Litaba pata
1 GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions
2 Litaelo tsa Tšebeliso ea Sehlahisoa
3 Selelekela
4 Mefuta ea Tlhaselo Litlhaloso
5 Tsela ea ho Tsamaea
6 Litokomane / Lisebelisoa
6.1 Litšupiso
7 Related Posts

LEKHOLO-ts'oao

GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions-product

Litlhaloso tsa Sehlahisoa

  • Lebitso: Grandstream Networks, Inc.
  • Letoto la lihlahisoa: GCC6000 Series
  • Likarolo: IDS (Intrusion Detection System) le IPS (Intrusion Prevention System)

Litaelo tsa Tšebeliso ea Sehlahisoa

Kenyelletso ho IDS le IPS
Sesebelisoa sa khokahano sa GCC se na le IDS le IPS molemong oa ts'ireletso. IDS e beha leihlo sephethephethe feela 'me e lemosa batsamaisi ka litšokelo tse ka bang teng, ha IPS e thibela liketso tse kotsi hang-hang.

Ho Thibela Litlhaselo Tsa Ente ea SQL
Litlhaselo tsa liente tsa SQL li ikemiselitse ho kenya khoutu e kotsi litatementeng tsa SQL ho fumana lintlha tse sa lumelloeng kapa ho senya database. Latela mehato ena ho thibela litlhaselo tse joalo:

  1. Tsamaea ho Mojule oa Firewall> Thibelo ea ho kenella> Laeborari ea Signature.
  2. Tobetsa ho lets'oao la ntlafatso ho netefatsa hore Boitsebiso ba Laeborari ea Tšhaeno bo nakong.
  3. Beha mokhoa oa ho Tsebisa le ho Thibela ho Firewall Module > Thibelo ea ho Kena > IDS/IPS.
  4. Khetha Boemo ba Tšireletso ea Tšireletso (Botlase, Bohareng, Bo phahameng, Bo phahameng ka ho Fetisisa, kapa Tloaelo) ho latela litlhoko tsa hau.
  5. Beakanya Boemo ba Tšireletso ea Tšireletso ho latela khetho ea hau.

Li-Logs tsa Tšireletso tsa IDS/IPS
Kamora ho hlophisa litlhophiso, tlhaselo efe kapa efe e lekiloeng ea ente ea SQL e tla beoa leihlo le ho thibeloa ke sesebelisoa sa GCC. Tlhahisoleseding e tsamaellanang le eona e tla bontšoa ka har'a li-log tsa ts'ireletso.

Lipotso tse atisang ho botsoa (FAQ)

P: Nalane ea litšokelo e nchafatsoa hangata hakae?
K: Sebaka sa polokelo ea litšokelo se nchafatsoa khafetsa le ka boiketsetso ke GCC ho latela moralo o rekiloeng. Lintlafatso li ka hlophisoa beke le beke kapa ka letsatsi/nako e itseng.

P: Ke mefuta efe ea litlhaselo e behiloeng leihlo Lefapheng le leng le le leng la Tšireletso ea Tšireletso?
A: Maemo a fapaneng a ts'ireletso (a Tlase, a Bohareng, a Phahameng, a Phahameng ka ho Fetisisa, Tloaelo) e beha leihlo le ho thibela litlhaselo tse fapaneng tse kang Ente, Matla a Brute, Path Traversal, DoS, Trojan, Webkhetla, Tšebeliso ea Kotsi, File Kenya, Lisebelisoa tsa Hacking, le Phishing.

Selelekela

Sesebelisoa sa convergence sa GCC se tla se na le likarolo tse peli tsa bohlokoa tsa ts'ireletso e leng IDS (Intrusion discovery System) le IPS (Intrusion Prevention System), e 'ngoe le e' ngoe e sebeletsa morero o itseng oa ho beha leihlo le ho thibela liketso tse mpe ka ho tsebahatsa le ho thibela mefuta e fapaneng le maemo a ts'okelo ka nako ea nnete.

