Zamkatimu kubisa
1 GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions
2 Malangizo Ogwiritsira Ntchito Zogulitsa
3 Mawu Oyamba
4 Mitundu Yowukira Matanthauzo
5 Njira Yodutsa
6 Zolemba / Zothandizira
6.1 Maumboni
7 Zolemba Zogwirizana

GRANDSTREAM-logo

GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions-product

Zofotokozera Zamalonda

  • Mtundu: Grandstream Networks, Inc.
  • Mndandanda wa malonda: GCC6000 Series
  • Zofunika: IDS (Intrusion Detection System) ndi IPS (Intrusion Prevention System)

Malangizo Ogwiritsira Ntchito Zogulitsa

Chiyambi cha IDS ndi IPS
Chipangizo cholumikizira cha GCC chili ndi IDS ndi IPS pazifukwa zachitetezo. IDS imayang'anitsitsa momwe magalimoto alili komanso kudziwitsa oyang'anira za zoopsa zomwe zingachitike, pomwe IPS imalepheretsa zochitika zoyipa nthawi yomweyo.

Kupewa SQL Injection Attacks
Kuukira kwa SQL jekeseni kumafuna kuyika nambala yoyipa m'mawu a SQL kuti mutenge zambiri zosaloleka kapena kuvulaza nkhokwe. Tsatirani izi kuti mupewe izi:

  1. Yendetsani ku Firewall Module> Kuteteza Kulowetsa> Signature Library.
  2. Dinani pa chithunzi chosinthira kuti muwonetsetse kuti Siginecha Library Information ndi yaposachedwa.
  3. Khazikitsani mawonekedwe kuti Mudziwitse & Kutsekereza mu Firewall Module> Kupewa Kulowerera> IDS/IPS.
  4. Sankhani Mulingo Wotetezedwa (Otsika, Wapakatikati, Wapamwamba, Wapamwamba Kwambiri, kapena Mwachizolowezi) kutengera zosowa zanu.
  5. Konzani Security Protection Level malinga ndi zomwe mumakonda.

IDS/IPS Security Logs
Mukakonza zoikamo, kuyesa jekeseni iliyonse ya SQL kudzayang'aniridwa ndikutsekedwa ndi chipangizo cha GCC. Zomwe zimagwirizana zidzawonetsedwa muzolemba zachitetezo.

Mafunso Ofunsidwa Kawirikawiri (FAQ)

Q: Kodi nkhokwe zowopseza zimasinthidwa kangati?
A: Malo osungira ziwopsezo amasinthidwa pafupipafupi ndi GCC kutengera dongosolo lomwe mwagula. Zosintha zitha kukonzedwa sabata iliyonse kapena pa tsiku/nthawi inayake.

Q: Ndi mitundu yanji ya ziwonetsero zomwe zimayang'aniridwa mu Gawo lililonse la Chitetezo cha Chitetezo?
A: Miyezo yosiyanasiyana yachitetezo (Yotsika, Yapakatikati, Yapamwamba, Yapamwamba Kwambiri, Mwambo) imayang'anira ndikuletsa kuukira kosiyanasiyana monga jekeseni, Brute Force, Path Traversal, DoS, Trojan, Webchipolopolo, Vulnerability Exploit, File Kwezani, Kubera Zida, ndi Phishing.

Mawu Oyamba

Chipangizo cholumikizira cha GCC chimakhala ndi zida ziwiri zofunika kwambiri zachitetezo zomwe ndi IDS (Intrusion Detection System) ndi IPS (Intrusion Prevention System), iliyonse imakhala ndi cholinga choyang'anira ndikuletsa zochitika zoyipa pozindikira ndikuletsa mitundu yosiyanasiyana komanso milingo yowopsa munthawi yeniyeni.

  • Ma Intrusion Detection Systems (IDS): kuyang'anira mosabisa magalimoto komanso kuchenjeza oyang'anira za ziwopsezo zomwe zingachitike popanda kulowererapo mwachindunji.
  • Intrusion Prevention Systems (IPS): ikani zochitika zovulaza nthawi yomweyo.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (1)

Mu bukhuli, tidzakonza zodziwikiratu ndikuziteteza ku mtundu umodzi wamba web kuukira komwe kumadziwika kuti jakisoni wa SQL.

Kupewa kuukira pogwiritsa ntchito IDS/IPS
SQL jakisoni attack, ndi mtundu wa kuwukira wopangidwa kuti aike code yoyipa m'mawu a SQL, ndi cholinga chotenga zidziwitso zosaloledwa kuchokera ku web nkhokwe ya seva, kapena kuswa nkhokweyo polemba lamulo loyipa kapena zolowetsa.
Chonde tsatirani njira zotsatirazi kuti mupewe jekeseni:

  • Yendetsani ku Firewall Module → Kupewa Kulowerera → Signature Library.
  • Dinani chizindikiro
  • kuti muwonetsetse kuti Chidziwitso cha Laibulale Ya signature ndi chaposachedwa.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (2)

Zindikirani

  • Malo osungira ziwopsezo amasinthidwa pafupipafupi ndi GCC kutengera dongosolo lomwe mwagula.
  • Nthawi yosinthira imatha kukonzedwa kuti iyambike sabata iliyonse, kapena pa tsiku/nthawi yake.

