Izisebenzi zikahulumeni Ubuntu kanye ne-Canonical bebelokhu becindezelekile amahora amaningi. Ngemva kokuhlaselwa kwe-distributed denial-of-service (DDoS) okuye kwenza izinsizakalo ezibalulekile ezihlobene nokusatshalaliswa kwe-Linux okudumile zangakwazi ukusebenza, i-Canonical ichaze ukuvalwa kwe-inthanethi njengokuhlasela okuqhubekayo, okuwela imingcele. Lokhu kuhlasela kuthinte iwebhusayithi esemthethweni, ama-API okuphepha, kanye neziteshi zokuxhumana ezibalulekile zabaphathi bezinhlelo, amabhizinisi, kanye nabathuthukisi.
Lesi sigameko siphakamise izixwayiso phakathi kwamaqembu e-IT kanye nezokuphepha kwe-inthanethi eYurophu naseSpain athembele ku- Ubuntu Server njengesisekelo sengqalasizinda yayoikakhulukazi ezindaweni zamafu kanye nokukhiqiza. Nakuba izindawo zokugcina amaphakheji kanye nezinye izibuko zihlala zifinyeleleka kalula, ukungasebenzi kwezinsizakalo eziyinhloko ze-Canonical kudale ukungaqiniseki mayelana nokuskena kobungozi kanye nokuphathwa kokuvuselelwa kwesikhathi sangempela.
Ukuhlaselwa okuqhubekayo kwe-DDoS engqalasizinda ye-Ubuntu
Njengoba kuqinisekiswe yi-Canonical esitatimendeni esishicilelwe eziteshini zayo ezisemthethweni, Ingqalasizinda yewebhu ihlaselwa isikhathi eside yi-DDoS Ukuvalwa kwemisebenzi kuqale ngoLwesine futhi kuye kwanda ngamandla. Ukuze kuncishiswe umthelela, inkampani inqamule izinsizakalo zomphakathi eziningana ngaphambi kokwenza lokhu ngenkathi amaqembu ayo esebenza kulesi simo.
Ubude besigameko abubalulekile: imithombo yobuchwepheshe kanye nabezindaba abakhethekile bakhombisa ukuthi ukuwa kwaqhubeka cishe Amahora angu-20 kuya kwangu-24 okuphazamiseka okukhulu kwezinye izinsizakalo ngesikhathi semibiko yokuqala. Kuhlelo lwe-Linux, lapho imisebenzi eminingi yokulungisa nokusabalalisa incike khona engqalasizinda eyinhloko yephrojekthi, ukungasebenzi kwalesi silinganiso kubonakala ngokushesha.
Ukuhlaselwa kwe-DDoS kuchazwe ngokuthi okukhulu futhi okuhlelekileLokhu kuhlasela kuhlose ngqo ungqimba lomphakathi lwe-Canonical: ama-web portals, ama-API, kanye namapulatifomu okuxhumana komphakathi. Nakuba lolu hlobo lokuhlasela lungahileli ngempela ukungena noma ukwebiwa kwedatha, umphumela walo ongokoqobo ukuvimba ukufinyelela emisebenzini ebalulekile ekusebenzeni kwansuku zonke kwezinhlelo ezisekelwe ku-Ubuntu.
Ngobuchwepheshe, ukuhlaselwa kwe-DDoS kuhilela ukugcwala amaseva aqondiwe ngethrafikhi enkulu yemfucuza kuze kube yilapho inethiwekhi noma izinsizakusebenza zekhompyutha ziphela. Naphezu kokubhekwa njengendlela elula uma kuqhathaniswa nokuhlaselwa okuyinkimbinkimbi, kusalokhu kuyisongo esikhulu. ithuluzi elisebenza kahle kakhulu lokususa amapulatifomu abonakalayo ngaphandle kwe-inthanethiikakhulukazi lapho kuhlanganiswa ama-bandwidth amakhulu kanye namanethiwekhi asatshalaliswe emishini ehilelekile.
