GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions
Khoom Specifications
- Hom Lub Npe: Grandstream Networks, Inc.
- Khoom Series: GCC6000 Series
- Nta: IDS (Intrusion Detection System) thiab IPS (Intrusion Prevention System)
Cov lus qhia siv khoom
Taw qhia rau IDS thiab IPS
GCC convergence device yog nruab nrog IDS thiab IPS rau kev ruaj ntseg. IDS passively saib xyuas kev khiav tsheb thiab ceeb toom cov thawj coj ntawm kev hem thawj, thaum IPS cuam tshuam cov dej num tsis zoo tam sim ntawd.
Tiv thaiv SQL Injection Attacks
SQL txhaj tshuaj tiv thaiv lub hom phiaj txhawm rau ntxig cov lej tsis zoo rau hauv SQL nqe lus kom khaws cov ntaub ntawv tsis raug cai lossis ua phem rau cov ntaub ntawv. Ua raws li cov kauj ruam no los tiv thaiv kev tawm tsam:
- Nkag mus rau Firewall Module> Kev Tiv Thaiv Kev Tawm Tsam> Kos Npe Lub Tsev Qiv Ntawv.
- Nyem rau ntawm qhov hloov tshiab icon kom paub meej tias Kos Npe Lub Tsev Qiv Ntawv Cov Ntaub Ntawv yog hloov tshiab.
- Teem lub hom kom ceeb toom & Thaiv hauv Firewall Module> Kev Tiv Thaiv Kev Tiv Thaiv> IDS / IPS.
- Xaiv Qib Kev Tiv Thaiv Kev Ruaj Ntseg (Low, Nruab Nrab, Siab, Siab Heev, lossis Kev Cai) raws li koj xav tau.
- Configure the Security Protection Level raws li koj nyiam.
IDS/IPS Security Logs
Tom qab teeb tsa cov chaw, txhua qhov kev sim SQL txhaj tshuaj yuav raug saib xyuas thiab thaiv los ntawm GCC ntaus ntawv. Cov ntaub ntawv sib raug yuav raug muab tso tawm hauv cov ntawv teev kev ruaj ntseg.
Cov lus nug nquag nug (FAQ)
Q: Ntau npaum li cas yog qhov kev hem thawj database hloov tshiab?
A: Cov ntaub ntawv kev hem thawj tsis tu ncua thiab hloov kho tshiab los ntawm GCC nyob ntawm qhov kev npaj yuav khoom. Kev hloov kho tshiab tuaj yeem teem caij txhua lub lim tiam lossis nyob rau hnub tshwj xeeb / sijhawm.
Q: Hom kev tawm tsam dab tsi raug saib xyuas hauv txhua qib Kev Tiv Thaiv Kev Nyab Xeeb?
A: Ntau qib kev tiv thaiv (qis, nruab nrab, siab, siab heev, kev cai) saib xyuas thiab thaiv ntau yam kev tawm tsam xws li Txhaj Tshuaj, Brute Force, Txoj Kev Traversal, DoS, Trojan, Webplhaub, Vulnerability Exploit, File Upload, Hacking Tools, thiab Phishing.
Taw qhia
GCC convergence device los nruab nrog ob lub ntsiab tseem ceeb ntawm kev ruaj ntseg uas yog IDS (Intrusion detection System) thiab IPS (Intrusion Prevention System), txhua tus ua haujlwm tshwj xeeb los saib xyuas thiab tiv thaiv kev ua phem los ntawm kev txheeb xyuas thiab thaiv ntau hom thiab theem kev hem thawj hauv lub sijhawm.
- Intrusion Detection Systems (IDS): passively saib xyuas kev khiav tsheb thiab ceeb toom cov thawj coj ntawm tej yam kev hem thawj yam tsis muaj kev cuam tshuam ncaj qha.
- Intrusion Prevention Systems (IPS): cuam tshuam cov dej num uas tsim kev puas tsuaj tam sim ntawd.
