Barazana da Lalacewa akan GNU/Linux: Ku San Maƙiyinku!

GNU / Linux Barazana da Matsaloli: San Maƙiyinku!

Akwai karin bayani daga Sun Tzu (General, dabarun soja da falsafa na tsohuwar China) ya ce: "Idan kun san abokan gaba kuma kun san kanku, bai kamata ku ji tsoron sakamakon daruruwan yaƙe -yaƙe ba. Idan kun san kanku, amma ba maƙiyi ba, don duk nasarar da kuka yi nasara za ku kuma sha kashi. Idan ba ku san maƙiyi ba ko kanku, za ku faɗi cikin kowane yaƙi. ”

Daga wannan jumlar za mu iya kammala cewa sanin raunin mu da raunin abokan hamayyar mu, zai kai mu ga lafiya nasara ko shan kashi. Kuma extrapolating wannan zuwa ga IT, GNU / Linux, na yanzu Kungiyoyin hacker da kuma hare -haren kwamfuta, ya fi bayyana a gare mu, cewa dole ne mu sani dalla -dalla duka namu Tsarin aiki kyauta da budewa kamar raunin rauni wanda wasu na uku za su iya amfani da su, don rage haɗarin na irin wadannan hare -hare.

Ataque APT: Amenazas Avanzadas Persistentes ¿Pueden afectar a Linux?

Hare -haren APT: Barazanar Ci Gaba Mai Dorewa Za Su Iya Shafar Linux?

Kuma tunda kwanan nan mun yi shigarwa mai alaƙa da maudu'i ɗaya kamar na IT Tsaro da kuma Tsaro ta yanar gizo game da GNU / Linux, za mu ba da shawarar bincika shi. Kuma saboda wannan nan da nan za mu bar hanyar haɗin da ke ƙasa don a iya tuntubar sa cikin sauƙi a ƙarshen wannan littafin:

"Za'a iya bayyana" Harin APT "ko Barazanar Ci gaba mai ƙarfi azamann Harin da aka shirya kuma mai rikitarwa wanda ke da nufin samun doguwar samun dama ga tsarin kwamfuta ta mutum ko kungiya mara izini. Dalilin da yasa, babban maƙasudin sa shine yawanci satar bayanai ta hanya mai yawa ko kulawa (sa ido) na ayyukan cibiyar sadarwar kwamfuta da aka kai hari." Hare -haren APT: Barazanar Ci Gaba Mai Dorewa Za Su Iya Shafar Linux?

Labari mai dangantaka:

Hare -haren APT: Barazanar Ci Gaba Mai Dorewa Za Su Iya Shafar Linux?

Consejos de Seguridad Informática para todos en cualquier momento

Labari mai dangantaka:

Nasihun Tsaron Komputa ga Kowa A kowane lokaci, Koina

Labari mai dangantaka:

Wayoyin cuta a cikin GNU / Linux: Gaskiya ko Labari?

Manyan Barazana 2021 da GNU / Linux

Game da Barazana da Matsalolin Kwamfuta

Kafin shiga cikakken cikin Barazanar Kwamfuta da rauninsa fasali daga shekara 2021 para GNU / Linux, a takaice za mu fayyace cewa su iri daya ne, da kuma yadda su biyun suka bambanta. Kuma don wannan, za mu kawo bayani game da Cibiyar Tsaro ta Kasa (INCIBE) daga Spain:

Una damuwa (a cikin sharuddan sarrafa kwamfuta) rauni ne ko gazawa a cikin tsarin bayanai wanda ke sanya tsaron bayanan cikin haɗari kuma yana iya ba da damar mai kai hari ya daidaita amincinsa, kasancewarsa ko sirrinsa, don haka ya zama dole a nemo su kuma a kawar da su da wuri -wuri . Waɗannan "ramuka" na iya samun asali daban -daban, misali: kurakuran ƙira, kurakuran sanyi ko rashin hanyoyin.
A nata bangaren, a barazana Duk wani mataki ne da ke amfani da wata raunin rauni don lalata tsaron tsarin bayanai. A takaice dai, yana iya yin tasiri mara kyau a kan wasu abubuwan tsarin mu. Barazana na iya zuwa daga hare -hare (zamba, sata, ƙwayoyin cuta), abubuwan da suka faru na zahiri (wuta, ambaliya) ko sakaci da yanke shawara na hukumomi (mugun sarrafa kalmar sirri, ba ta amfani da ɓoyewa ba). Daga mahangar kungiya suna iya zama na ciki da na waje.

