Izixazululo zomthombo ovulekile ukuvimbela ukuhlaselwa kwe-DDoS

Diego Germán González

Imizuzu ye-4

Izixazululo zomthombo ovulekile

Ngenxa yezizathu ezingahambelani nale bhulogi, e-Argentina izolo kube nenkulumo eningi mayelana nokuhlaselwa kokwenqatshwa kwenkonzo (DDoS) Kuyizaba njenganoma ikuphi ukukhuluma ngalezi zinhlobo zokuhlaselwa ezingathinta noma ngubani onewebhusayithi kanye nezixazululo zemithombo evulekile yokuzinciphisa.

Ukuhlaselwa kwe-DDoS

Ukwenqatshwa okwabiwe kokuhlaselwa kwensizakalo kungenye yezinto ezilula ukwenziwa njengoba kungadingi ulwazi oluningi lobuchwepheshe, kepha ngasikhathi sinye ingenye yezinto eziyingozi kakhulu njengoba kungathatha izinsizakalo zedijithali namawebhusayithi ungaxhunywanga amahora noma izinsuku.

Ngesikhathi salolu hlobo lokuhlaselwa, isisulu sinenkinga yokugcwala kwenethiwekhi namaseva enenqwaba yezicelo zokufinyelela ezikhudlwana kunaleyo ingqalasizinda elungiselelwe ukuyiphatha. Lokhu kuholela kubasebenzisi abasemthethweni abanokufinyelela okuhamba kancane noma abangakwazi ukungena ngqo.

Ukulawula ukuhlaselwa, umenzi wobubi udinga ukufinyelela kunethiwekhi yamadivayisi (imvamisa ngaphandle kolwazi lwabanikazi) Lawa madivayisi angaba ngamakhompyutha womabili kanye neselula noma i-Intanethi yezinto zezinto. Igama elisatshalaliswa egameni lokuhlaselwa livela eqinisweni lokuthi izingxenye zenethiwekhi azivamisile ukuba sezindaweni ezifanayo.

Ukulawulwa kwedivayisi kutholakala nge-malware, imikhuba yobunjiniyela bezenhlalo, noma ukusetshenziswa kwamaphasiwedi wefektri ukuthi abasebenzisi abazikhathazanga ngokushintsha.

Usayizi wale botnet ungahluka kusuka kunani elincane lamadivayisi kuya ezigidini zazo. Noma ngabe ungakanani, inqubo iyafana noma kunjalo. Izigebengu eziphethe i-botnet zingaqondisa ithrafikhi yewebhu ekhiqizwe kulitshe futhi ihlasele i-DDoS.

Kodwa-ke, ungakholelwa ukuthi noma yikuphi ukuphazamiseka noma ukungasebenzi kahle kwensizakalo yewebhu kuyiphutha lokuhlaselwa. Kwesinye isikhathi inani labasebenzisi abasemthethweni abafuna ukufinyelela ngasikhathi sinye lingaphezulu kwengqalasizinda engalisekela. Kwenzeka isibonelo ngokuthengiswa kwamathikithi wemidlalo ebalulekile noma ukunikezwa kwesikhathi esilinganiselwe.

Kulokhu kokugcina, ukuphazamiseka kuvame ukuhlala isikhathi esithile kuphela.

Izixazululo zomthombo ovulekile ukuvimbela ukuhlaselwa kwe-DDoS

Ngaphandle kwalokho njengabasebenzisi be-Intanethi, ngamunye unesibopho sokusetshenziswa okwenziwe ngamadivayisi ethu, Kunezixazululo eziningi ezisezingeni leseva ezingasetshenziswa ukuvimbela nokunciphisa lezi zinhlobo zokuhlaselwa. Futhi, eziningana zazo zingumthombo ovulekile.

Ukususwa kwe-DdoS

Kuyinto a iskripthi esinamandla lokho kususelwa kumyalo we-netstat pIvumela ukuvimba ukuhlaselwa ngokuhlonza nokuphenya amakheli e-IP axhuma kuseva.

