Izisombululo zomthombo ovulekileyo wokuthintela uhlaselo lwe-DDoS

Diego Germán González

Imizuzu ye4

Izisombululo zomthombo ovulekileyo

Ngezizathu ezingahambelani nale bhlog, eArgentina izolo bekukho intetho eninzi malunga nokuhlaselwa kwenkonzo (DDoS) Sisizathu njengayo nayiphi na into yokuthetha ngezi ntlobo zohlaselo ezinokuchaphazela nabani na onewebhusayithi kunye nezisombululo zomthombo ovulekileyo wokubanciphisa.

Uhlaselo lweDDoS

Ukwahlulwa okusasazwayo kohlaselo lwenkonzo yenye yezona zinto zilula ukuzenza njengoko kungafuneki kulwazi oluninzi lobugcisa, kodwa kwangaxeshanye yenye yezona zinobungozi njengoko inokuthatha iinkonzo zedijithali kunye neewebhusayithi ngaphandle kweintanethi iiyure okanye iintsuku.

Ngexesha lolu hlobo lokuhlaselwa, ixhoba linengxaki yokugcwala kwenethiwekhi kunye neeseva ngenani elikhulu lezicelo zokufikelela ezingaphezulu koko kulungiselelwe ukujongana nolwakhiwo. Oku kukhokelela kubasebenzisi abasemthethweni abanofikelelo olucothayo okanye abangakwaziyo ukungena ngqo.

Ukulawula uhlaselo, umenzi wobubi kufuneka abe nokufikelela kwinethiwekhi yezixhobo (zihlala ngaphandle kolwazi lwabanini) Ezi zixhobo zingaba zombini iikhompyuter kunye neselfowuni okanye i-Intanethi yezixhobo zezinto. Igama elihanjiswe egameni lohlaselo livela kwinto yokuba iinxalenye zenethiwekhi azihlali kwindawo enye.

Ulawulo lwesixhobo lufezekiswa ngokungalungisi, iinkqubo zobunjineli kwezentlalo, okanye ukusetyenziswa kwamagama agqithisiweyo efektri Abasebenzisi abakhange bazikhathaze ngokutshintsha.

Ubungakanani be botnet bunokwahluka ukusuka kwinani elincinci lezixhobo ukuya kwizigidi zazo. Nokuba ungakanani na ubungakanani, inkqubo iyafana kunjalo. Izaphuli-mthetho eziphethe i-botnet zinokuhambisa ngqo ukugcwala kwewebhu ekujolise kuyo kwaye benze uhlaselo lwe-DDoS.

Nangona kunjalo, ungakholelwa ukuba nakuphi na ukuphazamiseka okanye ukungasebenzi kakuhle kwenkonzo yewebhu sisiphoso sohlaselo. Ngamanye amaxesha inani labasebenzisi abasemthethweni abafuna ukufikelela ngaxeshanye lingaphezulu kwesiseko esinokuxhasa. Kuyenzeka umzekelo ngokuthengisa amatikiti kwimidlalo ebalulekileyo okanye ixesha elinikiweyo.

Kwimeko yokugqibela, ukuphazamiseka kuhlala kuphela ixesha elithile.

Izisombululo zomthombo ovulekileyo wokuthintela uhlaselo lwe-DDoS

Ngaphandle kwalonto njengabasebenzisi be-Intanethi, ngamnye unoxanduva lokusetyenziswa kwezixhobo zethu, Zininzi izisombululo zenqanaba leseva ezinokusetyenziselwa ukuthintela kunye nokunciphisa ezi ntlobo zokuhlaselwa. Kwaye, uninzi lwazo ngumthombo ovulekileyo.

Ukutsalwa kweDdoS

Yiyo Iskripthi esinamandla esekwe kumyalelo we-netstat pIkuvumela ukuba uvimbe uhlaselo ngokuchonga nokuphanda iidilesi ze-IP eziqhagamshela kwiseva.

