ọdịnaya zoo
1 GRANDSTREAM GCC6000 Usoro ntinye ihe nchọta UC Plus Ngwọta njikọta ịkparịta ụka n'Ịntanet
2 Ntuziaka ojiji ngwaahịa
3 Okwu mmalite
4 Nkọwa ụdị ọgụ
5 Ụzọ njem
6 Akwụkwọ / akụrụngwa
6.1 Ntụaka
7 Ozi ndị metụtara

GRANDSTREAM-akara ngosi

GRANDSTREAM GCC6000 Usoro ntinye ihe nchọta UC Plus Ngwọta njikọta ịkparịta ụka n'Ịntanet

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Ngwọta-ngwaahịa.

Nkọwapụta ngwaahịa

  • Ụdị: Grandstream Networks, Inc.
  • Usoro ngwaahịa: GCC6000 Series
  • Atụmatụ: IDS (Sistemụ Nchọpụta Intrusion) na IPS (Sistemụ Mgbochi Mgbochi)

Ntuziaka ojiji ngwaahịa

Okwu mmalite nke IDS na IPS
Ngwa GCC convergence nwere IDS na IPS maka ebumnuche nchekwa. IDS na-enyocha okporo ụzọ ma na-eme ka ndị nchịkwa mara ihe egwu nwere ike ime, ebe IPS na-egbochi ihe omume ndị na-emerụ ahụ ozugbo.

Na-egbochi Mwakpo Injection SQL
Mwakpo ogbugba SQL bu n'obi itinye koodu ọjọọ n'ime nkwupụta SQL iji weghachite ozi na-enwetaghị ikike ma ọ bụ mebie nchekwa data ahụ. Soro usoro ndị a iji gbochie ụdị ọgụ a:

  1. Gaa na Module Firewall> Mgbochi mbubata> ọba akwụkwọ mbinye aka.
  2. Pịa akara ngosi mmelite iji hụ na Ozi Ọbá akwụkwọ mbinye aka adịla ọhụrụ.
  3. Tọọ ọnọdụ ka ị mara & Gbochie na Module Firewall> Mgbochi mbubata> IDS/IPS.
  4. Họrọ Ọkwa Nchedo Nchekwa (Ọ dị ala, Ọkara, Elu, Dị Elu, ma ọ bụ Omenala) dabere na mkpa gị.
  5. Hazie ọkwa nchekwa nchekwa dịka mmasị gị siri dị.

Ndekọ Nchekwa IDS/IPS
Ka emechara ntọala ahụ, ngwaọrụ GCC ga-enyocha ma gbochie nwara mwakpo SQL ọ bụla. A ga-egosipụta ozi kwekọrọ na ndekọ nchekwa.

Ajụjụ A na-ajụkarị (FAQ)

Ajụjụ: Ugboro ole ka a na-emelite nchekwa data iyi egwu?
A: GCC na-emelite nchekwa data iyi egwu oge niile yana dabere na atụmatụ zụrụ. Enwere ike ịhazi mmelite kwa izu ma ọ bụ n'otu ụbọchị/oge akọwapụtara.

Ajụjụ: Kedu ụdị ọgụ a na-enyocha na ọkwa nchekwa nchekwa ọ bụla?
A: ọkwa nchebe dị iche iche (Ọ dị ala, Ọkara, Elu, Dị Elu, Omenala) nyochaa ma gbochie ọgụ dị iche iche dị ka injection, Brute Force, Path Traversal, DoS, Trojan, Webshei, adịghị ike irigbu, File Bulite, Ngwa hacking, na phishing.

Okwu mmalite

Ngwa njikọ GCC na-abịa na atụmatụ nchekwa abụọ dị mkpa dị mkpa bụ IDS (Sistemụ Nchọpụta Intrusion) na IPS (Sistemụ Mgbochi Intrusion), nke ọ bụla na-arụ otu ebumnuche iji nyochaa ma gbochie omume ọjọọ site na ịchọpụta na igbochi ụdị na ọkwa dị iche iche. egwu na ozugbo.