  • Lits'ebetso tsa Ts'ebetso ea Ts'ebetso (IDS): ho lekola sephethephethe le balaoli ba tlhokomeliso ka litšokelo tse ka bang teng ntle le ho kenella ka kotloloho.
  • Intrusion Prevention Systems (IPS): thibela mesebetsi e kotsi hang-hang.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (1)

Tataisong ena, re tla hlophisa tlhahlobo ea ho kenella le ts'ireletso ea thibelo khahlanong le mofuta o le mong o tloaelehileng oa web litlhaselo tse tsejoang e le liente tsa SQL.

Ho thibela litlhaselo ho sebelisa IDS/IPS
Tlhaselo ea ente ea SQL, ke mofuta oa tlhaselo e etselitsoeng ho beha khoutu e mpe liphatlalatsong tsa SQL, ka sepheo sa ho fumana lintlha tse sa lumelloeng ho tsoa ho web polokelongtshedimosetso ya seva, kapa o senye database ka ho kenya taelo e kotsi kapa kenyeletso.
Ka kopo latela mehato e ka tlase ho thibela tlhaselo ea ente:

  • Tsamaea ho Mojule oa Firewall → Thibelo ea ho Kena → Laeborari ea Tlhahiso.
  • Tobetsa letšoao
  • ho etsa bonnete ba hore Boitsebiso ba Laeborari ea Tshaeno bo nakong.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (2)

Hlokomela

  • Sebaka sa polokelo ea litšokelo se ntlafatsoa khafetsa le ka boiketsetso ke GCC ho latela moralo o rekiloeng.
  • Nako ea ntlafatso e ka hlophisoa hore e ka qala beke le beke, kapa ka letsatsi/nako e felletseng.

E ea ho Mojule oa Firewall → Thibelo ea ho Kena → IDS/IPS.
Beha mokhoa oa ho Tsebisa & Thibela, sena se tla beha leihlo bakeng sa ketso efe kapa efe e belaetsang le ho e boloka ka har'a logi ea ts'ireletso, hape e tla thibela mohloli oa tlhaselo.

Khetha Boemo ba Tšireletso ea Tšireletso, maemo a fapaneng a tšireletso a tšehetsoa:

  1. Tlase: Ha tšireletso e behiloe ho "Low", litlhaselo tse latelang li tla behoa leihlo le / kapa li thibetsoe: Ente, Brute Force, Path Traversal, DoS, Trojan, Webkgetla.
  2. Bohareng: Ha ts'ireletso e behiloe ho "Medium", litlhaselo tse latelang li tla beoa leihlo le/kapa ho thijoa: Ente, Brute Force, Path Traversal, DoS, Trojan, Webkhetla, Tšebeliso ea Kotsi, File Kenya, Lisebelisoa tsa Hacking, Phishing.
  3. Holimo: Ha tšireletso e behiloe ho "Phahameng", litlhaselo tse latelang li tla beoa leihlo le/kapa ho thibeloa: Ente, Brute Force, Path Traversal, DoS, Trojan, Webkhetla, Tšebeliso ea Kotsi, File Kenya, Lisebelisoa tsa Hacking, Phishing.
  4. E Holimo Haholo: Li-vector tsohle tsa tlhaselo li tla thijoa.
  5. Tloaelo: boemo ba ts'ireletso ba tloaelo bo lumella mosebelisi ho khetha feela mefuta e ikhethileng ea litlhaselo tse lokelang ho bonoa le ho thibeloa ke sesebelisoa sa GCC, ka kopo sheba karolo ea [Attack Types Definitions] bakeng sa tlhaiso-leseling e batsi, re tla beha Boemo ba Ts'ireletso ea Ts'ireletso ho Tloaelo.