Yendetsani ku Firewall Module → Kupewa Kulowerera → IDS/IPS.
Khazikitsani njira Yodziwitsira & Kutsekereza, izi zidzayang'anira chilichonse chokayikitsa ndikuchisunga mu chipika chachitetezo, chidzatsekereza komwe kukuukira.

Sankhani Gawo la Chitetezo cha Chitetezo, magawo osiyanasiyana achitetezo amathandizidwa:

  1. Pansi: Chitetezo chikakhazikitsidwa kukhala "Low", kuukira kotsatiraku kudzayang'aniridwa ndi / kapena kutsekedwa: Injection, Brute Force, Path Traversal, DoS, Trojan, Webchipolopolo.
  2. Yapakatikati: Chitetezo chikakhazikitsidwa kukhala "Medium", kuukira kotsatiraku kudzayang'aniridwa ndi/kapena kutsekedwa: Jekeseni, Brute Force, Path Traversal, DoS, Trojan, Webchipolopolo, Vulnerability Exploit, File Kwezani, Kubera Zida, Phishing.
  3. Pamwamba: Chitetezo chikakhazikitsidwa kukhala "Chapamwamba", kuukira kotsatiraku kudzayang'aniridwa ndi/kapena kutsekedwa: Injection, Brute Force, Path Traversal, DoS, Trojan, Webchipolopolo, Vulnerability Exploit, File Kwezani, Kubera Zida, Phishing.
  4. Pamwamba Kwambiri: Ma vector onse owukira adzatsekedwa.
  5. Mwambo: mulingo wachitetezo umalola wogwiritsa kusankha mitundu yokhayo yachitetezo kuti iwoneke ndikutsekedwa ndi chipangizo cha GCC, chonde onani gawo la [Attack Types Definitions] kuti mumve zambiri, tidzakhazikitsa Mulingo wa Chitetezo ku Mwambo.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (3)

Kukonzekera kukakhazikitsidwa, Ngati wowukira ayesa kuyambitsa jakisoni wa SQL, imayang'aniridwa ndikutsekedwa ndi chipangizo cha GCC, ndipo zomwe zikuyenera kuchitika zidzawonetsedwa pazipika zachitetezo monga momwe zilili pansipa:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (4)

Ku view zambiri pa chipika chilichonse, mutha kudina chizindikiro chogwirizana ndi chipikacho:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (5) GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (6)

Mitundu Yowukira Matanthauzo

Chida cha IDS/IPS chimatha kuteteza motsutsana ndi ma vector osiyanasiyana, tifotokoza mwachidule chilichonse patebulo ili pansipa:

Mtundu wa Attack Kufotokozera Example
Jekeseni Jekeseni zimachitika pamene deta yosadalirika imatumizidwa kwa womasulira monga gawo la lamulo kapena funso, kunyengerera womasulira kuti achite zomwe sakufuna kapena kupeza deta yosaloleka. SQL Injection mu fomu yolowera imatha kulola wowukira kuti adutse kutsimikizika.
Brute Force Kuwukira mwamphamvu kumaphatikizapo kuyesa mapasiwedi ambiri kapena mawu achinsinsi ndi chiyembekezo kuti pamapeto pake mutha kulosera molondola ndikuwunika mwadongosolo mawu onse achinsinsi. Kuyesa kuphatikiza mawu achinsinsi ambiri patsamba lolowera.
Musayesere Kuwukira kwaunserialization kumachitika pamene deta yosadalirika imachotsedwa, zomwe zimapangitsa kuti anthu aziphedwa mwachisawawa kapena kugwiritsa ntchito zina. Wowukira akupereka zinthu zoyipa zosawerengeka.
Zambiri Kuwulula zidziwitso kumafuna kusonkhanitsa zambiri za dongosolo lomwe mukufuna kuti lithandizire kuukira kwina. Kugwiritsa ntchito kusatetezeka kuti muwerenge masinthidwe achinsinsi files.

