Ukuhlaselwa kwe-APT: Izinsongo Zokuqhubeka Ezithuthukile Zingayithinta I-Linux?

Ukuhlaselwa kwe-APT: Izinsongo Zokuqhubeka Ezithuthukile Zingayithinta I-Linux?

Ukuhlaselwa kwe-APT: Izinsongo Zokuqhubeka Ezithuthukile Zingayithinta I-Linux?

Namuhla, ukushicilelwa kwethu kuvela emkhakheni we Ukuphepha Kwe-IT, ikakhulukazi endabeni yalokho manje okwaziwa ngokuthi "Ukuhlaselwa kwe-APT" o Usongo Oluqhubekayo Oluthuthukile

Futhi uma zingathinta i- Izinhlelo ezisebenza mahhala futhi ezivulekile kusekelwe ku I-GNU / Linux, nokuthi singenza kanjani ukuzigwema noma ukuzinciphisa.

Amathiphu Wokuphepha we-IT wawo wonke umuntu nganoma yisiphi isikhathi

Amathiphu Wokuphepha we-IT wawo wonke umuntu nganoma yisiphi isikhathi

Masikhumbule ukuthi, zonke izinhlobo ze- ukuhlaselwa kwamakhompyutha zivame ukubhekiswa kakhulu Izinhlelo Zokusebenza ezizimele, ezivaliwe nezentengiselwano njengoba IWindows ne-MacOS. Lokhu kungenxa yokuthandwa kwabo okuphezulu.

Kodwa-ke, noma kukhona umbono ojwayelekile wokuthi I-GNU / Linux Kuyinto a Uhlelo oluphephile kakhulu lokusebenza, okuyiqiniso impela, lokho akusho ukuthi ayingeni kalula ukuhlaselwa kwekhodi enonya.

Futhi-ke, kubalulekile ukulandela noma yikuphi isincomo noma iseluleko ukusisiza emsebenzini wokulondolozwa kwethu ukuphepha kwe-cyber. Amathiphu afana nalawo esike sabhekana nawo phambilini, futhi sizokwabelana ngawo futhi, ngokushesha sishiya isixhumanisi sencwadi esedlule esike yahlobene kanye nezinye ezifanayo ngezansi:

"Noma ngabe sisekhaya, emgwaqweni noma emsebenzini, egameni lokukhiqiza noma lokunethezeka, imvamisa senza imisebenzi noma senze izinto ezivame ukungqubuzana nemikhuba emihle ku-Computer Security, ekuhambeni kwesikhathi engadala izinkinga ezinkulu noma izindleko kubo noma kwabanye. Ngakho-ke, ukuhlanganiswa kwezinyathelo ezidingekayo nezibalulekile zokuphepha kwamakhompiyutha emisebenzini yethu, yomuntu siqu nomsebenzi, kungenye yezindlela ezingcono kakhulu zokwenza umkhiqizo wethu uqobo noma njengabasebenzi, noma izinkampani zethu noma izinhlangano lapho sisebenza khona." Amathiphu Wokuphepha Kwikhompyutha Wawo Wonke Umuntu Noma Kunini, Noma Kuphi

Amathiphu Wokuphepha we-IT wawo wonke umuntu nganoma yisiphi isikhathi
I-athikili ehlobene:
Amathiphu Wokuphepha Kwikhompyutha Wawo Wonke Umuntu Noma Kunini, Noma Kuphi
ISigstore: Iphrojekthi yokwenza ngcono ukuthengwa kwemithombo evulekile
I-athikili ehlobene:
ISigstore: Iphrojekthi yokwenza ngcono ukuthengwa kwemithombo evulekile
I-athikili ehlobene:
Amagciwane ku-GNU / Linux: Iqiniso noma Inganekwane?

Ukuhlaselwa kwe-APT: Usongo Oluqhubekayo Oluqhubekayo

Ukuhlaselwa kwe-APT: Usongo Oluqhubekayo Oluqhubekayo

Ezingeni lezindaba, ikakhulukazi eminyakeni yamuva nje, sikwazile ukubonga i- ukwanda kokuhlaselwa kwe-cyber, emazweni kanye nasezinhlanganweni zomphakathi nezizimele. Ikakhulukazi manje, ngokwanda kwe- umsebenzi wokude (telecommuting) ngenxa yesimo se Ubhubhane lwe-covid-19. Izindaba ze ukuhlaselwa kokuthengwa kwempahla, ukuhlaselwa kwe-ransomware noma ukuhlaselwa kwe-cyber espionage, phakathi kokunye, kuzwakala kakhulu namuhla.

Kodwa-ke, kukhona uhlobo lokuhlaselwa okuya ngokuya luthandwa kakhulu futhi olungathinta iziguli ngempumelelo enkulu. Izinhlelo Zokusebenza Ezisuselwa ku-GNU / Linux. Futhi lolu hlobo lokuhlaselwa kwe-cyber lwaziwa njenge "Ukuhlaselwa kwe-APT" o Usongo Oluqhubekayo Oluthuthukile.

