Gano mafi kyaun kare DDOS don shafukan intanet da kananan yanar gizo

Mataki na ashirin da ya rubuta ta:
  • Kayan Yanar Gizo
  • An sabunta: Nov 02, 2018

Ranar da mutane ke magana game da fadada fadada yanar gizo sun dade kuma a yau muna fuskantar sababbin abubuwa da dama don la'akari. Intanit na abubuwa kadai zai ƙara yiwuwar biliyoyin sababbin na'urori zuwa cibiyar sadarwa mafi girma a duniya.

Tare da irin wannan fadakarwa mai yawa ya zo daidai da damar yin amfani da cybercriminals, mutane da kungiyoyi waɗanda suke amfani da na'urori a kan intanit don amfanin kansu. Wadannan zasu iya ɗauka nau'in cutar, Trojans, Ransomware da sauransu.

Har ila yau, akwai wasu albarkatu mafi girma a ƙananan waɗannan cybercriminals, ɗaya daga cikinsu shi ne Dandalin Kasuwanci na Ƙari (DDoS). A gaskiya ma, matsala ita ce mafi girma a yau, tare da masu sayar da cybercriminals wadanda ke sayar da ayyukan DDoS don farashin low kamar US $ 150.

A yau, ba kawai ƙwarewar ƙungiyar cybercriminals-hi-tech za ta zama Ransom DDoS-attackers. Duk wani mai sihiri wanda ba shi da kwarewar fasaha ko fasaha don shirya wani hari na DDoS mai cikakken kaya zai iya sayen harin kai tsaye don manufar cinyewa, "in ji Kirill Ilganaev, shugaban Kaspersky DDoS Kariya a Kaspersky Lab (source).

DDoS shine maƙarƙashiya mai karfi, yana nufin cewa kai hari ne a kan na'urar daga wasu na'urori masu yawa a lokaci guda.

Yana aiki ta ƙoƙarin samar da haɗin kai da yawa ga manufa kuma ambaliya ta tare da bayanan da yake shafewa da hadari, saboda haka kalmar 'hana sabis'. Ta hanyar kai hare-haren da kuma kashe na'urar, sakon yanar gizo ya musanta sabis na wannan na'urar ga wasu mutane da suke so su yi amfani da shi.

Yawancin ƙwarewar da aka danganci DDoS Attacks (Source: Carbon60 Networks)

A matsayin misali, a Oktoba 2016, wani DDoS mai ƙyama wanda ke niyya ga Dyn, kamfani da ke sarrafawa da yawa daga cikin tsarin intanet na yanar gizo (DNS), ya haifar da kwarewar intanet a duk fadin Amurka da Turai. Babban yanar gizo ciki har da Twitter, Guardian, Netflix da CNN sun kasance ba su da wani lokaci.

Duk da cewa wannan yana da muhimmanci, ya kamata a lura cewa cybercriminals kuma sun shafi yanar gizo na mutane. A cikin kwanakin farko, wannan zai zama babbar damuwa, amma da godiya akwai yanzu zaɓuɓɓukan da zasu taimaki mutane su kare wuraren.

Nau'in DDoS Attacks

Source: DigitalAttackMap

Akwai hudu na DDoS dabarun da cybercriminals amfani da su yi kokarin kai saukar da yanar gizo. Dukkanin su sune hare-haren kai hare-haren - suna mamaye manyan lambobi.

  1. TCP Attacking Attacks gwada ƙoƙarin zama duk haɗin da ake samu a wurinka. Wannan ya haɗa da dukkan na'urorin da ke aiki da shafinka kamar wayoyi, masu kashe wuta da sabobin aikace-aikace. Na'urorin jiki suna da iyakanceccen haɗi.
  2. Rikicin Moto Cutar da shafin yanar gizonku tare da bayanai. Wannan yana aiki ta ko dai ya mamaye uwar garkenka, ko ma ta shan duk dukkanin samfurin bandwidth zuwa cikin uwar garkenku. Ka yi la'akari da shi kamar ambaliyar ruwa ko fataucin zirga-zirga, inda babu abin da zai iya motsawa.
  3. Harkokin Kashewa aika bits da guda guda na buƙatun bayanai masu yawa zuwa ga uwar garke. Wannan hanyar, za a ci gaba da sabunta uwar garke don kokarin sake tattara su kuma baza su iya yin wani abu ba.
  4. Ƙungiyar aikace-aikacen musamman ɗauka kan wani bangare ko sabis da kake da shi. Wadannan sun fi haɗari, saboda tare da iyakance iyakance, ba za ku gane cewa an kai ku hari har sai wani abu ya karya.

