Mataupu lalafi
1 GRANDSTREAM GCC6000 Fa'asologa Fa'asagaga Su'esu'ega UC Plus Networking Convergence Fofo
2 Fa'atonuga o le Fa'aaogaina o Mea
3 Folasaga
4 Fa'amatalaga o Ituaiga o osofa'iga
5 Fa'asalaina o le Ala
6 Pepa / Punaoa
6.1 Fa'asinomaga
7 Fa'amatalaga Fa'atatau

GANDSTREAM-logo

GRANDSTREAM GCC6000 Fa'asologa Fa'asagaga Su'esu'ega UC Plus Networking Convergence Fofo

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solusi-oloa

Fa'amatalaga o oloa

  • Fa'ailoga: Grandstream Networks, Inc.
  • Oloa Fa'asologa: GCC6000 Fa'asologa
  • Fa'aaliga: IDS (Intrusion Detection System) ma le IPS (Intrusion Prevention System)

Fa'atonuga o le Fa'aaogaina o Mea

Folasaga ile IDS ma le IPS
O le GCC convergence device ua faʻapipiʻiina ile IDS ma le IPS mo faʻamoemoega saogalemu. O le IDS e mata'ituina femalaga'iga ma fa'ailoa pule i fa'amata'u fa'amata'u, a'o fa'alavelave vave e le IPS gaioiga fa'aleagaina.

Puipuia le SQL Injection Attacks
O osofa'iga tu'i SQL e fa'amoemoe e fa'aofi le fa'ailoga leaga i fa'amatalaga SQL e toe maua mai ai fa'amatalaga e le'i fa'atagaina pe fa'aleagaina le fa'amaumauga. Mulimuli i laasaga nei e puipuia ai ia osofaʻiga:

  1. Su'e ile Firewall Module > Intrusion Prevention > Signature Library.
  2. Kiliki i luga o le fa'afouga icon e fa'amautinoa ai o lo'o fa'afou le Fa'amatalaga o le Faletusi o Saini.
  3. Seti le faiga e Fa'ailoa & Poloka i le Firewall Module > Intrusion Prevention > IDS/IPS.
  4. Filifili se Laasaga Puipuiga (Low, Medium, High, Extremely High, or Custom) e fa'atatau i ou mana'oga.
  5. Fa'atulaga le Laasaga Puipuiga o le Saogalemu e tusa ai ma ou mana'oga.

IDS/IPS Fa'amaumauga Puipuiga
A maeʻa le faʻatulagaina o faʻatulagaga, soʻo se taumafaiga a le SQL injection attack o le a mataʻituina ma poloka e le GCC masini. O fa'amatalaga talafeagai o le a fa'aalia i totonu o fa'amaumauga o le puipuiga.

Fesili e Fai soo (FAQ)

F: E fa'afia ona fa'afou le fa'amatalaga fa'amata'u?
A: O le faʻamatalaga taufaʻatau e masani ona faʻafouina e le GCC e faʻatatau i le fuafuaga faʻatau. O fa'afouga e mafai ona fa'atulaga i vaiaso ta'itasi po'o se aso/taimi fa'apitoa.

Q: O a ituaiga o osofaʻiga o loʻo mataʻituina i tulaga taʻitasi Puipuiga Puipuiga?
A: Vaʻaia tulaga puipuia (Low, Medium, High, Extremely High, Custom) mataʻituina ma poloka osofaʻiga eseese e pei ole Injection, Brute Force, Path Traversal, DoS, Trojan, Webatigi, Avanoa Fa'aaogāga, File Tu'u i luga, Meafaigaluega Hacking, ma Phishing.

Folasaga

O le GCC convergence device o loʻo faʻapipiʻiina i ni vaega taua se lua o le saogalemu o le IDS (Intrusion detection System) ma le IPS (Intrusion Prevention System), e tofu ma se faʻamoemoega faʻapitoa e mataʻituina ma puipuia gaioiga leaga e ala i le faailoaina ma le poloka o ituaiga eseese ma tulaga o taufaamatau i le taimi moni.