"Sabili da haka, raunin yanayi shine yanayi da halayen tsarin ƙungiya wanda ke sa ya zama mai saukin kamuwa da barazana. Matsalar ita ce a cikin ainihin duniya, idan akwai rauni, koyaushe za a sami wanda zai yi ƙoƙarin yin amfani da shi, wato amfani da wanzuwar sa." Barazana vs Rashin Ƙarfi, kun san yadda suka bambanta?

Trend Micro Linux 2021-1H Rahoton Barazana

Yanzu shiga cikakken batun da aka yi magana, yana da kyau a haskaka abin da ƙungiyar ta bayyana Trend Micro a halin yanzu Rahoton Barazanar Linux 2021-1H:

"Mutane da yawa suna ɗaukar Linux a matsayin tsarin aiki na musamman don kwanciyar hankali, sassauƙa, da yanayin buɗe tushen. Babban martabarsa yana da goyan bayan manyan nasarorin nasa a cikin 'yan shekarun nan.

Misali, kashi 100% na manyan manyan kwamfutoci 500 na duniya suna gudanar da Linux, kuma kashi 50,5% na manyan gidajen yanar gizon 1.000 na duniya suna amfani da shi, a cewar wani bincike da W3Techs ya yi. Linux ta mamaye girgije, yana gudana akan 90% na ayyukan girgije na jama'a a cikin 2017. Linux kuma tana da tallafi na musamman don mafi girman farashi / aikin girgije ta amfani da na'urori masu haɓaka RISC (ARM), kamar AWS Graviton.

Menene ƙari, yana gudana akan kashi 96,3% na manyan sabobin yanar gizo miliyan XNUMX na duniya, Linux kuma yana iko da agogo mai kaifin basira, jiragen ƙasa masu saurin gudu, har ma da manyan shirye-shiryen sararin samaniya na duniya. Linux yana da ƙarfi, na duniya, kuma abin dogaro, amma ba tare da kurakurai ba; kamar sauran tsarin aiki, ya kasance mai saukin kai hari."

Manyan 15: Abubuwan da ba za a iya amfani da su ba don satar Tsarin Ayyukan Linux

Kuma bisa ga rahoton kamfanin da aka ce, waɗannan su ne Manyan larura 15 da za mu iya fuskanta game da halin yanzu GNU / Linux Operating Systems kan layi:

CVE-2017-5638

Descripción: Rashin ƙarfi a cikin Jakarta Multipart parser a cikin Apache Struts
Babban darajar CVSS: 10.0 - M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2017-9805

Descripción: Rashin ƙarfi a cikin REST Plugin a cikin Apache
Babban darajar CVSS: 8.1 - Babban / Matsakaici
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2018-7600

Descripción: Rashin ƙarfi a cikin Drupal
Babban darajar CVSS: 9.8 - M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-14750

Descripción: Rashin ƙarfi a cikin samfurin Server na WebLogic Server daga Oracle Fusion Middleware
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-25213

Descripción: Rashin ƙarfi a cikin plugin ɗin Mai sarrafa fayil na WordPress (wp-file-manager)
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-17496

Descripción: Sauƙaƙawa a cikin bayanan subWidgets a cikin buƙatar ajax a cikin vBulletin
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-11651

Descripción: Sassauci a cikin shigar da tarin-galaxy tarin a cikin injin-injin
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2017-12611

Descripción: Rashin ƙarfi a cikin Apache Struts a cikin sigogin 2.0.0 / 2.3.33 da sigogin 2.5 / 2.5.10.1
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2017-7657

Descripción: Sassauci a cikin Eclipse Jetty, a cikin sigogin 9.2.x da baya, sigogin 9.3.x / 9.4.x
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2021-29441

