu kusho ukuthi inkinga ngokusobala ayibangelwa yinoma yiziphi izinkinga ekusebenzeni kwengqalasizinda, kodwa ngokunye. Mhlawumbe bonke abasebenzisi banezinkinga ngokulayisensa kwedeskithophu ekude? Mhlawumbe uhlobo oluthile lohlelo olungayilungele ikhompuyutha lukwazile ukungena ezinhlelweni zabo, futhi namuhla lwenziwe lwasebenza, njengoba lwalunjalo eminyakeni embalwa edlule. I-XData и Petya?
Ngenkathi sisayilungisa, sithole izicelo ezifanayo ezivela kumakhasimende amaningi nozakwethu abambalwa.
Kwenzekani ngempela kule mishini?
Amalogi omcimbi agcwele imilayezo emayelana nemizamo yokuqagela igama-mfihlo:
Ngokuvamile, imizamo enjalo ibhaliswe kuwo wonke amaseva lapho imbobo evamile (3389) isetshenziselwa isevisi yokufinyelela kude futhi ukufinyelela kuvunyelwe kusuka yonke indawo. I-inthanethi igcwele ama-bots ahlala ehlola zonke izindawo zokuxhuma ezitholakalayo bese uzama ukuqagela igama-mfihlo (yingakho sincoma ngokuqinile ukusebenzisa amagama ayimfihlo ayinkimbinkimbi esikhundleni sika-“123”). Nokho, umfutho wale mizamo ngalolo suku wawuphezulu kakhulu.
Ungaqhubeka kanjani?
Ncoma ukuthi amakhasimende achithe isikhathi esiningi eshintsha izilungiselelo zenombolo enkulu yabasebenzisi bokugcina ukuze bashintshele endaweni ehlukile? Akuwona umqondo omuhle, amakhasimende ngeke ajabule. Ncoma ukuvumela ukufinyelela kuphela nge-VPN? Ngokuxhamazela nokwethuka, ukukhulisa ukuxhumana kwe-IPSec kulabo abangakunyuswanga - mhlawumbe injabulo enjalo ayimomotheki nakumakhasimende. Nakuba, kufanele ngisho, lokhu kuyinto yokwesaba uNkulunkulu kunoma yikuphi, sincoma njalo ukufihla iseva kunethiwekhi yangasese futhi silungele ukusiza ngezilungiselelo, futhi kulabo abathanda ukuzitholela ngokwabo, sabelana ngemiyalo. ngokusetha i-IPSec/L2TP emafini ethu endaweni-kuya-kwisayithi noma kumodi yomgwaqo -warrior, futhi uma noma ubani efuna ukumisa isevisi ye-VPN kuseva yakhe ye-Windows, uhlala elungele ukwabelana ngamathiphu okuthi ungayenza kanjani i- i-RAS ejwayelekile noma i-OpenVPN. Kodwa, kungakhathaliseki ukuthi sasipholile kangakanani, lesi kwakungesona isikhathi esingcono kakhulu sokuqhuba umsebenzi wokufundisa phakathi kwamakhasimende, njengoba sasidinga ukulungisa inkinga ngokushesha ngangokunokwenzeka ngokucindezeleka okuncane kubasebenzisi.
Isixazululo esisisebenzisile kube yilesi esilandelayo. Senze ukuhlaziywa kwethrafikhi edlulayo ngendlela yokuqapha yonke imizamo yokusungula uxhumano lwe-TCP ku-port 3389 futhi sikhethe kuyo amakheli okuthi, phakathi nemizuzwana engu-150, ukuzama ukusungula ukuxhumana namaseva ahlukene angaphezu kwe-16 kunethiwekhi yethu. - lena yimithombo yokuhlasela ( Kunjalo, uma elinye lamakhasimende noma ozakwethu benesidingo sangempela sokusungula ukuxhumana namaseva amaningi kangaka avela emthonjeni ofanayo, ungahlala wengeza imithombo enjalo “kuhlu olumhlophe.” Ngaphezu kwalokho, uma kunethiwekhi yekilasi C eyodwa kulawa masekhondi angu-150, amakheli angaphezu kuka-32 ahlonziwe, kunengqondo ukuvimba yonke inethiwekhi. lo mthombo ukhishwa ngokuzenzakalelayo “kuhlu olumnyama.” Uhlu lwemithombo evinjiwe lubuyekezwa njalo ngemizuzwana engama-3.
Lolu hlu luyatholakala kuleli kheli: , ungakha ama-ACL akho ngokusekelwe kukho.
Sesilungele ukwabelana ngekhodi yomthombo yohlelo olunjalo; akukho lutho oluyinkimbinkimbi kakhulu kuyo (lezi izikripthi ezimbalwa ezilula ezihlanganiswe ngokoqobo amahora ambalwa emadolweni), futhi ngasikhathi sinye zingashintshwa futhi zingasetshenziswa. ukuvikela kuphela ekuhlaselweni okunjalo, kodwa futhi ukuthola nokuvimbela noma yimiphi imizamo yokuskena inethiwekhi:
Ngaphezu kwalokho, senze izinguquko ezithile kuzilungiselelo zohlelo lokuqapha, manje oluqapha kakhulu ukusabela kweqembu elilawulayo lamaseva abonakalayo efwini lethu emzamweni wokusungula uxhumano lwe-RDP: uma ukusabela kungalandeli ngaphakathi okwesibili, lesi yisizathu sokunaka.
Isixazululo siphumelele impela: azisekho izikhalo ezivela kumakhasimende nozakwethu, kanye nohlelo lokuqapha. Amakheli amasha nawo wonke amanethiwekhi afakwa njalo ohlwini lwabavinjelwe, okubonisa ukuthi ukuhlasela kuyaqhubeka, kodwa akusaphazamisi umsebenzi wamakhasimende ethu.
Kukhona ukuphepha ngezinombolo
Namuhla sifunde ukuthi abanye o-opharetha bahlangabezane nenkinga efanayo. Othile usakholelwa ukuthi iMicrosoft yenza izinguquko ezithile kukhodi yesevisi yokufinyelela kude (uma ukhumbula, sasola into efanayo ngosuku lokuqala, kodwa sayinqaba ngokushesha le nguqulo) futhi ithembisa ukwenza konke okusemandleni ukuthola isisombululo ngokushesha. . Abanye abantu bamane bashaye indiva inkinga bese beluleka amaklayenti ukuthi azivikele ngokwawo (shintsha imbobo yokuxhuma, fihla iseva kunethiwekhi yangasese, njalonjalo). Futhi ngosuku lokuqala, asizange sixazulule le nkinga kuphela, kodwa futhi sakha isisekelo sohlelo lokuthola usongo lomhlaba wonke, esihlela ukulwenza.
Sibonga ngokukhethekile kumakhasimende nabalingani abangazange bathule futhi abangahlalanga osebeni lomfula belinde isidumbu sesitha ukuba sintante ngaso ngelinye ilanga, kodwa ngokushesha basidonsela ukunakekela kule nkinga, eyasinika ithuba lokuyiqeda. ngalolo suku.
Source: www.habr.com