Izixhobo

Ukuthintela ngokuzenzekelayo iidilesi ze-IP
Uluhlu lwezithuthi ezimnyama kunye ezimhlophe kunye nemithombo yazo
Isaziso esilula kunye nolawulo lwabaphathi benethiwekhi
-Ukufumanisa ngokuzenzekelayo kwemithetho enxulunyaniswa nee-Iptable kunye nomlilo ohamba phambili
-Ukulungiswa koqwalaselo
-Izaziso ze-imeyile ezizenzekelayo
-Ukulahlwa konxibelelwano olungafunekiyo kusetyenziswa i-tcpkill
-Inkqubo iyafumaneka koovimba bolwabiwo lweseva.

Isilele2ban

Okunye sixhobo leyo iza kwiindawo zokugcina zeseva.

Ku luncedo kakhulu ukuchonga nokuthintela imithombo yendlela ye-DDoS enobungozi. Inkqubo ijonga iifayile zelog kwaye ichonge unxibelelwano olukrokrisayo kunye neepateni ukuze kwenziwe uluhlu lwamagama amnyama. Ukuyisebenzisa kunciphisa imizamo engekho mthethweni nengachanekanga yokubulela ngokusetyenziswa kweemodyuli ezinamandla ezinezakhono ezahlukeneyo.

Izixhobo

-Ubonelela ngeendlela ezimbini zokuhlalutya; iifayile ezinzulu kunye nelog
-Ukurekhoda indawo yexesha enxulumene nomthombo we-IP wendlela
-Iyadityaniswa kuyilo lomthengi-weseva
-Ivumela ukuqhubekeka kweenkonzo ezahlukeneyo, kubandakanya i-sshd, vsftpd kunye ne-Apache
Uqwalaselo olulula kumlawuli
-It iyahambelana yonke Firewall
Ugunyaziso -ukufikelela kunye nokuvalwa kunokwenziwa ngokusekwe kwiidilesi ze-IP
Kuyenzeka ukuba kuthintelwe ukuhlaselwa ngamandla
-Ivumela ukuvimba iidilesi ze-IP ngokusekwe kumathuba exesha
-Ixhasa iimeko ezisekwe kwi-SSH

I-HaProXY

HaProxy isebenza ngendlela eyahlukileyo. Ayisekelwanga kuphela ekufumanekeni kwedilesi ye-IP kodwa nasekulinganiseni umthwalo womsebenzi weseva.

Izixhobo

-Wena ungabhloka itrafikhi esekwe kusetyenziso lwebhendi.
-Yenza ngokuzenzekelayo iitafile zoluhlu olumnyama nomhlophe lwee-IPs ezakha ngokusekwe kwimigaqo esekwe kuqwalaselo lwayo.
-Ingachonga uthungelwano lwezixhobo, iyenze ukuba isebenze ngokuchasene nokuhlaselwa kwe-DDoS.
-Ikuvumela ukuba uthintele iintlobo ezahlukeneyo zokuhlaselwa kunye nokunciphisa unxibelelwano.

Ewe, ngale nto asiwugqibi umxholo. Eyona nto intle kukuba ukuba unayo iwebhusayithi, jonga kumnikezeli wakho wokubamba malunga nezona zilumkiso zilungileyo.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Inoxanduva lwedatha: I-AB Internet Networks 2008 SL
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.

  1.   Emilio sitsho
    yenzayo 4 iminyaka

    Mholo! Kwaye uthini ngesisombululo se-CDN esifana neso sinikezelwa yiCloudflare?

    Phendula uEmilio
    1.    UDiego waseJamani uGonzalez sitsho
      yenzayo 4 iminyaka

      Kwakungeyonxalenye yesindululo senqaku, kodwa, ngokokwazi kwam, kusebenza ngokugqibeleleyo.

      Phendula u-Diego Germán González
  2.   UGabriel Peralta sitsho
    yenzayo 3 iminyaka

    Ngaba zonke ezi-3 zinokusetyenziswa ngaxeshanye? Kwiiseva zam ndihlala ndisebenzisa fail2ban

    Phendula uGabriel Peralta
    1.    UDiego waseJamani uGonzalez sitsho
      yenzayo 3 iminyaka

      Ngeliphandle, andinalwazi.

      Phendula u-Diego Germán González