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (3)

Hang ha tlhophiso e se e hlophisitsoe, Haeba mohlaseli a leka ho hlahisa ente ea SQL, e tla beoa leihlo le ho thijoa ke sesebelisoa sa GCC, 'me tlhahisoleseling e tsamaellanang le eona e tla hlahisoa litsing tsa ts'ireletso joalo ka ha ho bonts'itsoe ka tlase:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (4)

Ho view Lintlha tse ling ho log e 'ngoe le e 'ngoe, u ka tobetsa letšoao le lumellanang le keno ea log:

GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (5) GRANDSTREAM-GCC6000-Series-Intrusion-Detection-UC-Plus-Networking-Convergence-Solutions- (6)

Mefuta ea Tlhaselo Litlhaloso

Sesebelisoa sa IDS/IPS se na le bokhoni ba ho itšireletsa khahlanong le li-vector tse fapaneng tsa tlhaselo, re tla hlalosa ka bokhutšoanyane e 'ngoe le e' ngoe ea tsona tafoleng e ka tlase:

Mofuta oa Tlhaselo Tlhaloso Example
Ente Litlhaselo tsa ente li etsahala ha data e sa tšepahaleng e romelloa ho mofetoleli e le karolo ea taelo kapa potso, e qhekellang mofetoleli hore a phethe litaelo tse sa reroang kapa a fumane boitsebiso bo sa lumelloeng. Ente ea SQL ka foromo ea ho kena e ka lumella mohlaseli hore a fete bopaki.
Matla a Brute Litlhaselo tse matla tsa matla li kenyelletsa ho leka li-password kapa li-passwords tse ngata ka tšepo ea hore qetellong u tla hakanya ka nepo ka ho hlahloba li-password tsohle tse ka khonehang. Ho leka ho kopanya li-password tse ngata leqepheng la ho kena.
Unserialize Litlhaselo tsa unserialization li etsahala ha data e sa tšepahaleng e felloa ke matla, e lebisang ho phethisoeng ha khoutu ka mokhoa o itseng kapa tlatlapo e 'ngoe. Mohlaseli ea fanang ka lintho tse lonya.
Boitsebiso Litlhaselo tsa phatlalatso ea tlhahisoleseling li ikemiselitse ho bokella tlhahisoleseling mabapi le sistimi e reriloeng ho thusa litlhaselo tse ling. Ho sebelisa monyetla oa ho ba kotsing ea ho bala litlhophiso tse hlokolosi files.