Kuyini Ukuhlaselwa kwe-APT?

Un "Ukuhlaselwa kwe-APT" ingachazwa njenge:

"Ukuhlasela okuhleliwe kugxile ekutholeni ukufinyelela isikhathi eside kohlelo lomuntu ongagunyaziwe noma iqembu. Isizathu sokuthi kungani, inhloso yayo enkulu imvamisa ukwebiwa kwedatha ngendlela enkulu noma ukugadwa (ukuqapha) komsebenzi wenethiwekhi yekhompyutha ehlaselwe. Ukuhlaselwa kwe-APT kuvame ukuba yinkimbinkimbi kakhulu, ngoba, ngokwesibonelo, imvamisa ihlanganisa amasu ahlukile njenge-SQL ne-XSS. Ngakho-ke, ukugwema noma ukuzivikela kubo kudinga amasu okuthuthuka nokuqina wekhompyutha."

Ngokuningiliziwe, ama-akhronimi I-APT (Usongo Oluqhubekayo Oluthuthukile) Bukela ku:

Kuthuthukile

Inoveli nokusetshenziswa okuyinkimbinkimbi kwamasu wokugenca ahlukahlukene futhi aziwayo ukufeza izinhloso ezinonya ezibekiwe. Eziningi zalezi zindlela ngokwazo azinabungozi kangako noma azisebenzi kahle, kepha uma zihlanganiswa futhi zasetshenziswa zingavumela noma yimuphi umuntu noma iqembu ukuthola ukufinyelela, futhi zenze umonakalo omkhulu ohlelweni oluhlaselwe.

Ukuphikelela

Isikhathi esiningi kakhulu ukuhlaselwa okunjalo kungathatha ngaphakathi kohlelo oluhlaselwe ngaphambi kokuthi kutholakale. Lokhu ngaphezu kwakho konke kubalulekile, ngoba kuvumela ukufezekiswa kwenhloso yayo enkulu, okungukuthi, ukweba (ukukhipha) idatha eningi ngangokunokwenzeka. Ukwebela nokungatholakali ukufeza isikhathi eside kunazo zonke ekuhlaselweni yikho okuphawula amaqembu asebenzisa lezi zindlela.

Usongo

Usongo olukhulu olubangelwa ukuhlaselwa kwalokhu, okuhlanganisa izinhlelo ezinonya ezikwazi ukuhlasela amasistimu ekhompyutha ngokunyenya isikhathi eside zokweba idatha nokufunda imininingwane ebucayi ngemisebenzi. Futhi bonke abahlaseli abanentshisekelo enkulu banikezwe amakhono obuchwepheshe nezinsizakusebenza ezingajwayelekile ezinhlanganweni, ngokuvamile ezihlinzeka ngezinsizakalo ezibucayi noma eziphatha imininingwane ebucayi evela kubasebenzisi bangaphakathi namakhasimende.

Singakugwema kanjani ukuhlaselwa kohlobo lwe-APT ku-GNU / Linux?

Kakhulu ngenxa Amakhompyutha ngokuqondene Amaseva, nge I-GNU / Linux noma amanye ama-Operating Systems, inhloso ukusebenzisa izindlela eziningi ngangokunokwenzeka, phakathi kwazo singasho kafushane okulandelayo:

Izenzo Eziyisisekelo

  1. Lungiselela ngokucophelela ama-firewall (ama) asetshenzisiwe, uqinisekise ukuthi agcina izingodo zomcimbi futhi avimbe wonke amachweba angasetshenziswanga.
  2. Dala uhlu lwemithombo ethembekile yesoftware (amakhosombe), vimba ukufakwa kwesoftware nemibhalo evela kwimithombo evela eceleni.
  3. Cwaninga njalo imishini yekhompyutha nezinhlelo, ukuhlola izingodo zomcimbi ukuthola izinkomba zokuhlaselwa. Futhi, yenza izivivinyo zokungena njalo.
  4. Sebenzisa, lapho kungenzeka khona, izindlela ezimbili zokufakazela ubuqiniso namathokheni okuphepha. Futhi qinisa ukusetshenziswa kwamaphasiwedi aqinile aguqulwa kaningi.
  5. Vuselela ama-Operating Systems futhi ufake izinhlelo zokusebenza ngesikhathi. Kungakuhle uhlele izibuyekezo ezizenzakalelayo, ugweme noma yiziphi izibuyekezo ngeziteshi ezingenakuqinisekiswa nezingenakubethelwa.

