Kamfanin Cloudflare ya gabatar da laburaren mitmengine da aka yi amfani da shi don gano matsalar HTTPSkazalika da sabis ɗin gidan yanar gizo na Malcolm don nazarin gani na bayanan da aka tara a cikin Cloudflare.
An rubuta lambar a cikin yaren Go kuma an rarraba ta ƙarƙashin lasisin BSD. Kulawar zirga-zirgar Cloudflare ta amfani da kayan aikin da aka gabatar ya nuna cewa kusan 18% na haɗin HTTPS an kama su.
HTTPS tsinkaya
A mafi yawan lokuta, Hanyar HTTPS tana kamawa ta ɓangaren abokin ciniki saboda ayyukan aikace-aikacen riga-kafi na cikin gida, Tacewar wuta, tsarin sarrafa iyaye, malware (don satar kalmomin shiga, maye gurbin talla ko ƙaddamar da lambar hakar ma'adinai) ko tsarin binciken zirga-zirgar kamfanoni.
Irin waɗannan tsarin suna ƙara takaddun TLS ɗin ku a cikin jerin takaddun shaida akan tsarin gida kuma suna amfani da shi don hana zirga-zirgar masu amfani da kariya.
Abokan ciniki aikawa zuwa sabar makoma a madadin software na kutse, bayan haka an amsa abokin ciniki a cikin haɗin HTTPS daban wanda aka kafa ta amfani da takardar shaidar TLS daga tsarin tsinkaye.
A wasu halaye, An shirya tsoma baki a gefen uwar garken lokacin da mai sabar ya canza maɓallin keɓaɓɓe zuwa ɓangare na ukuMisali, mai wakiltar wakili mai juyawa, CDN ko tsarin kariya na DDoS, wanda ke karbar buƙatu na takaddar TLS na asali kuma yana aika su zuwa sabar asali.
A kowane hali, Satarwar HTTPS tana lalata tsarin amintarwa kuma yana gabatar da ƙarin haɗin haɗin gwiwa, wanda ke haifar da raguwar mahimmin matakin kariya haɗi, yayin barin bayyanar kasancewar kariya kuma ba tare da haifar da zato ga masu amfani ba.
Game da mitmengine
Don gano shigar HTTPS ta hanyar Cloudflare, ana miƙa kunshin mitmengine, wanda shigar a kan sabar kuma yana ba da damar gano kutse ta HTTPS, kazalika da tantance waɗanne tsarin aka yi amfani da su don kutse.
Mahimmancin hanyar don ƙayyade tsinkaye ta hanyar kwatanta halayen keɓaɓɓiyar hanyar bincike na TLS tare da ainihin yanayin haɗin.
Dangane da taken wakilin Agent mai amfani, injin yana ƙayyade mai binciken sannan kuma yana kimanta ko halayen haɗin TLSkamar sigogin tsoho na TLS, kari kari, bayyana cipher suite, tsarin fassara cipher, ƙungiyoyi, da kuma tsarin lankwasa elliptic sun dace da wannan burauzar.
Bayanan sa hannun da aka yi amfani dashi don tabbatarwa yana da kusan masu gano tarin TLS na 500 masu bincike don tsarin bincike.
Ana iya tattara bayanai a cikin yanayin wucewa ta nazarin abubuwan cikin filayen a cikin sakon ClientHello, wanda aka watsa a fili kafin shigar da hanyar sadarwa mai ɓoyewa.
Ana amfani da TShark daga Wireshark 3 network analyzer don kama zirga-zirga.
Har ila yau, aikin mitmengine yana ba da laburare don haɗa ayyukan ƙuduri tsakanin masu amfani da sabar sabani.
A cikin mafi sauƙin lamarin, ya isa a wuce darajar thean Amfani da TLS ClientHello na buƙatun yanzu kuma ɗakin karatu zai ba da yiwuwar yin kutse da abubuwan da aka yi la'akari da ɗaya ko wani ƙarshe.
Dangane da ƙididdigar zirga-zirga wucewa ta hanyar hanyar sadarwar abun cikin Cloudflare, wanda aiwatar kusan 10% na duk zirga-zirgar Intanet, an ƙaddamar da sabis na yanar gizo wanda ke nuna canji a cikin tasirin sakonnin yau da kullun.
Misali, wata daya da suka wuce, an yi rikodin katsalandan don kashi 13.27% na mahadi, a ranar 19 ga Maris, adadin ya kai 17.53%, kuma a ranar 13 ga Maris ya kai kololuwar 19.02%.
Kwatantawa
Mafi mashahuri injin katsalandan shine Symantec Bluecoat's tsarin tacewa, wanda ke samar da kashi 94.53% na duk buƙatun sakonnin da aka gano.
Wannan yana biye da wakili na baya na Akamai (4.57%), Forcepoint (0.54%) da Barracuda (0.32%).
Ba a haɗa yawancin rigakafin riga-kafi da tsarin kula da iyaye a cikin samfurin masu hana shiga ciki ba, saboda ba a tattara sa hannu isa don ainihin ganowa ba.
A cikin 52,35% na shari'o'in, an katse zirga-zirgar sassan tebur na masu binciken kuma a cikin 45,44% na masu bincike don na'urorin hannu.
Dangane da tsarin aiki, ƙididdigar sune kamar haka: Android (35.22%), Windows 10 (22.23%), Windows 7 (13.13%), iOS (11.88%), sauran tsarin aiki (17.54%).
Source: https://blog.cloudflare.com