Holy Grail Of Hacker Malicious
Enye yezimpahla zokulondeka kolwazi ukugcina izinhlelo zakho zilandelwe futhi zibuyekeziwe. Njengoba abathengi bafunda ngokukhubazeka okusha emikhiqizweni yabo, noma abacwaningi bezinkampani ezintathu noma ngezinzuzo zabo siqu, benza ama-hotfixes, ama-patches, amaphakethe wenkonzo nezibuyekezo zokuphepha ukulungisa izimbobo.
I-Grail Engcwele yezinhlelo ezinonya kanye nabalobi begciwane " yi-zero day exploit". Usuku lwama-zero luxhaphaza ukuthi lapho ukuxhaphazwa kokubambisana kudalwe ngaphambi, noma ngosuku olufanayo njengoba ukuhlushwa kufundiswa ngumphathi. Ngokwenza i-virus noma imbungu esisebenzise inzuzo engozini umdayisi engakaqapheli futhi okwamanje okwamanje akuyona i-patch etholakalayo umhlaseli angabangela ukulimala okukhulu.
Ezinye izingozi zibizwa ngokuthi usuku lwama-zero zixhaphaza izingosi ngamaphephandaba, kodwa umbuzo ungukuthi usuku lwaloluphi ikhalenda? Izikhathi eziningi abathengisi nabahlinzeki bekhnoloji abalulekile bayayazi amasonto okuhlukunyezwa noma izinyanga ngaphambi kokuba kusetshenziswe ukuqhutshwa noma ngaphambi kokuba kutholakale ukuthi ubungozi buvezwe esidlangalaleni.
Isibonelo esihle salokhu kwakuyisingozi seSNMP (Simple Network Management Protocol) esimemezelwe ngoFebhuwari ka-2002. Abafundi baseYunivesithi yase-Oulu eFinland bathola amaphutha ehlobo lika-2001 ngenkathi besebenza kuhlelo lwe-PROTOS, inkampani yokuhlola eyenzelwe ukuhlola i-SNMPv1 (inguqulo 1).
I-SNMP iyi- protocol elula yamadivaysi okukhulumisana. Isetshenziselwa ukuxhumana kudivayisi nokuxhumana nokude nokuqapha kwamadivaysi enethiwekhi ngabalawuli. I-SNMP ikhona kwi-hardware yenethiwekhi (ama-routers, ama-switches, ama-hubs, njll.), Amaphrinta, ama-copiers, imishini yefeksi, imishini ephezulu yezokwelapha esezingeni eliphezulu futhi cishe yonke uhlelo lokusebenza.
Ngemva kokuthola ukuthi bangakwazi ukuphazamiseka noma ukukhubaza amadivaysi besebenzisa i-suite yabo yokuhlolwa kwe-PROTOS, abafundi base-Oulu University bawazisa ngokuhlakanipha amandla abe khona futhi izwi laphumela kubathengisi. Wonke umuntu wahlala kulolo lwazi futhi waligcina liyimfihlo kuze kube ngandlela-thile egijimela emhlabeni ukuthi i-suite ye-PROTOS yokuhlola ngokwalo, eyayikhululekile futhi iyatholakala esidlangalaleni, ingasetshenziswa njengekhodi yokusebenzisa ukuletha amadivayisi we-SNMP. Ngaleso sikhathi kuphela abathengisi kanye nezwe abahlambalaza ukudala nokukhulula ama-patches ukuze baxazulule isimo.
Izwe liyesabekile futhi liphathwe njengokungathi usuku lwama-zero lusetshenziswa uma empeleni ngaphezu kwezinyanga ezingu-6 kudlule kusukela ngesikhathi sokungcupheni kwasekuqaleni kutholakala. Ngokufanayo, iMicrosoft ithola izimbobo ezintsha noma ixwayiswa izimbobo ezintsha emikhiqizweni yazo njalo. Ezinye zazo ziyindaba yokuhumusha futhi iMicrosoft ingavuma noma ayivumelani ukuthi empeleni iyiphutha noma ingozi. Kodwa, ngisho nabaningi kulabo abavumelana nabo kukhona ukukhubazeka okungaba khona amasonto noma izinyanga ezihamba phambili ngaphambi kokuba iMicrosoft ikhishwe isibuyekezo sokuphepha noma iphakethe lensizakalo elibhekene nale nkinga.
Inhlangano eyodwa yokuphepha (i-PivX Solutions) esetshenziselwa ukugcina uhlu olusebenzayo lwe-Microsoft Internet Explorer engakwazi ukukwenza ukuthi iMicrosoft yaziwe kodwa yayingakaze ilandelwe. Kukhona ezinye izingosi kuwebhu eziqhutshwa ngabaduni abagcina izinhlu zokukhubazeka ezaziwayo nalapho abaduni nabathuthukisi bekhodi ezinonya badayisa khona ulwazi.
Lokhu akusho ukuthi ukusetshenziswa kwe-zero akukhona. Ngeshwa nakho kwenzeka njalo ukuthi okokuqala ukuthi abathengisi noma umhlaba baqaphele umgodi lapho benza uphenyo lwama-forensic ukuze bathole indlela isistimu ephule ngayo noma uma ihlaziya igciwane elisakaze lisakaze endle ukuze thola ukuthi isebenza kanjani.
Kungakhathaliseki ukuthi abathengisi bayazi mayelana nokuhlukunyezwa ngonyaka odlule noma okutholwe ngakho kulokhu ukusa, uma ikhodi yokuxhaphaza ikhona lapho ubungozi buyenziwa umphakathi ukuthi usuku lwezinsuku luxhaphazwa ekhalendeni lakho .
Into engcono kakhulu ongayenza ukuze uvikele ekusebenzisweni kwezinsuku zenzuku ukulandela izinqubomgomo ezinhle zokuphepha kuqala. Ngokufaka nokugcina isofthiwe yakho ye- anti-virus kusesikhathini, ivimbela okunamathiselwe kwefayela kuma-imeyli okungase kube yingozi futhi ugcine uhlelo lwakho olufakwe ngokumelene nokukhubazeka osuvele uyazi ukuthi ungalondoloza uhlelo lwakho noma inethiwekhi ngokumelene no-99% wezinto ezingaphandle .
Enye yezinyathelo ezingcono zokuvikela ngokusongelwa okwamanje okungaziwa ukusebenzisa i-hardware noma isofthiwe (noma kokubili) i- firewall . Ungakwazi futhi ukunika amandla ukuskena kwe-heuristic (itheknoloji esetshenziselwa ukuvimba amagciwane noma izibungu ezingakaziwa ngokuqondene nesofthiwe yakho ye-anti-virus. Ngokuvimbela ithrafikhi engadingekile endaweni yokuqala nge-firewall ye-hardware, ivimbela ukutholakala kwezinsiza zesistimu nezinsizakalo nge-firewall yesofthiwe noma ukusebenzisa isofthiwe yakho ye-anti-virus ukusiza ukuziphatha okungahambi kahle ungazivikela kangcono ekusebenziseni kwezinsuku ezesabekayo.