Sawubona wonke umuntu!
Namuhla ngifuna ukukhuluma ngesixazululo sefu sokusesha nokuhlaziya ubungozi be-Qualys Vulnerability Management, lapho .
Ngezansi ngizobonisa ukuthi ukuskena ngokwako kuhlelwe kanjani nokuthi yiluphi ulwazi olumayelana nokuba sengozini olungatholwa ngokusekelwe emiphumeleni.
Yini engaskenwa
Izinkonzo zangaphandle. Ukuskena izinsiza ezinokufinyelela ku-inthanethi, iklayenti lisinikeza amakheli alo e-IP kanye nemininingwane (uma ukuskena okunobuqiniso kudingekile). Siskena amasevisi sisebenzisa ifu le-Qualys futhi sithumele umbiko ngokusekelwe emiphumeleni.
Izinkonzo zangaphakathi. Kulokhu, isithwebuli sibheka ubungozi kumaseva angaphakathi nengqalasizinda yenethiwekhi. Ngokusebenzisa ukuskena okunjalo, ungasungula izinguqulo zezinhlelo zokusebenza, izinhlelo zokusebenza, izimbobo ezivulekile kanye nezinsizakalo ngemuva kwazo.
Kufakwe isithwebuli se-Qualys ukuze siskenwe ngaphakathi kwengqalasizinda yeklayenti. Ifu le-Qualys lisebenza njengesikhungo sokuyala lesi sithwebuli lapha.
Ngokungeziwe kuseva yangaphakathi ene-Qualys, ama-agent (I-Cloud Agent) angafakwa ezintweni eziskeniwe. Baqoqa ulwazi mayelana nesistimu endaweni futhi badale kungabikho mthwalo kunethiwekhi noma kubasingathi abasebenza kubo. Ulwazi olutholiwe luthunyelwa efwini.
Kunamaphuzu amathathu abalulekile lapha: ukuqinisekiswa nokukhethwa kwezinto ezizoskenwa.
- Ukusebenzisa Ukuqinisekisa. Amanye amakhasimende acela ukuskena kwebhokisi elimnyama, ikakhulukazi izinsiza zangaphandle: asinika amakheli e-IP ahlukahlukene ngaphandle kokucacisa isistimu futhi athi βyiba njengomgebengu we-inthanethi.β Kodwa abaduni abavamile ukwenza ngokungaboni. Uma kukhulunywa ngokuhlasela (hhayi uphenyo), bayazi ukuthi bagebenga ini.
Ngokungaboni, i-Qualys ingase ifike kuma-decoy banners futhi iwaskene esikhundleni sesistimu eqondiwe. Futhi ngaphandle kokuqonda ukuthi yini ngempela ezoskenwa, kulula ukuphuthelwa izilungiselelo zesithwebuli futhi "unamathisele" isevisi ehlolwayo.
Ukuskena kuzoba nenzuzo enkulu uma wenza ukuhlola kokuqinisekisa phambi kwamasistimu askeniwa (ibhokisi elimhlophe). Ngale ndlela isithwebuli sizoqonda ukuthi sivelaphi, futhi uzothola idatha ephelele mayelana nokuba sengozini kwesistimu eqondiwe.
I-Qualys inezinketho eziningi zokuqinisekisa. - Izimpahla zeqembu. Uma uqala ukuskena yonke into ngesikhathi esisodwa futhi ngokungakhethi, kuzothatha isikhathi eside futhi udale umthwalo ongadingekile kumasistimu. Kungcono ukuhlanganisa ababungazi nezinsizakalo ngamaqembu ngokusekelwe ekubalulekeni, indawo, inguqulo ye-OS, ukubaluleka kwengqalasizinda nezinye izici (kuma-Qualy abizwa ngokuthi Amaqembu Efa kanye Nomaka Befa) bese ukhetha iqembu elithile lapho uskena.
- Khetha iwindi lobuchwepheshe ukuze uskene. Noma ngabe ucabangile futhi walungisa, ukuskena kudala ingcindezi eyengeziwe ohlelweni. Ngeke ngempela kubangele ukucekelwa phansi kwesevisi, kodwa kungcono ukuyikhethela isikhathi esithile, njenge-backup noma i-rollover yezibuyekezo.
Yini ongayifunda kule mibiko?
Ngokusekelwe emiphumeleni yokuskena, iklayenti lithola umbiko ongeke uqukathe kuphela uhlu lwabo bonke ubungozi obutholakele, kodwa futhi nezincomo eziyisisekelo zokubuqeda: izibuyekezo, amapeshi, njll. I-Qualys inemibiko eminingi: kunezifanekiso ezizenzakalelayo, futhi ungazakhela eyakho. Ukuze ungadideki kukho konke ukuhlukahluka, kungcono ukuthi uqale uzinqumele ngala maphuzu alandelayo:
- Ubani ozobuka lo mbiko: umphathi noma uchwepheshe wezobuchwepheshe?
- yiluphi ulwazi ofuna ukuluthola emiphumeleni yokuskena? Isibonelo, uma ufuna ukuthola ukuthi ingabe zonke iziqephu ezidingekayo zifakiwe nokuthi umsebenzi wenziwa kanjani ukuze kuqedwe ubungozi obutholakele ngaphambilini, khona-ke lona umbiko owodwa. Uma nje udinga ukuthatha i-inventory yabo bonke ababungazi, bese omunye.