  • Sistemụ Nchọpụta Intrusion (IDS): jiri nwayọ na-enyocha okporo ụzọ yana ndị na-elekọta ndị na-ahụ maka ihe egwu nwere ike ime na-enweghị enyemaka ozugbo.
  • Sistemụ Mgbochi Mbanye (IPS): gbochie mmemme ndị na-emerụ ahụ ozugbo.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (1)

Na ntuziaka a, anyị ga-ahazi nchọpụta intrusion na mgbochi mgbochi megide otu ụdị nkịtị web ọgụ a maara dị ka SQL injections.

Na-egbochi mbuso agha iji IDS/IPS
Mwakpo ogbugba SQL, bụ ụdị ọgụ ahọpụtara idobe koodu ọjọọ na nkwupụta SQL, na ebumnuche nke iweghachite ozi na-enwetaghị ikike site na web nchekwa data nkesa, ma ọ bụ mebie nchekwa data site na itinye iwu ma ọ bụ ntinye na-emerụ ahụ.
Biko soro usoro ndị a iji gbochie mwakpo injection:

  • Gaa na modul Firewall → Mgbochi mbubata → ọba akwụkwọ mbinye aka.
  • Pịa akara ngosi
  • iji hụ na Ozi Ọbá akwụkwọ mbinye aka dị ọhụrụ.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (2)

Rịba ama

  • GCC na-emelite nchekwa data iyi egwu mgbe niile yana na-akpaghị aka dabere na atụmatụ zụrụ.
  • Enwere ike ịhazi oge mmelite ka ewelite ya kwa izu, ma ọ bụ na ụbọchị/oge zuru oke.

Gaa na Module Firewall → Mgbochi mbubata → IDS/IPS.
Tọọ ọnọdụ na Notify & Gbochie, nke a ga-enyocha maka ihe ọ bụla a na-enyo enyo ma chekwaa ya na ndekọ nchekwa, ọ ga-egbochikwa isi iyi nke mwakpo ahụ.

Họrọ Ọkwa Nchekwa Nche, akwadoro ọkwa nchekwa dị iche iche:

  1. Dị ala: Mgbe edobere nchedo ka ọ bụrụ “Ọ dị ala“, a ga-enyocha ọgụ na/ma ọ bụ gbochie mwakpo ndị a: Injection, Brute Force, Traversal Path Traversal, DoS, Trojan, Webshei.
  2. Ọkara: Mgbe edobere nchedo ka ọ bụrụ “Ọkara“, a ga-enyocha ọgụ na/ma ọ bụ gbochie mwakpo ndị a: Injection, Brute Force, Traversal Path Traversal, DoS, Trojan, Webshei, adịghị ike irigbu, File Bulite, Ngwa mbanye anataghị ikike, phishing.
  3. Elu: Mgbe edobere nchedo ka ọ bụrụ “Elu“, a ga-enyocha ọgụ na/ma ọ bụ gbochie mwakpo ndị a: Injection, Brute Force, Path Traversal, DoS, Trojan, Webshei, adịghị ike irigbu, File Bulite, Ngwa mbanye anataghị ikike, phishing.
  4. Oke oke: A ga-egbochi vectors ọgụ niile.
  5. Omenala: ọkwa nchedo omenala na-enye onye ọrụ ohere ịhọrọ naanị ụdị ọgụ a ga-achọpụta ma gbochie ya site na ngwaọrụ GCC, biko rụtụ aka na ngalaba [Attack Types Definitions] maka ozi ndị ọzọ, anyị ga-edobe ọkwa nchekwa nchekwa na omenala.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (3)

Ozugbo edoziri nhazi ahụ, Ọ bụrụ na onye na-awakpo agbalị ịmalite ịgba ọgwụ SQL, ngwaọrụ GCC ga-enyocha ma gbochie ya, a ga-egosipụta ozi omume kwekọrọ na ndekọ nchekwa dịka egosiri n'okpuru:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (4)