Izinsizakalo ze-Ubuntu neze-Canonical zithintekile ngenxa yokuphazamiseka kwesevisi
Lokhu kuhlasela akugcini nje kwiwebhusayithi yenkampani. Abathuthukisi nabaphathi baveze ezinkundleni zomphakathi ukuthi izingxenye eziningana ezibalulekile zengqalasizinda yomphakathi ka-Ubuntu Bathinteke kakhulu yilokhu kuhlasela.
Ngokusho kwe-Canonical kanye nomphakathi wezobuchwepheshe, izinsizakalo ezithintekile zifaka:
- Iwebhusayithi esemthethweni ye-Ubuntu (ubuntu.com), isango lokufinyelela kumadokhumenti, okulandwayo kanye nezinsizakusebenza zabasebenzisi namabhizinisi.
- Ama-CVE API kanye nezeluleko zokuphepha, esetshenziselwa ukuhlola ubuthakathaka, ama-patches atholakalayo kanye nemininingwane yobuchwepheshe yamaphutha abikiwe.
- Iziteshi zokuxhumana ezisemthethweni kanye nezaziso, kubalulekile ekushicileleni izibuyekezo ngezigameko, ukunciphisa kanye nezincomo.
- Usekelo lobuchwepheshe oluku-inthanethi kanye nezinsizakalo zokubhala imibhalo, kokubili kubasebenzisi abajwayelekile kanye nakumakhasimende anezinkontileka zebhizinisi.
Ngesikhathi esifanayo, kuye kwabhalwa phansi amacala lapho abasebenzisi kanye nabahlaziyi bethole khona Ukwehluleka lapho uzama ukufaka noma ukuvuselela izinhlelo ze-Ubuntu Ngesikhathi sokuhlasela okukhulu, ukuhlolwa okuzimele emishinini ye-Ubuntu kubonise ukuthi imizamo yokuvuselela esebenzisa amathuluzi ajwayelekile yehlulekile ngenkathi ukungasebenzi kuqhubeka, okuqinisa umqondo wokuthi ukuhlasela kuthinte imizila yokusatshalaliswa kwamaphakheji noma izinsizakalo zokusekela ezihlobene.
Kodwa-ke, iCanonical igcizelele ukuthi Izibuko zokulanda amaphakheji zisasebenza Ukufakwa okuyisisekelo kanye nokubuyekezwa kusengenzeka ngalezi zindawo zokugcina ezinye. Inkinga eyisisekelo ukuthi ngaphandle kokufinyelela okuthembekile kuma-API okuphepha kanye nezeluleko ezisemthethweni, kuba nzima kakhulu ngamathimba okuphepha ukuqinisekisa ngqo ukuthi yiziphi izithiyo ezithinta izinhlelo zawo nokuthi yiziphi iziqeshana ezitholakala ngokugcwele.
Lokhu kuphoqa izinhlangano eziningi ukuthi zisebenzise okwesikhashana imithombo ehlukile yolwazi lobuthakathaka, njenge-National Vulnerability Database (NVD) noma amapulatifomu afana ne-Open Source Vulnerability (OSV), kuyilapho i-Canonical ibuyisela isevisi futhi ishicilele umbiko onemininingwane eminingi ngalokho okwenzekile.
Iqembu lama-hacktivist elizibiza ngecala lokuhlasela i-Canonical
Lokhu kuhlasela kuthathwe yiqembu lama-hacktivist elizibiza ngokuthi "Ukumelana KwamaSulumane Nge-Cyber ​​​​e-Iraq - Ithimba 313" (Iqembu le-Islamic Cyber ​​​​Resistance in Iraq – 313 Team). Isimangalo somthwalo wemfanelo sasakazwa ngesiteshi sabo seTelegram, lapho amalungu ethi ayenesibopho sokudiliza ingqalasizinda yomphakathi ye-Ubuntu kanye ne-Canonical ngokuhlasela okuhleliwe kwe-DDoS.