DDoS Kariya

Idan kun kasance dan kasuwa mai kula da kasuwanci kuma ku damu da yadda shafin yanar gizonku ya kai hari, kuna daidai ne haka. Duk wani nau'i na hari yana da haɗari, ba don fadin DDoS ba, kuma yana da yiwuwar haifar da ku ba kawai kudi ba amma lalacewar lalacewa.

Akwai hanyoyi masu yawa da za a iya ba ku don kare kanku, don haka bari mu dubi wasu abubuwan basira:

  1. Yi amfani da Kariya Tsarin - Wani wakili ne mai buƙatar da ke kare shafin yanar gizonku daga Intanit, kamar kamar shinge. Wannan yana bayar da ƙarin kariya na kariya wanda zai iya ba ku gargaɗin gaba game da hari mai shiga. Har ila yau yana boye ainihin adireshin IP ɗinka, ko da yake duk wannan ba shi da ganuwa ga masu baƙi.
  2. Kariya akan Spoofed IP Addresses - Cybercriminals suna jin daɗin ɓoye ainihin adiresoshin IP ta hanyar ɓoye wasu don amfanin kansu. Za'a iya kula da yawancin adireshin da suka fi dacewa ta hanyar ajiye jerin abubuwan sarrafawa (ACL) don hana samun dama daga wasu adiresoshin IP.
  3. Shin Yanayin Bandwidth - Ko da yake bandwidth yana da tsada, yawancin runduna a yau suna ba da shirin da zai iya taimaka maka. DDoS yayi aiki ta ƙoƙarin rinjayar samfuranka na zamani, don haka ta wurin ajiye wani yanki mai mahimmanci na wuri mai buƙata, zaku iya samun nasarar gargadi na gaba.

A mafi yawancin lokuta, yawancin waɗannan zaɓuɓɓukan suna samar da su ta hanyar mahaɗar yanar gizonku. Shafin yanar gizo a yau suna ba da kariya mai yawa, kawai batun zabar mai kyaun dama don kanka.

Dubi WSHR m jerin yanar gizo wanda muke dubawa da kulawa akai-akai.

Zaɓin wani zaɓi na Ƙari don Kariya da DDoS

Source: Incapsula

Baya ga mahadar yanar gizonku, akwai kamfanoni masu zaman kansu masu sana'a waɗanda ke bada sadaukar da sabis don taimakawa kare kariya daga cyberattacks. Kafin ka sami tagulla, ka tuna cewa wannan ba shine zamanin babban kamfanonin kasa da kasa ba kuma farashin ya kasance mai araha har ma da kananan kamfanoni.

Akamai

Akamai yana daya daga cikin manyan sunayen a cikin yanar gizo a yau. Yana taimakawa wajen gudanar da bayanan na 95 a kowace shekara a fadin biliyoyin na'urori. Daga cikin kyauta da yawa, Akamai yana da wani abu don kusan dukkanin matakan tsaro, daga mai karfi mai kare hakkin yanar-gizon Kona don ƙarin sabis na Kayan Shafin Yanar gizo.

Incapsula

Incapsula Har ila yau, yana bayar da cikakken tsare-tsaren tsare-tsaren da za a iya tsara su bisa ga bukatun ku. A matsayin babban mahimman sha'awa, za ka iya so ka dubi muhimman ayyukan kare DDoS, wanda ke nufin kare shafin yanar gizonku, kayan haɗi da har ma sunan uwar garken.

Arbor Networks

Arbor Networks yana da tsari na rigakafi na DDoS wanda ya keɓaɓɓen shi wanda ya kira Ƙarƙashin Binciken Ƙaƙarin Ƙwararren Matsalar (ATLAS). Wannan tsari ne na gargadi na DDoS a duniya cewa Arbor yana kula da aiki tare da tsarin tsarin gudanarwa da dama.

Verisign

Ko da yake mafi sanannu da shi a matsayin mai bayarwa na takardun shaida na tsaro, Verisign A yau an fadada kayan sadaka don hada wasu ayyukan yanar gizon. Duk da haka, ba har yanzu ba tukuna kuma sabis ɗin tsaro na Verisign DDoS yana aiki mafi yawa a matsayin tsarin gargadi na farko, maimakon tsarin karewa.

Cloudflare

Cloudflare babban sunan ne kuma ya sanya sunansa mai suna CDN. Abin farin ciki shine, CDN yana ɗaya daga cikin hanyoyin da za a taimaka wajen magance hare-haren DDoS kuma yana amfani da tsarin samar da iska. Yau, Cloudflare ya fadada ayyukansa kuma yana rufe duk abin da ke CDN zuwa DNS. Ayyuka masu kariya suna daidaitawa, saboda haka zaka biya kawai abin da ka zaɓa don amfani.