  • Intrusion Detection Systems (IDS): mataʻituina feʻaveaʻi ma mataala pule o faʻamataʻu faʻalavelave e aunoa ma se faʻalavelave tuusaʻo.
  • Faiga Fa'alavelave Fa'alavelave (IPS): fa'alavelave vave gaioiga fa'aleagaina.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (1)

I totonu o lenei taʻiala, o le a matou faʻapipiʻiina se suʻesuʻega faʻalavelave ma puipuiga puipuia mai se tasi ituaiga masani o web osofa'iga ua ta'ua o tui SQL.

Puipuia osofaʻiga e faʻaaoga ai le IDS/IPS
SQL injection attack, o se ituaiga o osofaʻiga ua faʻatulagaina e tuʻu ai tulafono leaga i faʻamatalaga SQL, i le sini o le toe maua mai o faʻamatalaga le faʻatagaina mai le web server's database, po'o le talepeina o le database e ala i le tu'uina atu o se fa'atonuga leaga po'o se fa'aoga.
Fa'amolemole mulimuli i laasaga nei e puipuia ai le tui tui:

  • Su'e ile Firewall Module → Intrusion Prevention → Signature Library.
  • Kiliki le fa'ailoga
  • ina ia mautinoa o loʻo faʻafou le Faʻamatalaga o le Faletusi o Saini.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (2)

Manatua

  • O le faʻamatalaga taufaʻatau e masani ona faʻafouina e le GCC e faʻatatau i le fuafuaga faʻatau.
  • Ole taimi fa'afou e mafai ona fa'atulaga e fa'aosoina pe ta'i vaiaso, po'o se aso/taimi atoa.

Su'e ile Firewall Module → Intrusion Prevention → IDS/IPS.
Seti le faiga i le Notify & Block, o le a mataʻituina ai soʻo se gaioiga masalomia ma faʻasaoina i totonu o le faʻamaumauga o le puipuiga, o le a poloka ai foi le puna o le osofaʻiga.

Filifili le Laasaga Puipuiga Puipuiga, tulaga eseese puipuiga e lagolagoina:

  1. Maualalo: A faʻapipiʻi le puipuiga i le "Low", o osofaʻiga nei o le a mataʻituina ma / pe poloka: tui, Brute Force, Path Traversal, DoS, Trojan, Webatigi.
  2. Medium: A faʻapipiʻi le puipuiga i le "Medium", o osofaʻiga nei o le a mataʻituina ma / pe poloka: tui, Brute Force, Path Traversal, DoS, Trojan, Webatigi, Avanoa Fa'aaogāga, File Tu'u i luga, Meafaigaluega Hacking, Phishing.
  3. Maualuluga: A faʻapipiʻi le puipuiga i le "Maualuga", o osofaʻiga nei o le a mataʻituina ma / pe poloka: Injection, Brute Force, Path Traversal, DoS, Trojan, Webatigi, Avanoa Fa'aaogāga, File Tu'u i luga, Meafaigaluega Hacking, Phishing.
  4. Matua maualuga: O le a poloka uma osofaʻiga vectors.
  5. Fa'aleaganu'u: o le tulaga o le puipuiga fa'ale-aganu'u e mafai ai e le tagata fa'aoga ona filifili na'o ituaiga o osofa'iga fa'apitoa e iloa ma poloka e le masini GCC, fa'amolemole fa'afeso'ota'i le vaega [Attack Types Definitions] mo nisi fa'amatalaga, o le a matou setiina le Puipuiga Puipuiga i le Custom.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (3)

O le taimi lava e seti ai le faʻatulagaga, Afai e taumafai se tagata osofaʻi e faʻalauiloa se tui SQL, o le a mataʻituina ma poloka e le GCC masini, ma o le a faʻaalia le faʻamatalaga o gaioiga i luga o faʻamaumauga o le puipuiga e pei ona faʻaalia i lalo:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (4)

I view nisi fa'amatalaga i ogalaau ta'itasi, e mafai ona e kiliki le fa'aikona e fetaui ma le fa'ailoga ogalaau:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (5) GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (6)