Emilayezweni yabo, leli qembu lithi lisebenzise I-Beamed, isevisi ye-DDoS yezentengiselwano efunwa kakhuluLezi zingxenyekazi, ezaziwa nangokuthi ama-booters noma ama-stressors, zivumela cishe noma ubani ukuthi aqalise ukuhlasela okukhulu ngokukhokhela umthamo wethrafikhi, ngaphandle kokudinga inethiwekhi yakhe yamakhompyutha asengozini noma ulwazi oluthuthukisiwe lobuchwepheshe.
I-Beamed ithi iyakwazi ukukhiqiza ukuhlasela okungaphezu kwalokho Ama-terabit angu-3,5 ngomzuzwana wethrafikhi enonyaLesi sibalo sinikeza umbono wesilinganiso lezi zinhlobo zokuhlaselwa ezingafinyelela kuso. Nakuba kungekho siqinisekiso esizimele sokuthi leli nani elithile lifinyelelwe endabeni ka-Ubuntu, ukubhekisela kusiza ekubekeni umbono wamandla akhangiswe ngumhlinzeki walolu hlobo lwesevisi.
Ukuhlanganiswa kwezisusa zemibono, ukufinyelela kumathuluzi okuqasha amandla okuhlasela angabizi, kanye nokubonakala kwabezindaba kwesisulu esinjengo-Ubuntu kuhambisana nephethini ekhathazayo: Akusadingeki ukuthi kube nemishini kahulumeni kanye nenhlangano enkulu yobugebengu. Ukuze kuphazamiseke ingqalasizinda ebalulekile, okudingekayo nje iqembu elinezinhloso zezepolitiki noma ezingokomfanekiso kanye nesabelomali esanele sokuqasha izinsizakalo ze-DDoS eziyimfihlo.
Izikhungo zomthetho zaseYurophu kanye neziphathimandla, njenge-Europol, bezilokhu zidlala umdlalo wekati negundane nalaba bahlinzeki bezinsizakalo iminyaka eminingi. Naphezu kwemisebenzi yokususa isizinda, ukuthathwa kwempahla, kanye nokuboshwa ngezikhathi ezithile, imakethe ye Izinsizakalo ze-DDoS uma zidingeka zibuyiselwa ngokusheshaokubangela ukuvela kwamapulatifomu amasha athatha indawo yalabo abavaliwe futhi kugcine impilo, inkinga ethinta izinkampani, abezindaba, ukuphathwa komphakathi kanye namaphrojekthi ezobuchwepheshe azo zonke izinhlobo.
Izingozi zokusebenza kwamabhizinisi amasha kanye nezinkampani ezithembele ku-Ubuntu
Ubukhulu balesi sigameko buhambisane kakhulu nezinkampani ezintsha zaseYurophu kanye nezinkampani ezisebenzisa Iseva ye-Ubuntu emafwini omphakathi nawangaseseKulinganiselwa ukuthi ingxenye enkulu kakhulu yezimo kubahlinzeki bamafu amakhulu isebenzisa uhlobo oluthile lwe-Ubuntu, okwenza noma yimuphi umthelela engqalasizinda ye-Canonical ube yingozi enkulu ekusebenzeni okuningi kwedijithali.
Kumaqembu obunjiniyela kanye nezokuphepha, inkinga akuyona ukungena ngqo kwamaseva abo—akukho okubonisa ukuthi ubuqotho bokufakwa kwe-Ubuntu kokukhiqiza bube sengozini—njengoba ukuthembela ngokweqile endaweni eyodwa yokubhekisela ngezibuyekezo, izexwayiso zokuphepha, kanye namadokhumenti. Lapho iziteshi ezisemthethweni ziphela, ubuthakathaka bezakhiwo ezithile buyabonakala.
