Sisopha kumanxeba ahlaselwe yintliziyo asishiya ngaphantsi konyaka odlulileyo kwaye umhlaba ovulekileyo ubethwe ngomnye umba ophambili wezokhuseleko: IGHOST, umngxunya wokhuseleko kwilayibrari yeLinux ye-glibc. Ngeli xesha, nangona kunjalo, owona mngcipheko usezantsi… sicacisa ukuba kutheni ngezantsi.
Yintoni iGHOST?
Ubungozi be-GHOST, obabhengezwe kwiveki ephelileyo ngabaphandi bezokhuseleko eQualys, bahlala kwimisebenzi yegama le-gethostbyname yelayibrari ye-glibc. Kulabo abangaziyo, i-glibc ligama ezaziwa ngalo iilayibrari ze-GNU C, uninzi lweenkqubo zeLinux kunye neenkqubo ezininzi zesoftware ezisimahla ezihlanganiswayo. Ngokukodwa, imisebenzi ye-gethostbyname isetyenziselwa ukusombulula amagama e-domain kwiidilesi ze-IP, kwaye zisetyenziswa ngokubanzi kwizicelo zomthombo ovulekileyo.
Abahlaseli banokuxhaphaza umngxunya wokhuseleko we-GHOST ukwenza ukugcwala kwenkumbulo, okwenza ukuba kusebenze naluphi na uhlobo lwekhowudi enobungozi kwaye benze zonke iintlobo zezinto ezimbi.
Zonke ezi zinto zingasentla zibonisa ukuba i-GHOST yindaba ezimbi ngokwenene kubathandi besoftware yasimahla. Ngethamsanqa, umngcipheko wokwenene ubonakala ungekho mkhulu kangako. Kuyabonakala ukuba ibug yalungiswa ngoMeyi 2013, oko kuthetha ukuba nayiphi na iseva yeLinux okanye iPC eneenguqulelo zamva nje zesoftware zikhuselekile kuhlaselo.
Ukongeza, imisebenzi ye-gethostbyname ithathelwe indawo zezintsha ezinokuphatha ngcono iimeko zenethiwekhi zangoku, njengoko zibandakanya inkxaso ye-IPv6, phakathi kwezinye izinto ezinqabileyo. Ngenxa yoko, ukusetyenziswa okutsha rhoqo akusasebenzi kwimisebenzi yegama le-gethostbyname kwaye akukho mngcipheko.
Kwaye okona kubaluleke kakhulu, okwangoku akukho ndlela yaziwayo yokwenza uhlaselo lwe-GHOST kwiwebhu. Oku kunciphisa kakhulu amathuba okusebenzisa obu bungozi ukuba idatha kubasebenzisi abangalindelanga okanye ekwenzeni umonakalo omkhulu.
Ekugqibeleni, kubonakala ngathi i-GHOST ayisiyonto imbi njengobungozi Intliziyo o Shellshock, imingxunya yokhuseleko yakutshanje ethi Zichaphazele kakubi isoftware yasimahla ngokubanzi kunye neLinux ngokukodwa.
Wazi njani ukuba i-GHOST inokukuchaphazela?
Kulula, kuya kufuneka uvule i-terminal kwaye ufake lo myalelo ulandelayo:
ldd - inguqu
Kuya kubuya into efana nale:
ldd (Ubuntu GLIBC 2.19-10ubuntu2) 2.19 Ilungelo lokushicilela (C) 2014 Simahla yeSoftware Foundation, Inc. Isoftware yasimahla le; bona umthombo weemeko zokukopa. AKUKHO iwaranti; nditsho nokuba kungenxa yorhwebo okanye ukulungela injongo ethile. Ibhalwe nguRoland McGrath kunye no-Ulrich Drepper.
Ukukhuseleka, uhlobo lwe-glibc kufuneka lube ngaphezulu kune-2.17. Umzekelo, i-2.19 ifakiwe. Ukuba usasebenzisa uhlobo lwakudala, kufuneka usebenzise le miyalelo ilandelayo (okanye izinto ezifanayo kusasazo lwakho):
Sudo apt-fumana uhlaziyo lwe-sudo apt-fumana ukuphuculwa kokuhlaziya
Emva kofakelo kufuneka uyiqale kabusha iPC ngalo myalelo ulandelayo:
sudo kabusha
Okokugqibela, kuya kufuneka usebenzise i-ldd elinye ixesha lokujonga uhlobo lwe-gblic.
Nditshintshe ukusuka windows ukuya eLinux ... kuba bathi iLinux ikhuselekile, kodwa inyani yahlukile, intsholongwane emva kwentsholongwane abayifumeneyo kwiLinux, enje nge (rootkit, bash sesichengeni kunye ne-GHOST), okubi kakhulu .... le ntsholongwane ye-Ghost bathi yaziswa ukusukela ngo-2003.
AkukhoNkqubo yokuSebenza ikhuselekile ngokupheleleyo, kodwa ukuba ndinokukuqinisekisa ngento yokuba iLinux ikhuseleke ngakumbi kuneWindows. Ngoku ndiyakubuza ukuba bangaphi abantu abaye bachaphazeleka ngokwenyani yile ibizwa ngokuba yiGhost? Kungenxa yokuba yayikho okoko iidinosaurs ayithethi ukuba iye yaxhaphazeka ukusukela oko.