Ka Kasancewa cikin Tarihin Nasara

Matsala #1: KrebsOnSecurity.com Attack

The KrebsOnSecurity.com Attack - Ko da yake haɗarin cyberattacks ne na yau da kullum, akwai maganganu masu nasara fiye da yadda akwai lalacewa. Daga kamfanoni zuwa ga mutane, za a iya ɓarna da tsarin cyberattacks kuma a nan akwai wasu da zasu taimaka sake mayar da bangaskiyarku ga tsaro.

A ƙarshen 2016, shafukan sirri na mai jarida mai bincike Brian Krebs, KrebsOnSecurity.com, An kai hari kan wani harin DDoS mai tsanani.

Wannan harin ya kasance sananne ne saboda dalilai biyu masu muhimmanci:

  1. Hakan ya kai farmaki ne a kan shafin yanar gizon mutum (albeit sanarwa), kuma
  2. A cewar Akamai, kusan kusan ninki biyu ne duk wani hari da suka fuskanta a baya. Bayan wannan harin, aka gano cewa yana cikin manyan hare-haren da Intanet ta taba gani.

Daga harin ya zo wasu kyawawan bincike. Na farko, shi ne duk da cewa girmansa, ya kasance mai kaifin kai hari wanda ba ya dogara da karawa ko wani kayan aikin da ake amfani dasu ga cybercriminals. Girman kuma ya nuna cewa akwai wasu manyan abubuwan da aka samu don kaddamar da DDoS fiye da masana masu tsaro da suka saba da.

Duk da haka, ta hanyar zabar abokin hulɗar tsaro mai kyau, ko da ƙananan kasuwanni zasu iya kare kariya daga shafukan su, kamar yadda Brian Krebs ya yi.

Case #2: Babban Kari ga Kasuwancin Rasha

Babban Kari ga Rukuni na Rashas - Har ila yau a cikin marigayi 2016, manyan manyan bankuna guda biyar na Rasha, Sberbank na jihar mallakar su, sun kasance maƙasudin kai hari kan DDoS. A cikin kwanakin da suka wuce, bankuna sun cika ambaliya daga buƙatun daga na'urorin da aka haɗe da Mirai botnet.

A cewar Kaspersky Lab, an dauki harin mafi tsawo a lokacin 12 kuma ta ninka a 660,000 buƙatun da na biyu. Wannan ya fito ne daga na'urorin haɗin 24,000 wadanda aka rarraba a ƙasashen 30. Abin godiya, bankuna sun kasance lafiya da kuma ci gaba da ayyukan.

Rage Up ...

Kamar yadda yake da kowane bangare na fasahar, ana kirkiro hanyoyin sababbin hanyoyin cyberattacks duk lokacin da har ma mazan tsofaffin hanyoyin ana sabuntawa da kuma inganta su akai-akai. A gaskiya ma, a cewar rahoton Akamai, DDoS hare-haren sun karu sosai a ƙarfin, sau biyu a girman kai hari a lokacin 2016.

Kasuwancin Kasuwanci na DDoS Attack - Bayaniyar Bayani ta Incapsula. Danna hoto don kara girma.

A gaskiya, da Cisco 2017 Midyear Cybersecurity Report ya gano rikice-rikice na barazanar kuma yana zaton yiwuwar "lalata sabis" (DeOS). Wadannan zasu iya kawar da 'yan kungiya na karewa da tsaro, da ake buƙatar mayar da tsarin da bayanai bayan harin.

Kamfanoni irin su Akamai da Cloudflare sun kare kansu daga barazanar tsaro har tsawon shekaru biyu da suka kare abokan ciniki da kuma kiyaye kayan aiki, har ma yayin da suke tare da haɗakarwa mafi girma na DDoS a wannan lokaci.

Daga ra'ayi na sirri, na zama mai girma ga kamfanonin da ke kan hankalinsu na kayan aiki da kuma barin sauran wurare, kamar tsaro, a hannun waɗanda 'kasuwancin su ke. Kamfanoni da yawa sun watsi tsaro daga masana ga shekaru kafin shan wahalar hasara - Kada ku kasance kamfanin.

Game da Timothawus Shim

Timothy Shim shine marubuta, editan, da kuma kayan gwanon kwamfuta. Tun da farko ya fara aikinsa a fannin fasaha na Fasahar Watsa Labarun, ya sami hanzari a cikin rubutun kuma ya yi aiki tare da ƙasashen duniya, na yanki da na gida da suka hada da ComputerWorld, PC.com, Business Today, da kuma Bankin Asiya. Gwaninta yana samuwa a fannin fasaha daga mabukaci da kuma ra'ayoyin kasuwancin.