Esimweni saseSpain naseYurophu, lapho izinkampani eziningi ezintsha zobuchwepheshe zisebenza namaqembu amancane nezinsizakusebenza ezilinganiselwe, lolu hlobo lokuphazamiseka lunomthelela owengeziwe: Abaphathi bengqalasizinda baphoqelekile ukwenza izinhlelo eziphuthumayo ngenkathi kuphathwa ukuxhumana kwangaphakathi nebhizinisi, amaklayenti kanye nabalingani, into engase icindezele izinhlangano kakhulu ngezikhathi eziqinile.
Lesi siqephu siphinde sasisiza ukuba sikhumbule ukubaluleka kokungacabangi nje kuphela ngokutholakala kwepulatifomu ngokwayo (ama-Kubernetes, amaseva, izizindalwazi), kodwa futhi ukuqina kwezinsizakalo ezibalulekile zangaphandle Lezi yizinto ezenza impilo yansuku zonke incike kuzo: izindawo zokugcina amaphakheji, abahlinzeki bokukhokha, izindawo zokugcina amakhodi, izinsizakalo ze-DNS, noma amapulatifomu okuthumela imiyalezo.
Ezingxoxweni zangaphakathi, ama-CTO amaningi kanye nabaphathi bezinhlelo ezinkampanini zaseYurophu bazibuza imibuzo engakhululekile kodwa edingekayo: Yini engenzeka uma ukuphazamiseka okufanayo kuthinta i-AWS, i-GitHub, noma umhlinzeki wokukhokha oyinhloko kusasa? Icala lika-Ubuntu lisebenza njengokuzijwayeza ukugqoka, liqokomisa izinga izinhlelo zesimo esiphuthumayo ezilungiselelwe noma ezikhona ngalo ephepheni.
Izinyathelo ezisheshayo zokunciphisa umthelela ezindaweni zokukhiqiza
Ezinhlanganweni ezithembele kakhulu ku-Ubuntu ekukhiqizeni, lokhu kuhlasela kwenza kucace ukuthi ezinye izinyathelo zokuphepha azisadingeki. Ama-DevOps namaqembu okuphepha eSpain naseYurophu abeka phambili isinyathelo esisheshayo sokunciphisa ukuthembela ngqo kwingqalasizinda eyinhloko ye-Canonical ngezikhathi zobunzima.
Phakathi kwezinyathelo ezinconywa kakhulu ochwepheshe kulo mkhakha yilezi:
- Lungiselela eminye imithombo yobuthakathaka: Hlanganisa izizindalwazi ezifana ne-NVD noma i-OSV emgudwini wokuphepha, ukuze ukuhlaziywa kobungozi kungaxhomeki kuphela kuma-API e-Canonical.
- Sebenzisa izibuko zendawo yokugcina izintoSebenzisa amathuluzi anjenge-apt-cacher-ng noma ama-proxies e-cache (isibonelo, i-Squid) ukugcina amakhophi amaphakheji e-Ubuntu asetshenziswa kakhulu engqalasizinda yakho.
- Dala izithombe ezakhiwe ngaphambilini kanye nezindawo zokugcina zangaphakathi: Gcina izitsha zesistimu noma izithombe zibuyekeziwe kumarejista ayimfihlo (emafwini afana ne-AWS, i-Azure noma ingqalasizinda esezindaweni) ukuze ukwazi ukusakaza ngaphandle kwesidingo sokuxhuma njalo ezindaweni zokugcina zangaphandle.
- Sungula uhlelo lokuxhumana ngesigamekoChaza iziteshi zesibili (i-Slack, i-Telegram, i-imeyili, i-SMS) ukuze uthole izaziso zokuphepha lapho amawebhusayithi asemthethweni engasasebenzi, bese uqoka abenzi bezinqumo abacacile ngesikhathi senhlekelele.