Izenzo ezithuthukisiwe

  1. Sebenzisa lapho kungenzeka khona futhi lapho kudingeka khona, amadivayisi anamasistimu abethelwe, i-Trusted Boot namathuluzi wokulawula ubuqotho be-hardware. Ikakhulukazi ukugwema ukuhlaselwa okuvela ngaphakathi. Futhi uma kunesidingo, faka amathuluzi anciphisa amathuba okusebenzisa ubungozi kusuka ku-Spear Phishing nokuphahlazeka kohlelo lokusebenza.
  2. Sebenzisa amathuluzi afana ne-Honeypot nama-Honeynets, asebenza njengama-decoys (okuqondiwe okulula) ukuze noma yimuphi umzamo wokungena utholwe ngokushesha, futhi ukulungiswa okudingekayo kungenziwa kusebenze ngesikhathi, ngokusebenzisa ukutadishwa kwamasu asetshenziswa ngabangenele abeke engcupheni ukuphepha kwenethiwekhi.
  3. Sebenzisa i-Intrusion Detection Systems (IDS) kunethiwekhi, ukuthola nokuvimbela abahlaseli ekwenzeni i-ARP spoofing, Rogue DHCP server noma okunye ukuhlaselwa; kanye ne-Host-based Intrusion Detection Systems (HIDS) kwimishini, ukuqapha isimo sohlelo lwekhompyutha ngayinye nokuxwayisa ngesikhathi sezinsongo ezingaba khona.
  4. Sebenzisa izixazululo ezithuthukisiwe (ezinamandla) zokuphepha kwamakhompiyutha, ikakhulukazi ngama-Antivirus noma ama-Antimalware Systems, ngoba amasistimu ajwayelekile awavami ukusebenza kuwo. Futhi, maqondana ne-firewall (firewall). Njengoba umuntu othuthuke kahle (onamandla) angahlukanisa kahle imvelo yethu yekhompiyutha kusuka ngaphandle futhi amiswe kahle kungasivumela ukuthi sithole ukuhlaselwa kwe-APT, ngokuqapha nokuhlaziya ukuhamba kwedatha yokufaka nokukhiphayo.

Ngamafuphi, qinisa futhi uthuthukise imishini namathuluzi, imikhuba esetshenzisiwe, izivumelwano, imithetho nezinqubo ezisetshenziswayo ukuze zisebenze, futhi kwenze umsebenzisi ngamunye azi ngabo ukukhulisa ukuphepha kwamakhompyutha kwabo bonke.

Ngeminye imininingwane nge «Ukuhlaselwa kwe-APT», Sincoma ukuhlola izixhumanisi ezilandelayo: Isixhumanisi se-1 y Isixhumanisi se-2.

Isifinyezo: Izincwadi ezahlukahlukene

Isifingqo

Ngamafuphi, kusobala ukuthi esikwaziyo njenge "Ukuhlaselwa kwe-APT" Namuhla, baba ukuhlaselwa okuqhubekayo, okwenziwa yi Izigebengu ze-cyber lokho kubeka umzamo owengeziwe nobuciko ngesikhathi sokufeza. Sebenzisa nokuhlanganisa konke okungenzeka ukufeza izinhloso zabo ezingenampilo. Futhi-ke, musa ukweqa isikhombimsebenzisi se- ukuqaliswa kwanoma iyiphi indlela yokuphepha cishe I-GNU / Linux nabanye Izinhlelo zokusebenza ukuzigwema noma ukuzinciphisa.

Siyethemba ukuthi le ncwadi izosiza kakhulu kuwo wonke umuntu «Comunidad de Software Libre y Código Abierto» kanye negalelo elikhulu ekuthuthukisweni, ekukhuleni nasekusakazweni kohlelo lokuphilayo lwezinhlelo zokusebenza ezitholakalayo «GNU/Linux». Futhi ungayeki ukuwabelana nabanye, kumawebhusayithi wakho owathandayo, iziteshi, amaqembu noma imiphakathi yokuxhumana nabantu noma amasistimu wokuthumela imiyalezo. Ekugcineni, vakashela ikhasi lethu lasekhaya ku- «DesdeLinux» ukuhlola ezinye izindaba, bese ujoyina isiteshi sethu esisemthethweni se- I-Telegram ye DesdeLinux.


Amazwana ayi-2, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   Isikhulu esiphezulu sePaul Cormier iRed Hat, Inc. kusho

    Indatshana enhle kakhulu. Kubhalwe kahle kakhulu futhi kuyasebenziseka kulesi sikhathi lapho ama-ICT abaluleke kakhulu. Futhi umuntu uyethemba ngoba njengoba ucabanga ukuthi ku- "Linux" awekho amagciwane afana neWindows ... futhi kuvela ukuthi nawe kufanele uhambe njengaphakathi kwamagobolondo amaqanda
    Ukubingelela okuvela eColombia

    1.    Ukufaka kwe-Linux Post kusho

      Sanibonani, Paul Cormier. Ngiyabonga ngempendulo yakho, futhi kuyintokozo ekhethekile ukuthi uyithandile. Sihlala silangazelela ukwabelana ngokuqukethwe kwekhwalithi noMphakathi we-IT, ikakhulukazi labo abathanda i-Free Software, Open Source ne-GNU / Linux.