Iji view ozi ndị ọzọ na ndekọ ọ bụla, ị nwere ike pịa akara ngosi dabara na ntinye ndekọ:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (5) GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence- Solutions- (6)

Nkọwa ụdị ọgụ

Ngwá ọrụ IDS/IPS nwere ikike ichebe pụọ ​​na ụdị ọgụ dị iche iche, anyị ga-akọwa nkenke nke ọ bụla n'ime ha na tebụl dị n'okpuru:

Ụdị mbuso agha Nkọwa Example
Ịgba ọgwụ Mwakpo injection na-eme mgbe ezigara onye ntụgharị data enweghị ntụkwasị obi dị ka akụkụ nke iwu ma ọ bụ ajụjụ, na-aghọgbu onye ntụgharị ka ọ mebe iwu na-atụghị anya ya ma ọ bụ nweta data na-akwadoghị. Ntinye SQL n'ụdị nbanye nwere ike ikwe ka onye na-awakpo gafere nyocha.
Ike ọjọọ Mwakpo ike ike na-agụnye ịnwale ọtụtụ okwuntughe ma ọ bụ passphrases nwere olile anya nke imecha ịkọ nkọ nke ọma site na ịlele okwuntughe niile enwere ike. Na-anwale ọtụtụ nchikota okwuntughe na ibe nbanye.
Wepu aha Mwakpo enweghị usoro na-eme mgbe emebisịrị data atụkwasịghị obi, na-eduga na mkpochapụ koodu aka ike ma ọ bụ nrigbu ndị ọzọ. Onye na-awakpo na-enye ihe arụrụ arụ arụrụ arụ.
Ozi Mwakpo mkpughe ozi bu n'obi ikpokọta ozi gbasara usoro ebumnuche iji kwado ọgụ ndị ọzọ. Na-erigbu adịghị ike iji gụọ nhazi dị nro files.