Fa'amatalaga o Ituaiga o osofa'iga

O le meafaigaluega IDS / IPS e iai le malosi e puipuia ai mai faʻalavelave osofaʻi eseese, matou te faʻamatala faʻapuupuu ia mea taʻitasi i luga o le laulau i lalo:

Ituaiga Osofaiga Fa'amatalaga Example
tui O osofa'iga tui e tupu pe a lafo atu fa'amatalaga le talitonuina i se fa'aliliu upu o se vaega o se fa'atonuga po'o se fesili, fa'a'ole'ole le fa'aliliu upu i le fa'atinoina o fa'atonuga e le'i fa'amoemoeina po'o le mauaina o fa'amatalaga e le'i fa'atagaina. SQL Injection i totonu o se pepa faʻaoga e mafai ona faʻatagaina se tagata osofaʻi e faʻamalo le faʻamaoniga.
Malosi Saua O osofa'iga fa'amalosi e aofia ai le taumafai i le tele o fa'aupuga po'o fa'aupuga ma le fa'amoemoe e iu lava ina sa'o le mateina e ala i le siakiina fa'asolosolo uma o upu fa'aoga e mafai. Taumafai e tele fa'aupuga fa'aupuga i luga o se itulau e saini ai.
Unserialize O osofa'iga e le fa'asalalauina e tupu pe a fa'ate'aina fa'amaumauga e le talitonuina, e o'o atu ai i le fa'atinoina o tulafono laiti po'o isi fa'aoga. Ose tagata osofa'i o lo'o tu'uina atu mea fa'asalalau leaga.
Fa'amatalaga O osofaʻiga faʻamatalaga faʻamatalaga e faʻamoemoe e aoina faʻamatalaga e uiga i le faʻaogaina o faiga e faʻafaigofie ai isi osofaʻiga. Fa'aaogāina o se fa'aletonu e faitau ma'ale'ale fa'atonuga files.

