Google yakaderedza kurwiswa kukuru kweDDoS munhoroondo kusvika zvino

Darkcrizt

4 maminitsi

DDOS kurwisa

DDoS kurwiswa kwekombuta kana network izvo zvinoita kuti sevhisi kana sosi isasvike kune vashandisi vari pamutemo.

Mazuva mashoma apfuura nyaya yakabuda kuti Google yakanyora kurwisa kukuru kweDDoS pane zvivakwa zvayo, ane simba raive 398 miriyoni RPS (zvikumbiro pasekondi). Kurwiswa kwacho kwakaitwa kushandisa njodzi yaimbozivikanwa (CVE-2023-44487) muHTTP/2 protocol, iyo inobvumira rwizi rwakakura rwezvikumbiro kutumirwa kune sevha ine mutoro mudiki pamutengi.

Izvo zvinotaurwa kuti nzira itsva yekurwisa inonzi "Rapid Reset" Zvinotora mukana wekuti nzira dzekuwanza nzira dzekutaurirana dzakapihwa muHTTP/2 dzinobvumira kuumba kuyerera kwezvikumbiro mukati mekubatana kwatogadzirwa, pasina kuvhura mitsva yekubatanidza network uye pasina kumirira kusimbiswa kwekugamuchira mapaketi.

Kunetseka Inoonekwa semhedzisiro yekutadza muHTTP/2 protocol , ane tsanangudzo inotaura kuti kana iwe ukaedza kuzarura kuyerera kwakawanda, kungoyerera kunodarika muganhu kunofanira kubviswa, asi kwete network yose.

Sezvo mutengi-divi kurwisa se inogona kuitwa nekungotumira zvikumbiro pasina kugamuchira mhinduro, Kurwisa kunogona kuitwa nepamusoro-soro. Semuenzaniso, 201 miriyoni zvikumbiro pasekondi kurwisa kwakanyorwa neCloudflare kwakaitwa pachishandiswa diki botnet yemakomputa zviuru makumi maviri.

Padivi reseva, mutengo wekugadzirisa zvikumbiro zvinouya wakakwira zvakanyanya, zvisinei nekukanzurwa kwayo, sezvo zvichidikanwa kuita mashandiro akadai sekugovera zvimiro zve data kune tambo nyowani, kupatsanura chikumbiro, decompressing musoro, uye kugovera iyo URL kune sosi. Pakurwisa ma proxies ekudzokera kumashure, kurwiswa kunogona kupararira kumaseva, sezvo mumiriri anogona kuwana nguva yekudzosera chikumbiro kuseva iyo RST_STREAM furemu isati yagadziriswa.

Kurwiswa kunogona kuitwa chete pamaseva ari munjodzi anotsigira HTTP/2 (script yekutarisa kuratidzwa kwekusagadzikana pamaseva, maturusi ekuita kurwisa). Kune HTTP/3, kurwiswa hakusati kwaonekwa uye mukana wekuitika kwavo hausati waongororwa zvizere, asi vamiriri veGoogle vanokurudzira kuti vanogadzira seva vawedzere matanho ekuchengetedza kuHTTP/3 kuita zvakafanana nezvakaitwa kudzivirira kurwiswa kweHTTP/2.

Zvakafanana nekurwisa nzira dzakamboshandiswa muHTTP/2, kurwiswa kutsva kunogadzirawo nhamba huru yetambo mukati mekubatana kumwe chete. Musiyano wakakosha wekurwiswa kutsva ndewekuti pachinzvimbo chekumirira mhinduro, chikumbiro chega chega chinotumirwa chinoteverwa nefuremu ine RST_STREAM mureza, iyo inobva yadzima chikumbiro.

Kukanzura chikumbiro panguva yekutanga kunobvumidza iwe kubvisa reverse traffic kune mutengi uye kudzivirira zvirambidzo pahuwandu hunokwanisika hwehova dzinovhurwa panguva imwe chete mukati meimwe HTTP/2 yekubatanidza pamaseva eHTTP. Nekudaro, mukurwiswa kutsva, huwandu hwezvikumbiro zvakatumirwa kuHTTP server hazvichatsamira pakunonoka pakati pekutumira chikumbiro uye kugamuchira mhinduro (RTT, rwendo rwekufamba nguva) uye zvinoenderana chete nebandwidth yeserver.

Izvo zvinotaurwa kuti Kurwiswa kuchangobva kuitika kwakatanga mukupera kwaNyamavhuvhu uye kunoenderera nhasi. Inonangana nevakuru vezvivakwa, kusanganisira Google Services, Google Cloud Infrastructure, uye vatengi vavo. 

Kunyangwe kurwiswa uku kwaive pakati pehukuru hwakaonekwa neGoogle, kuenzanisa kwayo kwepasi rose uye DDoS kuderedza zvivakwa zvakabvumira masevhisi ayo kuti arambe achimhanya. 

Kuchengetedza Google, vatengi vayo, uye neInternet yese, vakabatsira kutungamira hurongwa hwakarongeka nevadyidzani veindasitiri kuti vanzwisise mechanics ekurwiswa uye kubatana pamatanho ekuderedza anogona kuitwa mukupindura kurwiswa uku.

Pamusoro peGoogle, Amazon uye Cloudflare zvakare yakatarisana nekurwiswa nekusimba kwe155 uye 201 miriyoni RPS. Kurwiswa kutsva kunopfuura zvakanyanya kusimba kweiyo yapfuura rekodhi-kutyora DDoS kurwiswa, umo vanorwisa vakakwanisa kuburitsa kuyerera kwemamiriyoni makumi mana nemanomwe ekukumbira pasekondi. Kana tichienzanisa, traffic yese paWebhu yese inofungidzirwa kuva pakati pebhiriyoni imwe ne47 bhiriyoni zvikumbiro pasekondi.

Chekupedzisira, kana iwe uchida kukwanisa kuziva zvakawanda nezvazvo, unogona kubvunza iwo ruzivo mu inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako