LFCA: Yadda za a Inganta Tsaro na Yanar Gizon Linux - Sashe na 19

A cikin duniyar da ke da alaƙa da haɗin kai, tsaro na cibiyar sadarwa yana ƙara zama ɗayan wuraren da ƙungiyoyi ke saka hannun jari mai yawa da lokaci. Wannan saboda cibiyar sadarwar kamfani ita ce kashin bayan duk wani kayan aikin IT kuma tana haɗa dukkan sabobin da na'urorin hanyar sadarwa. Idan aka lalata hanyar sadarwar, kungiyar zata kasance cikin jinkan maharan. Za'a iya sake kera muhimman bayanai kuma za a iya saukar da ayyuka da ke tsakiyar kasuwanci da aikace-aikace.

Tsaro na hanyar sadarwa babban batun ne kuma yawanci ana ɗaukar salo biyu. Masu kula da hanyar sadarwa galibi za su girka na'urorin tsaro na cibiyar sadarwa kamar Firewalls, IDS (Intrusion Detection Systems) & IPS (Tsarin Rigakafin Intrusion) azaman layin farko na tsaro. Duk da yake wannan na iya samar da kyakkyawan tsaro, ana buƙatar ɗaukar wasu ƙarin matakai a matakin OS don hana duk wata ɓata doka.

A wannan lokacin, ya kamata ku riga kun saba da hanyoyin sadarwa kamar su adireshin IP da sabis na TCP/IP da ladabi. Hakanan ya kamata ku kasance da sauri tare da mahimman bayanan tsaro kamar kafa kalmomin shiga masu ƙarfi da saita bango.

Kafin mu rufe matakai daban-daban don tabbatar da amincin tsarinku, bari da farko muyi wani bayyani game da wasu barazanar yanar gizo.

Menene Harshen Yanar Gizo?

Babbar hanyar sadarwa mai rikitarwa na iya dogara da maƙasudin haɗa abubuwa da yawa don tallafawa ayyukan kasuwanci. Duk da yake wannan na iya samar da haɗin haɗin da ake buƙata don daidaita ayyukan gudana, yana haifar da ƙalubalen tsaro. Flexibilityarin sassauci yana fassara zuwa shimfidar ƙasa mai faɗi wanda maharin zai iya amfani dashi don ƙaddamar da harin hanyar sadarwa.

Don haka, menene harin cibiyar sadarwa?

Harin hanyar sadarwa hanya ce mara izini ga hanyar sadarwar kungiya tare da manufar kawai samun dama da satar bayanai da kuma yin wasu ayyuka marasa kyau kamar lalata shafin yanar gizo da aikace-aikacen lalata.

Akwai manyan nau'ikan nau'ikan hare-haren cibiyar sadarwa.

• Harin wucewa: A cikin harin wucewa, ɗan fashin kwamfuta yana samun damar izini ta hanyar leken asiri da satar bayanai ba tare da gyaggyarawa ko lalata shi ba.
• Attack Attack: Anan, maharin ba kawai ya kutsa cikin hanyar sadarwar bane don satar bayanai kawai amma yana canzawa, sharewa, lalata, ko ɓoye bayanan kuma ya murkushe aikace-aikace, kuma ya kawo ayyukan da ke gudana. Gaskiya ne, wannan shi ne mafi ɓarna daga hare-haren biyu.

Nau'in Harin Kai Tsaye

Bari mu wuce wasu hare-haren cibiyar sadarwa na yau da kullun waɗanda zasu iya daidaita tsarin Linux ɗin ku:

Gudanar da tsoffin tsoffin sifofin software na iya sanya tsarin ku cikin haɗari, kuma wannan galibi saboda yanayin raunin yanayi & bayan fage da ke ɓoye a ciki. A cikin batun da ya gabata game da tsaron bayanai, mun ga yadda masu kutse suka yi amfani da yanayin rauni na tashar kwastomomi ta Equifax wanda hakan ya haifar da daya daga cikin mahimman bayanai keta bayanai.

Yana da wannan dalilin cewa yana da kyau koyaushe a yi amfani da facin software koyaushe ta haɓaka aikace-aikacen software ɗinku zuwa sabbin sigar.

Namiji a cikin harin tsakiyar, wanda aka fi sani da MITM, wani hari ne inda maƙiyi ya katse hanyar sadarwa tsakanin mai amfani da aikace-aikacen ko ƙarshen abin. Ta hanyar sanya kansa tsakanin halattaccen mai amfani da aikace-aikacen, maharin zai iya cire ɓoyayyen ɓoyayyen bayanan kuma ya saurara kan sadarwa da aka aika zuwa da daga. Wannan yana ba shi damar dawo da bayanan sirri kamar takaddun shiga, da sauran bayanan da za a iya gano su da kansu.

Abubuwan da ake tsammani na wannan harin sun haɗa da shafukan eCommerce, kasuwancin SaaS, da aikace-aikacen kuɗi. Don ƙaddamar da irin waɗannan hare-haren, masu fashin kwamfuta suna amfani da kayan aikin ƙanshin fakiti waɗanda ke kama fakitoci daga na'urori mara waya. Dan gwanin dan wasan sannan ya shigar da wata mummunar lamba a cikin fakiti da ake musayarsu.

Malware babbar hanya ce ta Malware Software kuma ta ƙunshi nau'ikan aikace-aikace masu ɓarna kamar ƙwayoyin cuta, trojans, spyware, da ransomware don ambaton kaɗan. Da zarar cikin cikin hanyar sadarwa, malware suna yaɗawa a cikin na'urori da sabobin daban-daban.

Dogaro da nau'in malware, sakamakon zai iya zama mai cutarwa. Virwayoyin cuta da kayan leken asiri suna da damar leƙo asirin ƙasa, sata & ɓatar da bayanan sirri sosai, lalata ko share fayiloli, rage hanyar sadarwa, har ma da satar aikace-aikace. Ransomware yana ɓoye fayiloli wanda yake ba da izinin to sai dai idan wanda aka azabtar ya ba da adadin kuɗi a matsayin fansa.

Harin DDoS hari ne inda muguwar mai amfani ta sanya tsarin da ba za a iya samunsa ba, kuma yin hakan yana hana masu amfani samun dama ga ayyuka da aikace-aikace masu mahimmanci. Maharin ya aiwatar da wannan ta amfani da botnets don ambaliyar tsarin manufa da adadi mai yawa na fakitin SYN wanda a karshe ya bashi damar samun damar zuwa wani lokaci. Hare-haren DDoS na iya saukar da rumbunan adana bayanai da yanar gizo.

Ma'aikatan da ke cikin damuwa da damar dama suna iya daidaita tsarin. Irin waɗannan hare-haren yawanci suna da wahalar ganowa da kariya tun da ma'aikata ba sa buƙatar kutsa cikin cibiyar sadarwar. Allyari, wasu ma'aikata na iya cutar da cibiyar sadarwar da gangan ba tare da izini ba lokacin da suka shigar da na'urorin USB tare da malware.

Rage Hare-Haren Yanar Gizo

Bari mu bincika measuresan matakan da zaku iya ɗauka don sanya shinge wanda zai samar da babban matakin tsaro don rage hare-haren cibiyar sadarwa.

A matakin OS, sabunta abubuwan fakitin software dinka zai magance duk wani rauni da ake da shi wanda zai iya sanya tsarin ka cikin hatsarin abubuwan da masu fashin kwamfuta suka kaddamar.

Baya ga katangar gidan yanar sadarwar da galibi ke bayar da layin farko na kariya daga kutse, za kuma ku iya aiwatar da katangar gida mai gida irin ta Firewall ta UFW. Waɗannan su ne aikace-aikace na Tacewar zaɓi mai sauƙi amma mai inganci waɗanda ke ba da ƙarin tsaro ta hanyar tace zirga-zirgar hanyar sadarwa ta hanyar tsarin ƙa'idodi.

Idan kuna da ayyukan da ba a amfani dasu sosai, musaki su. Wannan yana taimakawa rage girman harin kuma ya bar maharin tare da ƙananan zaɓuɓɓuka don haɓakawa da nemo kofofin.