Hauv phau ntawv qhia no, peb yuav teeb tsa qhov kev nkag siab txog kev nkag mus thiab kev tiv thaiv kev tiv thaiv tiv thaiv ib hom kev sib tw web kev tawm tsam hu ua SQL txhaj.
Tiv thaiv kev tawm tsam siv IDS/IPS
SQL txhaj tshuaj tiv thaiv, yog ib hom kev tawm tsam tsim los tso cov kab lus phem hauv SQL nqe lus, hauv lub hom phiaj ntawm kev khaws cov ntaub ntawv tsis raug cai los ntawm web server's database, los yog rhuav tshem cov ntaub ntawv los ntawm kev nkag mus rau cov lus txib tsis zoo lossis kev tawm tswv yim.
Thov ua raws li cov kauj ruam hauv qab no txhawm rau tiv thaiv kev txhaj tshuaj:
- Nkag mus rau Firewall Module → Kev Tiv Thaiv Kev Tawm Tsam → Kos Npe Lub Tsev Qiv Ntawv.
- Nyem lub icon
- kom paub tseeb tias Cov Ntaub Ntawv Sau Npe Kos Npe yog nyob rau hnub tim.
Nco tseg
- Cov ntaub ntawv hem thawj tsis tu ncua thiab hloov kho tshiab los ntawm GCC nyob ntawm qhov kev npaj yuav khoom.
- Lub sijhawm hloov tshiab tuaj yeem teem sijhawm los ua rau txhua lub limtiam, lossis hnub tim / sijhawm.
Nkag mus rau Firewall Module → Kev Tiv Thaiv Kev Tawm Tsam → IDS/IPS.
Teem lub hom rau Ceeb Toom & Thaiv, qhov no yuav saib xyuas rau txhua qhov kev ua phem thiab khaws cia rau hauv kev ruaj ntseg log, nws tseem yuav thaiv qhov chaw ntawm kev tawm tsam.
Xaiv qhov Kev Tiv Thaiv Kev Ruaj Ntseg, qib kev tiv thaiv sib txawv tau txais kev txhawb nqa:
- Tsawg: Thaum qhov kev tiv thaiv tau teem rau "Low", cov kev tawm tsam hauv qab no yuav raug saib xyuas thiab / lossis thaiv: Txhaj, Brute Force, Txoj Kev Traversal, DoS, Trojan, Webplhaub.
- Nruab Nrab: Thaum qhov kev tiv thaiv tau teem rau "Medium", cov kev tawm tsam hauv qab no yuav raug saib xyuas thiab / lossis thaiv: Txhaj, Brute Force, Txoj Kev Traversal, DoS, Trojan, Webplhaub, Vulnerability Exploit, File Upload, Hacking cuab yeej, Phishing.
- Siab: Thaum qhov kev tiv thaiv tau teem rau "High", cov kev tawm tsam hauv qab no yuav raug saib xyuas thiab / lossis thaiv: Txhaj, Brute Force, Path Traversal, DoS, Trojan, Webplhaub, Vulnerability Exploit, File Upload, Hacking cuab yeej, Phishing.
- Siab heev: Txhua qhov kev tawm tsam vectors yuav raug thaiv.
- Kev Cai: qib kev tiv thaiv kev cai tso cai rau tus neeg siv xaiv tsuas yog qee hom kev tawm tsam kom pom thiab thaiv los ntawm GCC cov cuab yeej, thov xa mus rau [Attack Types Definitions] seem kom paub ntau ntxiv, peb yuav teeb tsa Kev Tiv Thaiv Kev Nyab Xeeb rau Kev Cai.