Umqondo oyisisekelo ukuthi Ukwehliswa kwemali akufanele kusabhekwa njengento yokunethezeka Lokhu sekuba umkhuba ojwayelekile ezinkampanini ezinkulu kanye nakwamabhizinisi amancane naphakathi kwezobuchwepheshe. Ukuba nezinqolobane zendawo, imithombo yedatha ehlukile, ama-backup asatshalaliswe, kanye nezinqubo ezibhalwe kahle kungenza umehluko phakathi kokuphazamiseka okuncane kanye nokuphazamiseka kwebhizinisi isikhathi eside.
Ngaphezu kwalokho, lesi siqephu siqokomisa isidingo sezinkontileka zokusekela, lapho zikhona, ukuze zifake izivumelwano zezinga lesevisi ezicacile (ama-SLA) maqondana nokuxhumanaukuze amakhasimende ebhizinisi azi ukuthi yini okufanele ayilindele nokuthi yiziphi iziteshi azothola ngazo ulwazi olubalulekile ezimweni ezifana nalezi zamanje.
Amasu okuvikela isikhathi eside kwengqalasizinda ye-Linux
Ngale kwezixazululo eziphuthumayo, ukuhlaselwa kwe-Ubuntu kuvula ingxoxo eyisisekelo mayelana nendlela izinhlangano okufanele zilungiselele ngayo lolu hlobo lwemicimbi. Kwamaqembu amaningi obuchwepheshe akhuluma iSpanishi, isiphetho siwukuthi Ukuqina kufanele kwakhiwe kusukela ekuqaleni, hhayi ukwenza izinto ngendlela exakile lapho kufika inkinga.
Esinye sezincomo ezithola ukuthandwa ukuthi hlukanisa i-stack yesistimu yokusebenza kanye nabathengisiNakuba i-Ubuntu isalokhu iyisinqumo esiyinhloko, ezinye izinkampani ziyakwazisa ukugcina izinsizakalo ezibalulekile eziphindaphindwa kwezinye izinsiza ezifana ne-Debian noma i-Alpine, ngaleyo ndlela kunciphisa ingozi yokuthi ukuhlaselwa okugxile kakhulu ekusakazweni okukodwa kuzoshiya yonke inhlangano ingenasevisi.
Ukuzenzakalela nakho kudlala indima ebalulekile. Amathuluzi anjengokuthuthukiswa okunganakiwe ku-Ubuntu noma izixazululo zokuphatha ama-patch ezihlanganisiwe angakwazi Sebenzisa ukulungiswa kokuphepha cishe ngokushesha Uma kutholakala, kunciphisa ifasitela lokudalulwa. Kodwa-ke, lezi zindlela kumele zilungiselelwe ukubekezelela ukungasebenzi kahle kweziteshi ezisemthethweni, kusetshenziswa izindawo zokugcina ezingafuneki kanye nemithetho yokuziphatha ecacile lapho umthombo wehluleka.
Esinye i-vector esibalulekile yi- ukuqapha njalo umphakathi womthombo ovulekileEzimweni eziningi, izinkundla zobuchwepheshe, uhlu lweposi, kanye nezinkundla zokuxhumana zithola futhi zixoxe ngezigameko ngaphambi kokuba kwenziwe izimemezelo ezisemthethweni. Ukulandela ama-akhawunti afanele, ukubamba iqhaza ezinkundleni zokusabalalisa, kanye nokubhalisela imithombo egxile kwezokuphepha kunganikeza izexwayiso zakuqala ezibalulekile ngezinqumo zokunciphisa.
Okokugcina, kuyalulekwa ukuthi inkampani ngayinye ibe ne- incwadi yokudlala yezehlakalo ezibhaliwe Lo mbhalo kufanele uchaze ukuthi ubani onquma ukuthi yini, yimiphi imithombo ehlukile okufanele ixoxwe ngayo, nini kufanele idluliselwe kubahlinzeki bokusekela abakhokhelwayo, nokuthi nini kufanele kucatshangelwe ukuthuthela kwenye indawo okwesikhashana. Lo mbhalo unciphisa ukwenziwa kwezinto ezintsha, ufinyeza izikhathi zokuphendula, futhi uvimbele izinqumo ezibalulekile ekuthembeleni ezingxoxweni ezingakahleleki phakathi nenkinga.