Uma umsebenzi wakho kuwukukhombisa isithombe esifushane kodwa esicacile kubaphathi, ungakha Umbiko Ophethe. Bonke ubungozi buzohlelwa ngamashalofu, amazinga okubucayi, amagrafu kanye nemidwebo. Isibonelo, ubungozi obuphezulu obuyi-10 obubaluleke kakhulu noma ubungozi obuvame kakhulu.
Kochwepheshe kukhona Umbiko Wezobuchwepheshe nayo yonke imininingwane nemininingwane. Imibiko elandelayo ingakhiqizwa:
Umbiko wabasokhaya. Into ewusizo lapho udinga ukuthatha uhlu lwengqalasizinda yakho futhi uthole isithombe esiphelele sobungozi bokusingatha.
Yile ndlela uhlu lwabasingathi abahlaziyiwe olubukeka ngayo, okubonisa i-OS esebenza kubo.
Ake sivule umsingathi wokuthakaselayo futhi sibone uhlu lobuthakathaka obungu-219 olutholiwe, kusukela kokubaluleke kakhulu, ileveli yesihlanu:
Bese ungabona imininingwane yokuba sengozini ngakunye. Lapha sibona:
- lapho ubungozi butholwa okokuqala nokokugcina,
- izinombolo zobungozi bezimboni,
- i-patch ukususa ubungozi,
- ingabe zikhona izinkinga ngokuhambisana ne-PCI DSS, NIST, njll.,
- ingabe kukhona ukuxhaphaza kanye nohlelo olungayilungele ikhompuyutha ngalobu bungozi,
- kuba sengozini okutholwe uma kuskenwa nge/ngaphandle kokuqinisekisa ohlelweni, njll.
Uma lokhu kungesona iskena sokuqala - yebo, udinga ukuskena njalo π - bese ngosizo Umbiko Wethrendi Ungakwazi ukulandelela i-dynamics yokusebenza ngobungozi. Isimo sobungozi sizokhonjiswa uma siqhathaniswa nokuskena kwangaphambilini: ubungozi obutholwe ngaphambilini futhi buvaliwe buzomakwa njengezigxilile, ezingavaliwe - ezisebenzayo, ezintsha - ezintsha.
Umbiko wokuba sengozini. Kulo mbiko, i-Qualys izokwakha uhlu lobungozi, iqale ngokubaluleke kakhulu, ekhombisa ukuthi yimuphi umsingathi ongabamba kuye lobu bungozi. Umbiko uzoba usizo uma unquma ukuqonda ngokushesha, isibonelo, bonke ubungozi bezinga lesihlanu.
Ungakwazi futhi ukwenza umbiko ohlukile kuphela mayelana nokuba sengozini kweleveli yesine nelesihlanu.
Umbiko wepheshi. Lapha ungabona uhlu oluphelele lwamapeshi adinga ukufakwa ukuze kuqedwe ubungozi obutholakele. Ngepeshi ngayinye kunencazelo yokuthi ilungisa luphi ubungozi, imuphi umsingathi/isistimu edinga ukufakwa kuyo, kanye nesixhumanisi sokulanda esiqondile.
Umbiko Wokuthobela we-PCI DSS. Izinga le-PCI DSS lidinga ukuskena amasistimu olwazi nezinhlelo zokusebenza ezifinyeleleka ku-inthanethi njalo ezinsukwini ezingama-90. Ngemva kokuskena, ungenza umbiko ozobonisa lokho ingqalasizinda engahlangabezani nezidingo zezinga.
Imibiko Yokulungisa Ubungozi. Ama-Qualy angahlanganiswa nedeski lesevisi, bese konke ubungozi obutholakele buzohunyushwa ngokuzenzakalela kube amathikithi. Usebenzisa lo mbiko, ungakwazi ukulandelela ukuqhubeka kumathikithi aqediwe kanye nokuba sengozini okuxazululiwe.
Vula imibiko yembobo. Lapha ungathola ulwazi ngamachweba avuliwe namasevisi asebenza kuwo:
noma ukhiqize umbiko ngobungozi kuchweba ngalinye:
Lezi izifanekiso nje ezijwayelekile zombiko. Ungazidalela eyakho imisebenzi ethile, isibonelo, ubonise kuphela ubuthakathaka obungekho ngaphansi kwezinga lesihlanu lokugxeka. Yonke imibiko iyatholakala. Ifomethi yombiko: CSV, XML, HTML, PDF and docx.
Futhi khumbula: Ukuphepha akuwona umphumela, kodwa inqubo. Ukuskena kwesikhathi esisodwa kusiza ukubona izinkinga okwamanje, kodwa lokhu akumayelana nenqubo egcwele yokulawula ukuba sengozini.
Ukwenza kube lula kuwe ukunquma ngalo msebenzi ojwayelekile, sidale isevisi esekelwe ku-Qualys Vulnerability Management.
Kukhona ukukhushulwa kwabo bonke abafundi be-Habr: Uma u-oda isevisi yokuskena unyaka, izinyanga ezimbili zokuskena zimahhala. Izinhlelo zokusebenza zingashiywa , endaweni ethi βAmazwanaβ bhala u-Habr.
Source: www.habr.com