Thaum lub teeb tsa tau teeb tsa, Yog tias tus neeg tawm tsam sim tua SQL txhaj tshuaj, nws yuav raug saib xyuas thiab thaiv los ntawm GCC cov cuab yeej, thiab cov ntaub ntawv hais txog kev nqis tes ua yuav raug tso tawm ntawm cov ntawv teev kev ruaj ntseg raws li qhia hauv qab no:
Rau view Cov ntaub ntawv ntau ntxiv ntawm txhua lub cav, koj tuaj yeem nyem lub cim sib raug rau lub cav nkag:
Ntaus hom txhais
Lub cuab yeej IDS / IPS muaj peev xwm tiv thaiv ntau yam kev tawm tsam, peb yuav piav qhia luv luv ntawm txhua tus ntawm cov lus hauv qab no:
| Ntaus hom | Kev piav qhia | Example |
| Txhaj tshuaj | Kev txhaj tshuaj tshwm sim thaum cov ntaub ntawv tsis ntseeg raug xa mus rau tus neeg txhais lus raws li ib feem ntawm cov lus txib lossis cov lus nug, ua rau tus neeg txhais lus ua raws li cov lus txib uas tsis xav tau lossis nkag mus rau cov ntaub ntawv tsis raug cai. | SQL Txhaj nyob rau hauv daim ntawv nkag tuaj yeem tso cai rau tus neeg tawm tsam kom hla kev lees paub. |
| Brute Force | Brute quab yuam tawm tsam suav nrog sim ntau lo lus zais lossis cov lus hla nrog kev cia siab ntawm qhov kawg ntawm kev kwv yees kom raug los ntawm kev txheeb xyuas txhua tus passwords tau. | Sim ua ntau qhov sib txuas lo lus zais ntawm nplooj ntawv nkag. |
| Unserialize | Unserialization tawm tsam tshwm sim thaum cov ntaub ntawv tsis ntseeg yog deserialized, ua rau kev ua txhaum cai lossis lwm yam kev siv dag zog. | Tus neeg tawm tsam muab cov khoom phem serialized. |
| Cov ntaub ntawv | Kev nthuav tawm cov ntaub ntawv tawm tsam tsom mus sau cov ntaub ntawv hais txog lub hom phiaj los pab txhawb kev tawm tsam ntxiv. | Siv qhov tsis zoo los nyeem cov kev teeb tsa rhiab files. |
Txoj Kev Hla |
Txoj kev traversal tawm tsam aim kom nkag mus files thiab directory khaws cia sab nraum lub web hauv paus nplaub tshev los ntawm kev hloov pauv hloov pauv uas siv files nrog "../" sequences. | Nkag mus /etc/passwd ntawm Unix system los ntawm kev hla cov npe. |
| Exploitation ntawm Vulnerabilities | Exploitation yuav tsum noj advantage ntawm software vulnerabilities ua rau tus cwj pwm tsis xav tau lossis tau txais kev tso cai tsis raug cai. | Kev siv qhov tsis pub dhau qhov tsis muaj peev xwm ua kom tiav cov cai tswj hwm. |
| File Upload | File upload kev tawm tsam cuam tshuam nrog uploading siab phem files mus rau lub server kom ua tiav cov cai lossis cov lus txib. | Uploading ib web plhaub tsab ntawv kom tau txais kev tswj hwm ntawm lub server. |
| Network raws tu qauv | Kev soj ntsuam thiab txheeb xyuas qhov tsis txaus ntseeg hauv cov txheej txheem hauv network txhawm rau txheeb xyuas qhov muaj peev xwm ua rau muaj kev phom sij c. | Kev siv tsis zoo ntawm cov txheej txheem xws li ICMP, ARP, thiab lwm yam. |
| DoS (Kev Tsis Pom Zoo ntawm Kev Pabcuam) | DoS tawm tsam txhawm rau ua kom lub tshuab lossis cov peev txheej hauv network tsis muaj rau nws cov neeg siv xav tau los ntawm kev cuam tshuam nws nrog dej nyab ntawm kev lag luam hauv internet c. | Xa ib lub ntim loj ntawm kev thov rau a web server kom tshem tawm nws cov peev txheej. |