Fa'asalaina o le Ala

 O osofa'iga fa'asolosolo auala e fa'amoemoe e maua files ma fa'amaumauga o lo'o teuina i fafo atu o le web root folder e ala i le faʻaogaina o fesuiaiga e faʻasino files fa'atasi ai ma "../" fa'asologa. Avanoa /etc/passwd i luga o le Unix system e ala i le faʻasalalau tusi.
Fa'aaogaina o Fa'aletonu O le fa'aaogaina e aofia ai le ave o le advantagu o fa'afitauli fa'apolokalame e fa'atupu ai amioga e le'i fa'amoemoeina po'o le maua o avanoa e le fa'atagaina. Le fa'aogaina o se pa'u e so'ona vaivai le fa'atinoina o tulafono fa'atonu.
File Tu'u mai File fa'apipi'i osofa'iga e aofia ai le tu'uina atu o mea leaga files i se 'au'aunaga e fa'atino ai fa'atonuga po'o ni fa'atonuga. Tu'uina a web shell script e maua ai le pule ile server.
Fesootaiga Polokalama Mata'itūina ma su'esu'eina fa'aletonu i feso'ota'iga feso'ota'iga e fa'ailoa ai fe'avea'i e ono leaga i. Fa'aoga le masani ai o fa'amaumauga e pei ole ICMP, ARP, ma isi.
DoS (Teena o Auaunaga) O osofa'iga a le DoS o lo'o fa'amoemoe e le maua se masini po'o se punaoa feso'ota'iga i ana tagata fa'amoemoe e ala i le lofituina i le lolovaia o fefa'ataua'iga i luga ole laiga c. Tuuina atu le tele o talosaga i a web 'au'aunaga e fa'auma ana puna'oa.
Phishing Phishing e aofia ai le fa'a'ole'ole o tagata e fa'ailoa fa'amatalaga fa'alilolilo e ala i imeli taufaasese po'o webnofoaga. O se imeli pepelo e foliga mai e sau mai se puna fa'atuatuaina, e fa'aosofia ai tagata fa'aoga e ulufale i latou fa'amaonia.
Alafua O osofa'iga tunneling e aofia ai le fa'aofiina o se tasi ituaiga o feso'ota'iga feso'ota'iga i totonu o le isi e fa'aalo ai fa'atonuga saogalemu po'o puipui afi. Fa'aaogāina o le HTTP tunneling e lafo ai fefa'ataua'iga e le o ni HTTP e ala ile feso'ota'iga HTTP.
IoT (Initaneti o Mea) Mataʻituina ma suʻesuʻeina faʻalavelave i masini IoT e puipuia ai osofaʻiga faʻalavelave e faʻatatau i nei masini. Faiga fesoʻotaʻiga e le masani ai mai masini IoT e faʻaalia ai se fetuunaiga talafeagai.
Trojan Trojan horses o ni polokalame leaga e faʻasesē ai tagata faʻaoga o latou faʻamoemoega moni, e masani ona tuʻuina atu se faitotoa i tua i le osofaʻiga. O se polokalame e foliga mai e le afaina lea e maua ai e se tagata osofa'i le avanoa i le faiga pe a fa'atino.
CoinMiner CoinMiners o polokalama leaga ua fuafuaina e mine cryptocurrency e faaaoga ai punaoa a le masini pisia. O se fa'amatalaga fa'alilo natia lea e fa'aogaina ai le malosi o le CPU/GPU e la'u ai le cryptocurrency.
Anufe Anufe o mea leaga e fa'afo'i e le tagata lava ia e sosolo i feso'ota'iga e aunoa ma le mana'omia o se fa'alavelave a tagata. O se anufe e sosolo i sea feso'otaiga e a'afia ai masini e tele.
Ransomware E fa'aigoaina e le Ransomware se tagata ua afaina files ma manaʻomia se totogi e toe faʻafoʻi ai le avanoa i faʻamatalaga. O se polokalame e fa'ailoga files ma faʻaalia se tupe faʻatau e manaʻomia ai le totogiina i le cryptocurrency.
APT (Advanced Persistent Threat) APTs e faaumiumi ma taulaʻi i luga ole cyberattacks lea e maua ai e se tagata faʻalavelave le avanoa i se fesoʻotaiga ma tumau ai le le iloa mo se taimi umi. Ose osofa'iga fa'apitoa e fa'atatau i fa'amatalaga ma'ale'ale a se fa'alapotopotoga fa'apitoa.
Webatigi Web atigi o tusitusiga e maua ai a web-faʻavae faʻaoga mo tagata osofaʻi e faʻatino ai faʻatonuga i luga o se faʻalavelave web server. O se fa'amaumauga PHP na tu'uina atu i le a web 'au'aunaga e fa'ataga ai le tagata osofa'i e fa'atino fa'atonuga atigi.
Meafaigaluega Hacking O mea faigaluega Hacking o polokalama faakomepiuta ua mamanuina e faafaigofie ai le avanoa e le faatagaina i faiga. Meafaigaluega e pei o Metasploit poʻo Mimikatz faʻaaogaina mo suʻega faʻapipiʻi poʻo le faʻafefe leaga.

Masini Lagolago

 Fa'ata'ita'iga o masini  Firmware Manaomia
 GCC6010W  1.0.1.7+
 GCC6010  1.0.1.7+
 GCC6011  1.0.1.7+

Manaomia le Lagolago?
Le maua le tali o lo'o e su'eina? Aua e te popole ua matou i ai iinei e fesoasoani!

Pepa / Punaoa

GRANDSTREAM GCC6000 Fa'asologa Fa'asagaga Su'esu'ega UC Plus Networking Convergence Fofo [pdf] Taiala mo Tagata Fa'aoga
GCC6000, GCC6000 Series, GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions, Intrusion Detection UC Plus Networking Convergence Solutions, Su'esu'ega UC Plus Networking Convergence Solutions, Networking Convergence Solutions, Fofo

Fa'asinomaga

Fa'amatalaga Fa'atatau

Tuu se faamatalaga

E le fa'asalalauina lau tuatusi imeli. Fa'ailogaina fanua mana'omia *