Izici

Ukuvinjwa okuzenzakalelayo kwamakheli e-IP
-Izinhlu ezimnyama nezimhlophe zethrafikhi nemithombo yazo
-Isaziso esilula nokuphathwa kwabaphathi benethiwekhi
Ukutholwa okuzenzakalelayo kwemithetho ehlotshaniswa nama-Iptable nezinqubomgomo zomlilo eziphambili
-Ukulungiswa kokumiswa
-Automatic imeyili izaziso
-Ukunqatshelwa kokuxhumeka okungafuneki kusetshenziswa i-tcpkill
-I Uhlelo lutholakala ezinqolobaneni zakho konke ukusatshalaliswa kweseva.

Ihlulekile2ban

Okunye ithuluzi eza ezinqolobaneni zokusatshalaliswa kweseva.

Kuyasiza kakhulu ukukhomba nokuvimbela imithombo yethrafikhi enonya ye-DDoS. Uhlelo luhlola amafayela we-log bese lukhomba ukuxhumana namaphethini okusolisayo ukuze kwenziwe uhlu lwamagama amnyama. Ukuyisebenzisa kunciphisa imizamo yokuqinisekisa engekho emthethweni futhi engalungile ngenxa yokusetshenziswa kwamamojula anamandla anamakhono ahlukile.

Izici

-Kunikeza izinhlobo ezimbili zokuhlaziya; amafayela ajulile nelogi
-Irekhoda indawo yesikhathi ehlotshaniswa nomthamo we-IP womthombo
-Ihlangana ekwakhiweni kwamakhasimende-kuseva
-Ivumela ukucubungula izinsizakalo ezahlukahlukene, kufaka phakathi i-sshd, vsftpd ne-Apache
Ukucushwa okulula komlawuli
-Iyahambisana nayo yonke i-Firewall
Ukugunyazwa nokuvinjelwa kungatholakala ngokususelwa kumakheli e-IP
-Kungenzeka ukuvimba ukuhlaselwa ngamandla
-Ivumela ukuvimba kwamakheli we-IP ngokuya ngezikhawu zesikhathi
-It isekela izindawo ezinze ne-SSH

Siphamandla

I-HaProxy kusebenza ngendlela ehlukile. Akususelwe kuphela ekutholeni ikheli le-IP kepha futhi nasekulinganiseni umthwalo womsebenzi weseva.

Izici

-Ungavimba ithrafikhi ngokuya ngokusetshenziswa komkhawulokudonsa.
-Izakha ngokuzenzakalela amatafula ezinhlu ezimnyama nezimhlophe zama-IP eyakhayo ngokuya ngemithetho esungulwe ekucushweni kwayo.
-Ingakhomba amanethiwekhi wedivayisi, ikwenze kuphumelele ekuhlaselweni kwe-DDoS.
-Ikuvumela ukuthi uvikele izinhlobo ezahlukene zokuhlaselwa futhi ukhawule ukuxhumana.

Vele, ngalokhu asiqedi isifundo. Into enhle ukuthi uma unewebhusayithi, hlola umhlinzeki wakho wokusingathwa ngezinyathelo zokuphepha ezingcono kakhulu.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   Emilio kusho
    kwenza iminyaka 4

    Sawubona! Futhi kuthiwani ngesisombululo se-CDN njengaleso esinikezwa yiCloudflare?

    Phendula u-Emilio
    1.    UDiego German Gonzalez kusho
      kwenza iminyaka 4

      Kwakungeyona ingxenye yesiphakamiso se-athikili, kepha, ngokwazi kwami, kusebenza ngokuphelele.

      Phendula u-Diego Germán González
  2.   UGabriel Peralta kusho
    kwenza iminyaka 3

    Ngabe konke okungu-3 kungasetshenziswa ngasikhathi sinye? Kumaseva wami ngihlala ngisebenzisa i-fail2ban

    Phendula uGabriel Peralta
    1.    UDiego German Gonzalez kusho
      kwenza iminyaka 3

      Eqinisweni, angazi nakancane.

      Phendula u-Diego Germán González