{"id":5275,"date":"2015-11-03T07:05:54","date_gmt":"2015-11-03T07:05:54","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5275"},"modified":"2015-11-03T07:37:51","modified_gmt":"2015-11-03T07:37:51","slug":"mysql-kullanicilari-chikdos-virusune-dikkat","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/mysql-kullanicilari-chikdos-virusune-dikkat\/","title":{"rendered":"MySQL Kullan\u0131c\u0131lar\u0131 Chikdos Vir\u00fcs\u00fcne Dikkat!"},"content":{"rendered":"

G\u00fcvenlik uzmanlar\u0131n\u0131n uyar\u0131lar\u0131na bak\u0131l\u0131rsa, MySQL veri taban\u0131 sunucular\u0131n\u0131<\/strong> kullanan say\u0131s\u0131z kurulu\u015f Chikdos vir\u00fcs\u00fcn\u00fcn bula\u015ft\u0131\u011f\u0131 DDos sald\u0131r\u0131lar\u0131n\u0131n yay\u0131lmas\u0131na<\/strong> sebep olduklar\u0131 i\u00e7in \u00e7ok yak\u0131nda birer silaha d\u00f6n\u00fc\u015fm\u00fc\u015f olacak. <\/span><\/p>\n

\u0130lk olarak iki sene \u00f6nce Polonyal\u0131 siberg\u00fcvenlik g\u00f6revlileri taraf\u0131ndan tespit edilen bir Trojan son g\u00fcnlerde Chikdos vir\u00fcs\u00fc olarak pek \u00e7ok \u00fclkede g\u00f6r\u00fcld\u00fc. Symantec\u2019e g\u00f6re, sibersu\u00e7lular bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 DDoS sald\u0131r\u0131lar\u0131 i\u00e7in kullan\u0131yor. Sald\u0131rganlar MySQL veri taban\u0131 servisinin kullan\u0131c\u0131 tan\u0131ml\u0131 fonksiyonlar\u0131n\u0131 (UDF: User Defined Functions) zay\u0131flatma tekni\u011fini kullan\u0131yor. Sibersu\u00e7lular k\u00f6t\u00fc ama\u00e7l\u0131 UDF kod par\u00e7as\u0131n\u0131 bir kez i\u00e7eri yerle\u015ftirmeyi ba\u015far\u0131rlarsa, onu bir k\u00fct\u00fcphane dosyas\u0131 gibi \u00e7al\u0131\u015ft\u0131r\u0131p sunucu bant geni\u015fli\u011fini tehlikeli bir ara\u00e7 haline d\u00f6n\u00fc\u015ft\u00fcrebiliyorlar.<\/span><\/p>\n

Chikdos<\/strong> ge\u00e7mi\u015fte a\u00e7\u0131k kaynak Linux i\u015fletim sistemini kulanan<\/strong> sistemlerde kullan\u0131lmas\u0131na ra\u011fmen, iTWire\u2019a g\u00f6re sald\u0131rganlar Windows MySQL veri taban\u0131na yo\u011funla\u015fmakta. \u015eimdiye kadar tespit\u00a0edilen sald\u0131r\u0131lar\u0131n \u00e7o\u011fu Hollanda, Hindistan, Brezilya ve \u00c7in\u2019de ger\u00e7ekle\u015fmi\u015f olmakla birlikte, bunlardan en az bir tanesi Amerika\u2019da yer alan bir hosting sa\u011flay\u0131c\u0131y\u0131 hedef alm\u0131\u015f durumda.<\/span><\/p>\n

\"MySQL<\/a><\/p>\n

SecurityWeek\u2019in iddias\u0131na g\u00f6re MySQL veri tabanlar\u0131 Chikdos sald\u0131r\u0131lar\u0131<\/strong> i\u00e7in do\u011fal bir hedef olu\u015fturuyor. A\u00e7\u0131k kaynak olarak pek \u00e7ok kurulu\u015f taraf\u0131ndan kullan\u0131lan MySQL\u2019in zaten var olan zay\u0131fl\u0131klar\u0131n\u0131n DDoS sald\u0131r\u0131lar\u0131n\u0131n daha kolay ger\u00e7ekle\u015fmesine sebep olabilece\u011fi \u00f6ne s\u00fcr\u00fcl\u00fcyor. <\/span><\/p>\n

ComputerWorld\u2019e g\u00f6re, DDoS sald\u0131r\u0131s\u0131<\/strong> yapmak isteyen biri i\u00e7in en \u00f6nemli etkenlerden biri, geleneksel masa\u00fcstlerinden farkl\u0131 olarak MySQL sunucular\u0131n\u0131n \u00e7ok b\u00fcy\u00fck bant geni\u015fli\u011fine sahip olmas\u0131. Bu sald\u0131r\u0131lar\u0131n kurban\u0131 olmamak i\u00e7in en etkili yolun y\u00f6netsel haklar\u0131n kilitlenip en aza indirgenmesi ve SQL s\u0131zma sald\u0131r\u0131lar\u0131n\u0131n takip edilmesi oldu\u011fu ifade ediliyor.<\/span><\/p>\n

Softpedia\u2019n\u0131n bildirdi\u011fine g\u00f6re, MySQL veri taban\u0131 \u00e7al\u0131\u015ft\u0131ranlar Chikdos<\/strong> vir\u00fcs\u00fcn\u00fcn izini s\u00fcrmek i\u00e7in i\u015fe \\Lib\\, \\Lib\\plugin\\ ve \\Bin\\\u00a0dizinlerini kontrol ederek ba\u015flamal\u0131lar. E\u011fer geli\u015fig\u00fczel isimlendirilmi\u015f \u015f\u00fcpheli .dll dosyalar\u0131 g\u00f6r\u00fcrseniz, Trojan\u2019\u0131 kullanan sibersu\u00e7lulular \u00e7oktan sisteminize girmi\u015f demektir.<\/span> H\u0131zl\u0131 bir \u015fekilde hareket etmezseniz bir sonraki DDoS sald\u0131r\u0131 dalgas\u0131 sizi vurabilir.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

G\u00fcvenlik uzmanlar\u0131n\u0131n uyar\u0131lar\u0131na bak\u0131l\u0131rsa, MySQL veri taban\u0131 sunucular\u0131n\u0131 kullanan say\u0131s\u0131z kurulu\u015f Chikdos vir\u00fcs\u00fcn\u00fcn bula\u015ft\u0131\u011f\u0131 DDos sald\u0131r\u0131lar\u0131n\u0131n yay\u0131lmas\u0131na sebep olduklar\u0131 i\u00e7in \u00e7ok yak\u0131nda…<\/p>\n","protected":false},"author":3,"featured_media":5290,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5275","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5275","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5275"}],"version-history":[{"count":6,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5275\/revisions"}],"predecessor-version":[{"id":5293,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5275\/revisions\/5293"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5290"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5275"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5275"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5275"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}