Njira Yodutsa

 Kuukira kwa Path Traversal kumafuna kupeza files ndi akalozera kusungidwa kunja kwa web root foda mwa kusintha zosintha zomwe zimalozera files ndi "../" kutsata. Kufikira /etc/passwd pa Unix system podutsa maulalo.
Kugwiritsa Ntchito Zowopsa Kudyera masuku pamutu kumafunika kuchitapo kanthutagKuwonongeka kwa mapulogalamu kuti apangitse machitidwe osakonzekera kapena kupeza mwayi wosaloledwa. Kugwiritsa ntchito chiwopsezo chakuchulukira kwa bafa kuti mupereke khodi yosavomerezeka.
File Kwezani File kutsitsa kumakhudzanso kutsitsa koyipa files ku seva kuti ipereke ma code kapena malamulo osasintha. Kukweza a web shell script kuti mupeze ulamuliro pa seva.
Network Ndondomeko Kuyang'anira ndi kuzindikira zolakwika mu ma protocol a netiweki kuti azindikire magalimoto omwe angakhale oyipa c. Kugwiritsa ntchito mwachilendo ma protocol monga ICMP, ARP, ndi zina.
DoS (Kukana Ntchito) Kuwukira kwa DoS kumapangitsa kuti makina kapena ma netiweki asapezeke kwa omwe akufuna kugwiritsa ntchito powadzaza ndi kuchuluka kwa magalimoto apaintaneti c. Kutumiza kuchuluka kwa zopempha kwa a web seva kuti iwononge chuma chake.
Phishing Phishing imaphatikizapo kunamiza anthu kuti aulule zinsinsi kudzera pamaimelo achinyengo kapena webmasamba. Imelo yabodza yomwe ikuwoneka ngati yochokera ku gwero lodalirika, kupangitsa ogwiritsa ntchito kulemba zidziwitso zawo.
Ngalande Kuwukira kwa tunnel kumaphatikizapo kutsekereza mtundu wina wa ma network c mkati mwa wina kuti ulambalale zowongolera zachitetezo kapena ma firewall. Kugwiritsa ntchito HTTP tunneling kutumiza anthu omwe si a HTTP c kudzera pa intaneti ya HTTP.
IoT (Intaneti Yazinthu) Kuyang'anira ndikuzindikira zolakwika mu zida za IoT kuti mupewe ziwopsezo zomwe zitha kulunjika pazidazi. Njira zoyankhulirana zosazolowereka kuchokera ku zida za IoT zomwe zikuwonetsa kunyengerera komwe kungatheke.
Trojan Trojan horses ndi mapulogalamu oyipa omwe amasocheretsa ogwiritsa ntchito zolinga zawo zenizeni, nthawi zambiri amapereka chitseko kwa wowukirayo. Pulogalamu yowoneka ngati yopanda vuto yomwe imapatsa wowukira mwayi wogwiritsa ntchito akaphedwa.
CoinMiner CoinMiners ndi mapulogalamu oyipa omwe amapangidwa kuti azitha kukumba cryptocurrency pogwiritsa ntchito makina omwe ali ndi kachilomboka. Cholemba chobisika chamigodi chomwe chimagwiritsa ntchito mphamvu ya CPU/GPU kukumba cryptocurrency.
Nyongolotsi Mphutsi ndi pulogalamu yaumbanda yodzibwereza yokha yomwe imafalikira pamanetiweki popanda kufunikira kulowererapo kwa anthu. Nyongolotsi yomwe imafalikira kudzera m'magawo amtaneti kuti iwononge makina ambiri.
Ransomware Ransomware imabisa za wozunzidwa files ndipo amafuna chiwombolo kuti abwezeretse mwayi wopeza deta. Pulogalamu yomwe imabisala files ndikuwonetsa chiwombolo chofuna kulipira mu cryptocurrency.
APT (Advanced Persistent Threat) Ma APT amakhala otalikirapo komanso olimbana ndi ma cyberattack pomwe wolowerera amapeza netiweki ndipo amakhala osazindikirika kwa nthawi yayitali. Kuwukira kwanthawi yayitali komwe kumalunjika kuzinthu zofunikira za bungwe linalake.
Webchipolopolo Web zipolopolo ndi zolemba zomwe zimapereka a web-Mawonekedwe opangidwa ndi owukira kuti apereke malamulo pazowonongeka web seva. Zolemba za PHP zokwezedwa ku a web seva yomwe imalola wowukirayo kuyendetsa malamulo a zipolopolo.
Kubera Zida Zida zowononga ndi mapulogalamu opangidwa kuti azitha kupeza machitidwe osaloleka. Zida monga Metasploit kapena Mimikatz zomwe zimagwiritsidwa ntchito poyesa kulowa kapena kubera koyipa.

Zida Zothandizira

 Chipangizo Model  Firmware Yofunika
 Mtengo wa GCC6010W  1.0.1.7+
 GCC6010  1.0.1.7+
 GCC6011  1.0.1.7+

Amafuna Thandizo?
Simukupeza yankho lomwe mukuyang'ana? Osadandaula tabwera kuti tikuthandizeni!

Zolemba / Zothandizira

GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions [pdf] Buku Logwiritsa Ntchito
GCC6000, GCC6000 Series, GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions, Intrusion Detection UC Plus Networking Convergence Solutions, Detection UC Plus Networking Convergence Solutions, Networking Convergence Solutions, Solutions

Maumboni

Zolemba Zogwirizana

Siyani ndemanga

Imelo yanu sisindikizidwa. Minda yofunikira yalembedwa *