Ùı Ô ÙÏ ÙÔÛÁ - Xakep Online
11.07.2015 Views
Share Embed Flag

Ùı Ô ÙÏ ÙÔÛÁ - Xakep Online

Ùı Ô ÙÏ ÙÔÛÁ - Xakep Online

Ùı Ô ÙÏ ÙÔÛÁ - Xakep Online

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
xakep.ru

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

æåò àóòåíòèôèöèðîâàòüñÿ êàê IRC-îïåðàòîð è ïðèîáðåñòè âñå àòðèáóòûêëàññà opers, íåîãðàíè÷åííûé sendq-ëèìèò â òîì ÷èñëå.À ýòî âåäü ïîòåíöèàëüíûå ôëóäåðû, îò êîòîðûõ íåâîçìîæíî èçáàâèòüñÿèíà÷å, êàê îòêëþ÷èâ õàêíóòûé ñåðâåð îò âñåé ñåòè! Îäíàæäûÿ íàøåë ïîäîáíûé ñåðâàíò, ïîëó÷èë äîñòóï è çàïðîñòîìîã áû íàãíàòü òóäà öåëóþ àðìèþ ôëóäáîòîâ, óñòðîèâ íàñòîÿùèéàä. Èìåÿ òàêîå ìîùíîå ñðåäñòâî, êàê êëàññ opers, ÿ èìåë ïðàêòè-÷åñêè íåîãðàíè÷åííûå ëèìèòû è áåçäîííûé sendq. Èñïîëüçóÿýòî, ìîæíî áûëî ñåðüåçíî íàðóøèòü ôóíêöèîíèðîâàíèå âñåéIRC-ñåòè, âïëîòü äî ïîëíîãî åå (ïóñòü è âðåìåííîãî) ðàçðóøåíèÿ.Íî ÿ æå íå êàêîé-íèáóäü ïîäîíîê, ïîýòîìó íå ñòàë âðåäèòüíè â ÷åì íå âèíîâàòûì þçåðàì ;).Äðóãàÿ íå ìåíåå ñåðüåçíàÿ äûðà â êîíôèãóðàöèè çàêëþ÷àåòñÿâ íåâåðíîì óêàçàíèè êîëè÷åñòâà ïîëüçîâàòåëåé, ïîäêëþ÷àþùèõñÿê IRC-ñåðâåðó ñ îäíîãî IP'øíèêà. Ýòî òàê íàçûâàåìûå êëîíû. Óíèõ ìîãóò îòëè÷àòüñÿ íèêè è èäåíòû, íî õîñò, ñ êîòîðîãî îíè çàõîäÿò,âñåãäà îäèí è òîò æå.  áîëüøèíñòâå ñëó÷àåâ ïðàâèëüíûéáëîê, îïèñûâàþùèé êëàññ users, âûãëÿäèò òàê:Êëàññ usersclass {name = "users";ping_time = 1 minute;number_per_ip = 2;max_number = 300;sendq = 100 kbytes;};Âñå ýòè òðè ïàðàìåòðà æèçíåííî âàæíû äëÿ çàùèòû ñåðâåðàîò ôëóäà. IRC-îïåðàòîð ñ î÷åíü ðàçâèòûì ÷óâñòâîì äîëãà ïåðåäïîëüçîâàòåëÿìè, íî ñ íàãëóõî àòðîôèðîâàííûì çäðàâûì ñìûñëîììîæåò èçìåíèòü ïàðàìåòð number_per_ip ñ âïîëíå ðàçóìíîãîçíà÷åíèÿ 2 (âñåãî äâà ïîëüçîâàòåëÿ ñ îäíîãî IP) íà 10, 60, 100 èáîëåå. Ïîñëå ÷åãî âðàòà äëÿ ôëóäåðîâ îòêðûòû. Òåïåðü óæå íåâàæíî, ñ êàêîãî IP çàõîäèòü, âàæíî, ÷òî ñ îäíîãî è òîãî æå àäðåñàìîãóò ïîÿâèòüñÿ 60 êëîíîâ. Âîîáðàçè ñåáå, ÷òî ìîæíî âûòâîðÿòü,çàõîäÿ ñ 10 èëè 20 îòêðûòûõ ïðîêñè.Âòîðîé ïàðàìåòð (max_number) ðåãóëèðóåò ìàêñèìàëüíîå êîëè÷åñòâîïîëüçîâàòåëåé äëÿ äàííîãî êëàññà. Äåñÿòü òûñÿ÷ ôëóäáîòîâ- î÷åíü ñåðüåçíàÿ óãðîçà. Çàäà÷à âçëîìùèêà - ïðàâèëüíî èäîñòàòî÷íî ñêðûòíî ëîêàëèçîâàòü ïîäîáíûé ñåðâåð, à çàòåì ïðèâåñòèíà íåãî öåëóþ àðìèþ êëîíîâ. Ïîñëå ýòîãî ãîëîâíàÿ áîëüâñåì IRC-îïåðàòîðàì â ñåòè ãàðàíòèðîâàíà :).Òðåòèé ïàðàìåòð (sendq) ðåãóëèðóåò ìàêñèìàëüíûé îáúåì èíôîðìàöèè,êîòîðûé êëèåíò ìîæåò îòïðàâèòü. Åñëè êëèåíò ïðåâûøàåòýòîò îáúåì, ñðàáàòûâàåò âñòðîåííàÿ â ircd çàùèòà îò ÷ðåçìåðíîãîôëóäà è ïîëüçîâàòåëü îòêëþ÷àåòñÿ ñàìèì ñåðâåðîì ñ ñîîáùåíèåìExcess Flood. Çà÷àñòóþ ïîëüçîâàòåëè î÷åíü æàëóþòñÿ íàòî, ÷òî íå ìîãóò ñäåëàòü Ctrl+V è îòïðàâèòü äðóãîìó ïîëüçîâàòåëþêàêîé-íèáóäü ñìåøíîé-ïðåñìåøíîé àíåêäîò èëè ðàññêàç êèëîáàéòíà 120 :). Ñåðäîáîëüíûé IRC-îïåðàòîð, íå ïîíèìàÿ ïîñëåäñòâèéñâîèõ äåéñòâèé, óâåëè÷èâàåò ýòîò ïàðàìåòð äî 200, 500, 700 êèëîáàéòèëè äàæå äî íåñêîëüêèõ ìåãàáàéò. ×òî è ãîâîðèòü, áåñêîíå÷íûéôëóä â òàêèõ îáúåìàõ ìîæåò ïîëíîñòüþ ïàðàëèçîâàòü äåÿòåëüíîñòüëþáîãî êàíàëà èëè âûáèòü èç ñåòè ëþáîãî ïîëüçîâàòåëÿ. zÍå îáÿçàòåëüíî âçëàìûâàòü ñåðâåð, ÷òîáû ïîëó÷èòü êðàñèâûé õîñò ;). Ìîæíîïðîñòî ïîñòàâèòü bnc íà óäàëåííîé ïëîùàäêå

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!