Abacwaningi abavela ku-watchTowr Labs bashicilele imiphumela yokuhlolwa okubandakanya ukuthwetshulwa kwesevisi ye-WHOIS yakudala kusuka kusibhalisi sendawo yesizinda se-MOBI. Isizathu socwaningo sasiwukuthi umbhalisi uguqule ikheli lesevisi ye-WHOIS, elisusa kusizinda esithi whois.dotmobiregistry.net ukuya kumsingathi omusha whois.nic.mobi. Ngesikhathi esifanayo, isizinda se-dotmobiregistry.net sayeka ukusetshenziswa futhi ngoDisemba 2023 sakhululwa futhi satholakala ukuze sibhaliswe.
Abacwaningi basebenzise i-$ 20 futhi bathenga lesi sizinda, ngemva kwalokho baqalise isevisi yabo eqanjiwe ye-WHOIS whois.dotmobiregistry.net kuseva yabo. Okwakumangaza ukuthi amasistimu amaningi awazange ashintshele kumsingathi omusha u-whois.nic.mobi futhi aqhubeka nokusebenzisa igama elidala. Kusukela ngo-Agasti 30 kuya kuSeptemba 4 kulo nyaka, izicelo eziyizigidi ezingu-2.5 zegama elidala zabhalwa, zithunyelwe kusuka kumasistimu ayingqayizivele angaphezu kwezinkulungwane ze-135.
Phakathi kwabathumeli bezicelo kwakukhona neposi amaseva izinhlangano zikahulumeni nezempi ezihlole ama-domain avela kuma-imeyili nge-WHOIS, izinkampani zokuphepha kanye namapulatifomu okuphepha (i-VirusTotal, i-Group-IB), kanye neziphathimandla zesitifiketi, izinsizakalo zokuqinisekisa i-domain, izinsizakalo ze-SEO, kanye nababhalisi be-domain (isb., i-domain.com, i-godaddy.com, i-who.is, i-whois.ru, i-smallseo.tools, i-seocheki.net, i-centralops.net, i-name.com, i-urlscan.io, kanye ne-webchart.org).
Amandla okuthumela noma iyiphi idatha ekuphenduleni isicelo sesevisi endala ye-WHOIS yendawo yesizinda se-.MOBI asetshenziselwa ukuthuthukisa izinhlobo ezimbalwa zokuhlaselwa kwabacelayo. Ukuhlasela kokuqala kwakusekelwe embonweni wokuthi uma othile eqhubeka nokuthumela izicelo kusevisi ethathelwe indawo isikhathi eside, cishe wenza kanjalo esebenzisa amathuluzi aphelelwe yisikhathi aqukethe ubungozi.
Isibonelo, ngo-2015, ukuba sengozini kwe-CVE-2015-5243 kukhonjwe ku-phpWHOIS, okuvumela ukwenziwa kwekhodi yomhlaseli lapho kudluliswa idatha efomethwe ngokukhethekile ebuyiswe yiseva ye-WHOIS. Esinye isibonelo ukuba sengozini kwe-CVE-2021-2021 okuhlonzwe ngo-32749 kuphakheji ye-Fail2Ban, evumela ikhodi yangaphandle ukuthi isetshenziswe lapho idatha engalungile ibuyiswa yisevisi ye-WHOIS esetshenziswe inqubo yokukhiqiza isexwayiso sokuvinjwa (I-Fail2Ban inqume i-imeyili yomphathi womphathi. nge-WHOIS futhi uyicacisile lapho usebenzisa i-imeyili yomyalo ngaphandle kokubaleka okufanele kwezinhlamvu ezikhethekile).
Ukuhlasela kwesibili kusekelwe eqinisweni lokuthi ezinye iziphathimandla zokuqinisekisa zinikeza ikhono lokuqinisekisa ubunikazi besizinda nge-imeyili ecaciswe kusizindalwazi sombhalisi wesizinda, esifinyeleleka ngephrothokholi ye-WHOIS. Kuvele ukuthi iziphathimandla ezimbalwa zokunikeza izitifiketi ezisekela le ndlela yokuqinisekisa ziyaqhubeka nokusebenzisa iseva ye-WHOIS endala yendawo yesizinda ".MOBI".
Ngakho-ke, njengoba sebethole ukulawula igama elithi whois.dotmobirigistry.net, abahlaseli bangathola idatha yabo, benze ukuqinisekiswa, futhi bathole Isitifiketi se-TLS kunoma yisiphi isizinda esiku-.MOBI zone." Isibonelo, ngesikhathi sokuhlola, abacwaningi bacele isitifiketi se-TLS sesizinda se-microsoft.mobi kumbhalisi we-GlobalSign, futhi i-imeyili ethi "whois@watchTowr.com" ebuyiswe yisevisi ye-WHOIS eqanjiwe yaboniswa ku-interface njengoba itholakala ukuze kuthunyelwe ikhodi yokuqinisekisa ubunikazi besizinda.
Source: opennet.ru