Ụzọ njem

 Mwakpo ụzọ ụzọ na-achọ ịnweta files na akwụkwọ ndekọ aha echekwara na mpụga web mgbọrọgwụ nchekwa site na ijikwa mgbanwe ndị na-ezo aka files na usoro "../" Ịnweta /etc/passwd na sistemụ Unix site na ịgafe akwụkwọ ndekọ aha.
Nrigbu nke adịghị ike Nrigbu na-agụnye iji advantage nke adịghị ike software iji mee ka omume na-atụghị anya ya ma ọ bụ nweta ohere na-enweghị ikike. Na-erigbu adịghị ike njupụta nke ihe nchekwa iji mebie koodu aka ike.
File Bulite File mbulite mbulite gụnyere ibulite obi ọjọọ files na ihe nkesa iji mebie koodu ma ọ bụ iwu aka ike. Na-ebugote a web script shei iji nweta njikwa ihe nkesa.
Netwọk Protocol Nyochaa na ịchọpụta ihe adịghị mma na usoro netwọkụ iji chọpụta traffi c. Iji usoro iwu na-adịghị ahụkebe dịka ICMP, ARP, wdg.
DoS (Agọnarị ọrụ) Mwakpo DoS bu n'obi ime ka igwe ma ọ bụ akụrụngwa netwọk ghara ịnweta ndị ọrụ ya bu n'obi site na iju mmiri nke ịntanetị c. Na-eziga oke olu arịrịọ na a web ihe nkesa na-agwụcha ihe onwunwe ya.
phishing phishing gụnyere ịghọgbu ndị mmadụ n'otu n'otu na-ekpughe ozi nzuzo site na ozi-e aghụghọ ma ọ bụ websaịtị. Email adịgboroja nke na-egosi na ọ sitere na ebe ntụkwasị obi, na-akpali ndị ọrụ itinye nzere ha.
Ọwara Mwakpo ọwara na-agụnye ikpuchi otu ụdị traffi netwọkụ c n'ime ọzọ iji gafere njikwa nchekwa ma ọ bụ firewalls. Iji HTTP tunneling izipu traffi c na-abụghị HTTP site na njikọ HTTP.
IoT (Internet nke Ihe) Nleba anya na ịchọpụta ihe adịghị mma na ngwaọrụ IoT iji gbochie mwakpo ndị nwere ike ịchebe ngwaọrụ ndị a. Usoro nzikọrịta ozi na-adịghị ahụkebe sitere na ngwaọrụ IoT na-egosi nkwekọrịta enwere ike.
Trojan Ịnyịnya Trojan bụ mmemme ọjọọ na-eduhie ndị ọrụ nke ezi ebumnuche ha, na-enyekarị onye na-awakpo azụ azụ. Mmemme yiri ka enweghị mmerụ ahụ nke na-enye onye na-awakpo ohere ịnweta sistemụ mgbe e gburu ya.
CoinMiner CoinMiners bụ sọftụwia obi ọjọọ emebere iji gwupụta cryptocurrency site na iji akụrụngwa nke nje butere. Ederede Ngwuputa zoro ezo nke na-eji ike CPU/GPU na-egwupụta cryptocurrency.
Worm Worms bụ malware na-emegharị onwe ya nke na-agbasa na netwọkụ na-enweghị mkpa enyemaka mmadụ. Ikpuru na-agbasa site na mbak netwọk iji bute ọtụtụ igwe.
Ransomware Ransomware na-ezochi nke onye ihe metụtara files wee rịọ ka a kwụọ ụgwọ mgbapụta iji weghachi ohere ịnweta data ahụ. Mmemme na-ezochi ezo files ma gosipụta akwụkwọ mgbapụta chọrọ ịkwụ ụgwọ na cryptocurrency.
APT (ihe egwu na-adịgide adịgide) APT bụ ogologo oge na mwakpo cyber ezubere iche ebe onye omempụ na-enweta ohere na netwọk ma na-anọgide na-ahụghị ya ruo ogologo oge. Mwakpo ọkaibe nke ezubere iche maka data nwere mmetụta nke otu nzukọ.
Webshei Web shells bụ scripts na-enye a web-dabere na interface maka ndị na-awakpo iji mebie iwu n'ime nsogbu web ihe nkesa. Ederede PHP ebugoro na a web ihe nkesa na-enye ohere ka onye na-awakpo na-agba ọsọ iwu shei.
Ngwa hacking Ngwá ọrụ hacking bụ sọftụwia emebere iji kwado ohere ịnweta sistemụ na-enweghị ikike. Ngwa ndị dị ka Metasploit ma ọ bụ Mimikatz ejiri maka nyocha ntinye ma ọ bụ mbanye obi ọjọọ.

Ngwaọrụ akwadoro

 Ụdị ngwaọrụ  Firmware achọrọ
 GCC6010W  1.0.1.7+
 GCC6010  1.0.1.7+
 GCC6011  1.0.1.7+

Mkpa nkwado?
Enweghị ike ịchọta azịza ị na-achọ? Echegbula onwe gị na anyị bịara nyere aka!

Akwụkwọ / akụrụngwa

GRANDSTREAM GCC6000 Usoro ntinye ihe nchọta UC Plus Ngwọta njikọta ịkparịta ụka n'Ịntanet [pdf] Ntuziaka onye ọrụ
GCC6000, GCC6000 Series, GCC6000 Series intrusion Detection UC Plus Networking Convergence Solutions, Nchọpụta ntinye UC Plus Ngwọta Ngwọta Ngwọta Ngwọta Ngwọta Ngwọta UC Plus Ngwọta Ntanetị Ngwọta, Ngwọta Mmekọrịta Ntanetị, Ngwọta.

Ntụaka

Ozi ndị metụtara

Hapụ ikwu

Agaghị ebipụta adreesị ozi-e gị. Akara mpaghara achọrọ akara *