Descripción: Rashin ƙarfi a cikin tantancewa (-Dnacos.core.auth.enabled = gaskiya) a cikin Nacos
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-14179

Descripción: Bayyanar Bayyanar Bayanai a Atlassian Jira
Babban darajar CVSS: 5.3 - Matsakaici
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2013-4547

Descripción: Sassauci a cikin sarrafa igiyoyin Nginx URI da ƙuntatawa na shiga
Babban darajar CVSS: 7.5 - Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2019-0230

Descripción: Rashin ƙarfi a cikin kimantawar OGNL a cikin alamun alamar Apache Struts
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2018-11776

Descripción: Rashin lafiyar RCE a cikin Apache Struts OGNL magana
Babban darajar CVSS: 8.1 - Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

CVE-2020-7961

Descripción: Liferay Portal Untrusted Deserialization yanayin shigewa
Babban darajar CVSS: 9.8 M / Mai Girma
Detalles: A Turanci / A cikin Mutanen Espanya

Ƙarin bayani kan sauran raunin rauni

Don ƙarin bayani kan sauran raunin, za ku iya samun dama kai tsaye zuwa ga hanyoyin haɗin Bayanan Bayanai masu zuwa:

Tsaya

A takaice, "Barazana da Matsaloli" A yau, suna yawan kai hare -hare akai -akai sabili da haka, babu abin da ya kamata a bar a cikin aiwatar da duk wani matakin tsaro game da GNU / Linux da sauransu Tsarin aiki, don kaucewa ko rage su. Kuma a cikin wannan jagorar, yana da mahimmanci a san zurfin duk abubuwan raunin baya da na yanzu, da waɗanda za su iya tasowa kowace rana, don fara gyaran da ya dace da wuri -wuri.

Muna fatan wannan littafin zai zama mai matukar amfani ga baki daya «Comunidad de Software Libre y Código Abierto» da kuma babbar gudummawa ga haɓakawa, haɓakawa da yaduwar yanayin ƙasa na aikace-aikacen da ake dasu don «GNU/Linux». Kuma kada ku daina raba shi da wasu, a kan rukunin yanar gizon da kuka fi so, tashoshi, ƙungiyoyi ko al'ummomin hanyoyin sadarwar jama'a ko tsarin aika saƙon. A ƙarshe, ziyarci gidan mu na farko a «DesdeLinux» don bincika ƙarin labarai, da shiga tashar tashar mu ta hukuma Telegram na DesdeLinux.

Bar tsokaci Soke ba da amsa

Paul Cormier Shugaba Red Hat, Inc. m
sa 3 shekaru

Yana da fa'idar buɗe tushen, cewa an gano waɗannan lalatattun…. Tsarin aiki wanda nake so shine Fedora Silverblue, gaba ɗaya mara canzawa ... zai zama mai ban sha'awa don yin bita akan wannan OS
Rungumi, kyakkyawan labarin. Gaisuwa daga Colombia

Amsa ga Paul Cormier Shugaba Red Hat, Inc.
1. Linux Post Shigar m
  sa 3 shekaru
  
  Gaisuwa, Paul. Na gode da sharhin ku kuma eh, da sannu za mu yi rubutu game da wannan Distro. Godiya ga shawarar.
  
  Amsa zuwa Linux Post Shigar
  1. Paul Cormier Shugaba Red Hat, Inc. m
    sa 3 shekaru
    
    Ina so ... Ni mai son karanta wannan gidan yanar gizon ne. Tun lokacin da na fara "Linux" a cikin 2014 ban daina ziyartar ta ba ...
    Binciken Fedora Silverblue zai zama mai ban sha'awa, saboda akwai ƙaramin bayani game da shi, akwai kuma bidiyo kaɗan akan YouTube da bayanin akwai ga mutanen da ke da ilimin ci gaba. Kodayake a bayyane Silverblue yana da ƙarin hanyar tafiya
    Gaisuwa da godiya
    
    Amsa ga Paul Cormier Shugaba Red Hat, Inc.