Ndiyakuqinisekisa ukuba ingxaki yezokhuseleko ayisiyiyo inkqubo yokusebenza, kodwa ngasemva kwekhibhodi
Yintoni inkqubo efuna unqulo, windows. Akusekho ntetho.
I-PS: Khangela i-antivirus kwiwindows kuGoogle, kwaye sele zikhona iziphumo zeenkqubo ezingezizo ezenza intengiso, iTrojans okanye enye i-malware ezenza njenge-creavirus (uxolo, intsholongwane).
Phendula nge quote
Ndingatsho ukuba ndihlawula ityala lotywala kumntu ngamnye ondibonisa ubungqina bokuba lixhoba lentsholongwane okanye i-malware kwiLinux ... kwaye phantse ngokuqinisekileyo, kokukhona ndingabhatala u-2 okanye u-3 ubukhulu becala
Ngaba ukhalaza malunga neentsholongwane ezi-3 okanye ezi-4 eziphambili kwiLinux? Iintsholongwane yeWindows ziphuma ngalo lonke ixesha ukusukela ukuba sesichengeni kukhulu kakhulu kwiinkqubo zolu hlobo. I-Linux ikhuseleke kakhulu kodwa ayisiyo-OS ikhuselekileyo emhlabeni, kodwa ikhuselekile kwaye ingaphezulu kweWindows.
NGESIXHOSA BATHI:
Ukuba sesichengeni okuvumela ukulawulwa kweLinux, le mpazamo yokhuseleko inokusetyenziswa ngokusebenzisa i-gethostbyname glibc, esetyenziswa phantse kuzo zonke iikhompyuter ze-Linux ezithunyelwayo, xa indawo ibiza enye isebenzisa ifayile / njl / imikhosi okanye ukusebenzisa i-DNS. Konke okufuneka ukwenze kuhlaselo kubangela ukugcwala kwempazamo usebenzisa igama elingavumelekanga kwinkonzo yokubamba i-DNS. Oku kwenza ukuba umhlaseli asebenzise inkqubo ngokusebenzisa umsebenzisi we-DNS, ngaphandle kokwazi iziqinisekiso zakho.
Yintoni ebethayo malunga noku kubeka esichengeni, ekuxelwe esidlangalaleni iintsuku zokugqibela, bendikwi-glibc ukusukela ngo-2000 kwaye khange ndisonjululwe de kwaba li-2013.
Ukuba semngciphekweni kusonjululwe kwangoko, kwi-2012 xa kwakhutshwa i-Glibc 2.17, okwenzekileyo kukuba iinguqulelo ze-LTS ezininzi ze-Linux OS azibandakanyi i-patch ehambelanayo yeenguqulelo ngaphambi kwe-Glibc 2.17, yile nto yenzekileyo.
Okokuqala, akukho mntu uthetha ngeentsholongwane, bathetha malunga nokuba sesichengeni, into eyahluke mpela.
Okwesibini, ukuba usebenzisa iFreeBSD (ukuba awusebenzisi mod yeArhente yoMsebenzisi), ayikusindisi kwezi ngxaki, iFreeBSD ikwanobuzaza obudala-njengolu.
http://www.securitybydefault.com/2011/12/exploit-para-vulnerabilidad-de.html
Ungalibali i-OpenBSD.
Le ayisiyintsholongwane!
Kodwa eyona nto ibalulekileyo kukuba ukhuseleko yimvakalelo!
Xa uqonda ukuba yonke into iyacaca
Ukuze wazi amanye amava ndiyakuxelela ukuba udadewethu wayenencwadana ethi emva kokufakwa kabini kweXP wandicela ukuba nditshintshele kwiLinux kwaye de i-hardware yakhe yonakaliswe engenayo ingxaki. Kuyafana endlwini kamamazala wam, iminyaka emithathu ngaphandle kwengxaki kwaye xa ndifaka iWindows kwenye indawo yokwahlulahlula imidlalo yabakhwenyana bam, akuphelanga nenyanga kungekho malware elawula umzila wakhe. Kwaye yimizekelo nje emibini.
Kwenzeka into efanayo endlwini yam, akukho mntu ufuna ukubuya neefestile.
Nokuba i-OpenBSD inobungozi obungasombululwanga, kwaye ukuyikhupha phezulu, i-GHOST yingozi, kungekhona intsholongwane ngokwayo. Ukukhathazeka malunga nokuba unayo i-Shellshock okanye i-Heartbleed.
Kwaye, yintoni le ndiyenzayo kweli dangatye?
Funda oku uze uthethe:
http://www.taringa.net/posts/linux/18068456/Virus-en-GNU-Linux-Realidad-o-mito.html
HAHAHAHAHA enyanisweni inqaku lokuqala lelethu: https://blog.desdelinux.net/virus-en-gnulinux-realidad-o-mito/
Hahaha, khange ndikhumbule nokuba hehehe.