Ingabe kunengqondo ukulahla Ubuntu ngemva kwalesi sigameko?
Lo mbuzo ubuye wavela kaningi ezingxoxweni zobuchwepheshe: Ingabe lokhu kuhlasela kuyisizathu esanele sokufuduka ngobuningi kusuka ku-Ubuntu kuya kwezinye izabelo? Iningi lochwepheshe liyavuma ukuthi lokhu akunjalo ngempela. I-Canonical inomlando oqinile ekuphathweni kwezigameko, futhi ngokusekelwe olwazini olutholakalayo, ukuhlaselwa kugxile ku-inthanethi kanye ne-utility layer, ngaphandle kobufakazi bokuthi kube nokuyekethisa okuqondile ekufakweni kwabasebenzisi.
Isinqumo sokufuduka noma cha kufanele sisekelwe ku- ukuhlaziywa kwengozi okwenzelwe inhlangano ngayinyeUma kucatshangelwa izici ezifana nomkhakha osebenza kuwo, izinga lokubaluleka kwezinsizakalo, kanye nezidingo zomthetho. Ezinkampanini ezilawulwa kakhulu eYurophu—njenge-fintech, impilo yedijithali, noma abahlinzeki bezinsizakalo zikahulumeni—kungaba nengqondo ukwenza inkontileka yokusekela amabhizinisi (njenge-Ubuntu Pro) ehlanganisa iziteshi zokuxhumana eziza kuqala kanye nezikhathi zokuphendula eziqinisekisiwe.
Nokho, iningi lamabhizinisi amasha kanye nama-SME, iziphetho zikhomba kwenye indlela: esikhundleni sokushintsha isu lawo lokusabalalisa ngenxa yokusabela, Kusebenza kangcono ukutshala imali ekuthuthukiseni izendlalelo zokubuyiselwa kwemali, ukuqapha, kanye nezinhlelo zesimo esiphuthumayo. epulatifomu asebeyazi futhi beyingcweti.
Okubonakala kusobala ukuthi lesi siqephu kufanele sivuse izingxoxo zangaphakathi mayelana nezinkinga ezivame ukuhlehliswa: indlela yokusabela ekunqamukeni kwabahlinzeki ababalulekile, yiziphi izinsizakalo zangaphandle ezibaluleke kakhulu, ukuthi ibhizinisi lingaqhubeka isikhathi esingakanani lisebenza uma izindawo zokugcina ezibalulekile noma ama-API engatholakali usuku olulodwa noma ezimbili.
Ukuhlaselwa kwe-DDoS ngokumelene ne-Ubuntu kanye nengqalasizinda yomphakathi ye-Canonical kusebenza njengesikhumbuzo esingakhululekile kodwa esiwusizo: ngisho namaphrojekthi asevele ekhona emhlabeni wesofthiwe yamahhala angase abekwe engcupheni. ukuphazamiseka okukhulu ngenxa yokuhlaselwa okuhlelekile kahleKubasebenzisi ngabanye, umthelela uholela ekuphazamisekeni nasekulibazisekeni kwezibuyekezo; ezinkampanini kanye namabhizinisi amasha akhe umsebenzi wawo ku-Ubuntu, kuwukuvusa ngesidingo sokuqinisa ukuncishiswa kwabasebenzi, ukuhlukanisa imithombo yolwazi lokuphepha kanye nokulungiselela, ngaphambi kwenkinga elandelayo, izindlela ezibavumela ukuthi baqhubeke nokusebenza lapho isixhumanisi esibalulekile kulolu chungechunge siwohloka.