| Phishing | Phishing suav nrog kev dag cov tib neeg rau hauv kev nthuav tawm cov ntaub ntawv tsis pub lwm tus paub los ntawm kev dag ntxias email lossis webqhov chaw. | Ib qho email cuav uas zoo li los ntawm qhov chaw ntseeg siab, ua rau cov neeg siv nkag mus rau lawv cov ntawv pov thawj. |
| Qhov | Tunneling tawm tsam koom nrog encapsulating ib hom network tsheb khiav c nyob rau hauv lwm qhov kom hla kev tswj kev ruaj ntseg lossis firewalls. | Siv HTTP tunneling xa cov tsheb tsis yog HTTP c los ntawm kev sib txuas HTTP. |
| IoT (Internet of Yam) | Saib xyuas thiab txheeb xyuas qhov tsis txaus ntseeg hauv IoT cov cuab yeej los tiv thaiv kev tawm tsam uas tsom rau cov cuab yeej no. | Cov qauv kev sib txuas lus txawv txawv los ntawm IoT cov cuab yeej qhia tau tias muaj kev cuam tshuam. |
| Trojan | Trojan nees yog cov kev pabcuam phem uas ua rau cov neeg siv dag zog ntawm lawv lub hom phiaj tiag tiag, feem ntau muab lub nraub qaum rau tus neeg tawm tsam. | Ib qho kev pab cuam zoo li tsis muaj teeb meem uas muab tus neeg tawm tsam nkag mus rau lub kaw lus thaum raug tua. |
| CoinMiner | CoinMiners yog cov software phem tsim los rau mine cryptocurrency siv lub tshuab muaj kab mob cov peev txheej. | Ib daim ntawv zais mining uas siv CPU / GPU lub zog rau kuv qhov cryptocurrency. |
| Kab | Cov kab mob yog tus kheej-replicating malware uas kis thoob plaws hauv tes hauj lwm yam tsis xav tau kev cuam tshuam tib neeg. | Ib tug kab mob uas kis tau los ntawm kev sib koom ua ke los kis rau ntau lub tshuab. |
| Ransomware | Ransomware encrypts tus neeg raug tsim txom files thiab xav kom them tus nqe txhiv kom rov qab tau cov ntaub ntawv. | Ib qho program uas encrypts files thiab qhia txog tus nqe txhiv uas xav tau kev them nyiaj hauv cryptocurrency. |
| APT (Advanced Persistent Threat) | APTs tau ntev thiab tsom cyberattacks qhov twg tus intruder tau nkag mus rau hauv lub network thiab tseem tsis tau txheeb xyuas rau lub sijhawm ntev. | Kev tawm tsam sophisticated tsom cov ntaub ntawv rhiab ntawm ib lub koom haum tshwj xeeb. |
| Webplhaub | Web shells yog scripts uas muab a web-based interface rau cov neeg tawm tsam kom ua tiav cov lus txib ntawm kev cuam tshuam web server. | PHP tsab ntawv upload rau a web server uas tso cai rau tus neeg tawm tsam los khiav cov lus txib ntawm lub plhaub. |
| Cov cuab yeej Hacking | Cov cuab yeej hacking yog software tsim los pab txhawb kev nkag mus rau cov tshuab tsis raug cai. | Cov cuab yeej zoo li Metasploit lossis Mimikatz siv rau kev ntsuas nkag los yog kev ua phem phem. |
Cov khoom siv txhawb nqa
| Ntaus qauv | Yuav tsum muaj firmware |
| GCC 6010 W | 1.0.1.7+ |
| GCC6010 | 1.0.1.7+ |
| GCC6011 | 1.0.1.7+ |
Xav tau kev txhawb nqa?
Nrhiav tsis tau cov lus teb koj tab tom nrhiav? Tsis txhob txhawj peb nyob ntawm no los pab!
Cov ntaub ntawv / Cov ntaub ntawv
 |
GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions [ua pdf] Cov neeg siv phau ntawv qhia GCC6000, GCC6000 Series, GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions, Intrusion Detection UC Plus Networking Convergence Solutions, Detection UC Plus Networking Convergence Solutions, Networking Convergence Solutions, Solutions |