A cikin wannan layin, kuna amfani da kayan aikin bincike na hanyar sadarwa kamar Nmap don yin bincike da bincika kowane tashar buɗewa. Idan akwai tashoshin da ba su zama dole ba wadanda suke a bude, yi la’akari da toshe su a bango.

Masu rufe TCP sune ACLs masu masaukin baki (Lists Control Lists) waɗanda ke ƙuntata damar isa ga sabis na hanyar sadarwa bisa tsarin ƙa'idodi kamar adiresoshin IP. Masu rufe TCP suna yin amfani da fayilolin masu karɓar masu zuwa don ƙayyade inda za a ba abokin ciniki ko hana shi damar sabis na hanyar sadarwa.

• /etc/hosts.allow
• /etc/hosts.deny

Bayan 'yan maki don lura:

1. Ana karanta dokoki daga sama zuwa ƙasa. Dokar daidaitawa ta farko don sabis ɗin da aka bayar an fara amfani da ita. Lura cewa umarnin yana da matukar mahimmanci.
2. Ana amfani da dokoki a cikin /etc/hosts.allow da farko kuma suna fifiko kan ƙa'idar da aka bayyana a cikin fayil ɗin /etc/hosts.deny. Wannan yana nuna cewa idan aka ba da izinin yin amfani da sabis na hanyar sadarwa a cikin fayil /etc/hosts.allow, ƙin ba da damar yin amfani da wannan sabis ɗin a cikin fayil /etc/hosts.deny zai zama ba a kula ko watsi da shi.
3. Idan babu ka'idodin sabis a cikin ɗayan fayilolin mai masaukin, ana ba da izinin sabis ɗin ta tsohuwa.
4. Canje-canjen da aka yi wa fayilolin mai masaukin baki biyu ana aiwatar su kai tsaye ba tare da sake kunna ayyukan ba.

A cikin batutuwanmu na baya, mun kalli amfani da VPN don fara samun damar nesa da sabar Linux musamman ta hanyar sadarwar jama'a. VPN yana ɓoye duk bayanan da aka musayar tsakanin uwar garke da rundunonin nesa kuma wannan yana kawar da damar da sadarwa zata iya sauraro.

Kula da kayan aikin ku tare da kayan aiki kamar gaza2ban don kiyaye sabarku daga hare-haren zalunci.

[Hakanan kuna iya son: Kayan Aikin Kula da Faɗin Bandwidth Masu Amfani don Nazarin Hanyar Sadarwa a Linux]

Linux yana ƙara zama abin fata ga masu satar bayanai saboda ƙaruwarsa da amfani da shi. Saboda haka, yana da hankali don shigar da kayan aikin tsaro don bincika tsarin don rootkits, ƙwayoyin cuta, trojans, da kowace irin malware.

Akwai shahararrun hanyoyin bude ido kamar chkrootkit don bincika duk alamun rootkits akan tsarinku.

Yi la'akari da rarraba hanyar sadarwar ku zuwa VLANs (Networkananan hanyoyin sadarwar Yanki na Yanki). Ana yin wannan ta ƙirƙirar ƙananan suban komputa a kan hanyar sadarwa guda ɗaya waɗanda ke aiki azaman hanyoyin sadarwar kai tsaye. Raba hanyar sadarwarku yana da hanya mai tsawo don iyakance tasirin keta haddi zuwa yanki ɗaya kuma yana sa ya zama da wuya ga masu fashin kwamfuta su sami damar shiga wasu ƙananan hanyoyin sadarwar.

Idan kuna da masu ba da hanya ta hanyar waya ko hanyoyin samun bayanai a cikin hanyar sadarwar ku, ku tabbatar da cewa suna amfani da sabbin fasahohin ɓoyewa don rage haɗarin haɗarin mutum-da-tsakiyar.

Tsaron hanyar sadarwa babban lamari ne wanda ya ƙunshi ɗaukar matakai akan ɓangaren kayan aikin cibiyar sadarwar da kuma aiwatar da manufofin tushen rundunar akan tsarin aiki don ƙara matakan kariya daga kutse. Matakan da aka zayyana zasu taimaka matuka wajen inganta tsaron tsarinku game da hanyoyin afkawa hanyoyin sadarwa.