Tsela ea ho Tsamaea

 Litlhaselo tsa tsela ea ho tšela li reretsoe ho fihlella files le li-directory tse bolokiloeng ka ntle ho web foldara ea motso ka ho fetola mefuta e fapaneng eo re e buang files ka “../” tatelano. Ho fihlella /etc/passwd ho sistimi ea Unix ka ho tšela li-directory.
Tšebeliso ea Likotsi Ho hlekefetsa ho akarelletsa ho nka bohato kapeletage ea bofokoli ba software ho baka boitšoaro bo sa reroang kapa ho fumana phihlello e sa lumelloeng. Ho sebelisa bofokoli ba buffer overflow ho sebelisa khoutu e sa lebelloang.
File Kenya File litlhaselo tsa ho kenya li kenyelletsa ho kenya ka mokhoa o kotsi files ho seva ho etsa likhoutu kapa litaelo tse sa reroang. Ho kenya a web shell script ho fumana taolo holim'a seva.
Marang-rang Protocol Ho beha leihlo le ho lemoha liphoso tsa liprothokholo tsa marang-rang ho tsebahatsa sephethephethe se kotsi c. Tšebeliso e sa tloaelehang ea liprothokholo tse kang ICMP, ARP, joalo-joalo.
DoS (Denial of Service) Litlhaselo tsa DoS li ikemiselitse ho etsa hore mochini kapa lisebelisoa tsa marang-rang li se fumanehe ho basebelisi ba tsona ka ho li sithabetsa ka moroallo oa sephethephethe sa marang-rang c. Ho romela palo e phahameng ea likopo ho a web seva ho qeta lisebelisoa tsa eona.
Phishing Phishing e kenyelletsa ho qhekella batho hore ba hlahise tlhahisoleseling ea lekunutu ka li-imeile tse thetsang kapa weblibaka. Lengolo-tsoibila la bohata le bonahalang eka le tsoa mohloling o tšepahalang, o susumelletsang basebelisi ho kenya mangolo a bona a boitsebiso.
Tunnel Litlhaselo tsa tunneling li kenyelletsa ho kenyelletsa mofuta o mong oa sephethephethe sa marang-rang ka har'a se seng ho feta taolo ea ts'ireletso kapa li-firewall. Ho sebelisa HTTP tunneling ho romela sephethephethe se seng sa HTTP c ka khokahanyo ea HTTP.
IoT (Inthanete ea Lintho) Ho beha leihlo le ho bona liphapang ho lisebelisoa tsa IoT ho thibela litlhaselo tse ka lebisang lisebelisoa tsena. Mekhoa e sa tloaelehang ea puisano e tsoang ho lisebelisoa tsa IoT tse bontšang ho sekisetsa ho ka bang teng.
Trojan Lipere tsa Trojan ke mananeo a kotsi a khelosang basebelisi ba sepheo sa bona sa 'nete, hangata a fana ka mokokotlo ho mohlaseli. Lenaneo le bonahalang le se na kotsi le fang mohlaseli monyetla oa ho kena tsamaisong ha a phethiloe.
CoinMiner CoinMiners ke software e kotsi e etselitsoeng ho rafa cryptocurrency ho sebelisa lisebelisoa tsa mochini o tšoaelitsoeng. Mongolo o patiloeng oa merafo o sebelisang matla a CPU/GPU ho rafa chelete ea crypto.
Seboko Liboko ke malware a ikatisetsang 'ona a hasanang marang-rang ntle le tlhoko ea ho kenella ha batho. Seboko se hasanang ka likarolo tsa marang-rang ho tšoaetsa mechine e mengata.
Thekollo Ransomware e patala motho ea hlokofalitsoeng files mme e batla tefo ea thekollo ho khutlisetsa phihlello ea data. Lenaneo le encrypts files mme e bonts'a lengolo la thekollo le batlang tefo ka chelete ea crypto.
APT (Advanced Persistent Threat) Li-APT ke litlhaselo tsa nako e telele le tse lebisitsoeng tsa marang-rang moo motho ea kenang marang-rang a kenang marang-rang 'me a lula a sa lemohuoe nako e telele. Tlhaselo e rarahaneng e lebisitseng data ea bohlokoa ea mokhatlo o itseng.
Webkgetla Web likhetla ke mangolo a fanang ka a web-based interface bakeng sa bahlaseli ho phethahatsa litaelo ho sekisitsoeng web seva. Script ea PHP e kentsoeng ho a web seva e lumellang mohlaseli ho tsamaisa litaelo tsa khetla.
Lisebelisoa tsa Hacking Lisebelisoa tsa ho qhekella ke software e etselitsoeng ho nolofatsa phihlello e sa lumelloeng ea lits'ebetso. Lisebelisoa tse kang Metasploit kapa Mimikatz tse sebelisetsoang tlhahlobo ea ho kenella kapa ho qhekella ka lonya.

Lisebelisoa tse Tšehetsoeng

 Mohlala oa Sesebelisoa  Firmware ea Hlokahala
 GCC6010W  1.0.1.7+
 GCC6010  1.0.1.7+
 GCC6011  1.0.1.7+

Hloka Tšehetso?
Ha u fumane karabo eo u e batlang? Seke oa tšoenyeha re mona ho tla thusa!

Litokomane / Lisebelisoa

GRANDSTREAM GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions [pdf] Bukana ea Mosebelisi
GCC6000, GCC6000 Series, GCC6000 Series Intrusion Detection UC Plus Networking Convergence Solutions, Intrusion Detection UC Plus Networking Convergence Solutions, Detection UC Plus Networking Convergence Solutions, Networking Convergence Solutions, Solutions

Litšupiso

Related Posts

Tlohela maikutlo

Aterese ea hau ea lengolo-tsoibila e ke ke ea phatlalatsoa. Libaka tse hlokahalang li tšoailoe *