Esikhathini samanje sedijithali, ukuphepha kwe-inthanethi kubaluleke kakhulu. Ingxenye ebalulekile ekuvikeleni inethiwekhi yakho ekufinyeleleni okungagunyaziwe i-Intrusion Detection System (IDS). Lesi sihloko sizohlola i-IDS, ukuthi isebenza kanjani, nokuthi kungani ibalulekile ekuthuthukiseni ukuvikela ku-inthanethi.
Yini i-Intrusion Detection System (IDS)?
I-Intrusion Detection System (IDS) iyithuluzi lokuvikela eliqapha ithrafikhi yenethiwekhi futhi lihlonze umsebenzi ongagunyaziwe noma osolisayo. Isebenza ngokuhlaziya amaphakethe enethiwekhi futhi uwaqhathanise nesizindalwazi samasiginesha okuhlasela aziwayo noma amaphethini okuziphatha. Uma i-IDS ithola ukungenela okungaba khona, ingenza izexwayiso noma ithathe isinyathelo ukuze ivimbe umsebenzi osolisayo. Ama-IDS angaba asuselwa kunethiwekhi, aqaphe ithrafikhi yenethiwekhi, noma asuselwe kubasingathi, umsebenzi wokuqapha kumadivayisi angawodwana. Sekukonke, i-IDS idlala indima ebalulekile ekuhlonzeni nasekuvimbeleni izinsongo ze-inthanethi, isiza ukuvikela inethiwekhi yakho nedatha ebucayi.
Isebenza kanjani i-IDS?
I-Intrusion Detection System (IDS) isebenza ngokuqapha njalo ithrafikhi yenethiwekhi futhi iyihlaziyele noma yiziphi izimpawu zomsebenzi ongagunyaziwe noma osolisayo. Iqhathanisa amaphakethe enethiwekhi ngokumelene nesizindalwazi samasiginesha okuhlasela aziwayo noma amaphethini okuziphatha. Uma i-IDS ithola noma yimuphi umsebenzi ofana nalawa masiginesha noma amaphethini, ingakwazi ukukhiqiza izexwayiso ukwazisa umlawuli wenethiwekhi. Izexwayiso zingabandakanya ulwazi olumayelana nohlobo lokuhlasela, ikheli le-IP eliwumthombo, kanye nekheli le-IP eliqondiwe. Kwezinye izimo, i-IDS ingaphinda ivimbe umsebenzi osolisayo, njengokuvimba ikheli le-IP noma ukunqamula uxhumano. Sekukonke, i-IDS iyithuluzi elibalulekile le-cybersecurity njengoba isiza ukukhomba nokuvimbela izinsongo ze-inthanethi ezingaba khona, iqinisekise ukuphepha kwenethiwekhi yakho kanye nedatha ebucayi.
Izinhlobo ze-IDS: Isekelwe kunethiwekhi iqhathaniswa ne-Host-based.
Kunezinhlobo ezimbili eziyinhloko ze-Intrusion Detection Systems (IDS): i-IDS esekelwe kunethiwekhi kanye ne-IDS esekelwe kumsingathi.
I-IDS esuselwe kunethiwekhi iqapha futhi ihlaziye ithrafikhi yenethiwekhi nganoma yiziphi izimpawu zomsebenzi ongagunyaziwe noma osolisayo. Ingathola ukuhlaselwa okuqondise inethiwekhi iyonke, njengokuskena kwembobo, ukunqatshelwa kokuhlaselwa kwesevisi, noma imizamo yokusebenzisa ubungozi kumaphrothokholi enethiwekhi. Ama-IDS asekelwe kunethiwekhi ngokuvamile abekwa ezindaweni zamacebo kunethiwekhi, njengakumjikelezo noma ngaphakathi kwamasegimenti abalulekile, ukuze kuqashwe yonke ithrafikhi engenayo naphumayo.
Ngakolunye uhlangothi, i-IDS esuselwe kumsingathi igxila kubasingathi abangabodwana noma kumadivayisi angaphakathi kwenethiwekhi. Ingamela umsebenzi kumsingathi othile, njengeseva noma indawo yokusebenza, futhi ibheka noma yiziphi izimpawu zokufinyelela okungagunyaziwe noma ukuziphatha okunonya. Ama-IDS asekelwe kubasingathi angathola ukuhlaselwa okuqondile kumsingathi othile, njengokutheleleka nge-malware, izinguquko ezingagunyaziwe kumafayela esistimu, noma umsebenzi womsebenzisi osolisayo.
Ama-IDS asekelwe kunethiwekhi nasekelwe kubasingathi anezinzuzo futhi angaphelelisana ngesu eliphelele lokuphepha ku-inthanethi. Ama-IDS asekelwe kunethiwekhi ahlinzeka ngokubuka kwenethiwekhi okubanzi futhi angathola ukuhlasela okuqondise kubasingathi abaningi noma amadivayisi. Ngakolunye uhlangothi, ama-IDS asekelwe kubasingathi, ahlinzeka ngolwazi oluningiliziwe mayelana nomsebenzi owenziwa kubasingathi abangabodwana futhi angathola ukuhlasela okungenzeka kungabonakali ezingeni lenethiwekhi.
Ngokusebenzisa zombili izinhlobo zama-IDS, izinhlangano zingathuthukisa ukuvikela kwazo ku-inthanethi futhi zithole kangcono futhi zinqande ukufinyelela okungagunyaziwe kunethiwekhi yazo.
Izinzuzo zokusebenzisa i-IDS.
Ukusebenzisa Uhlelo Lokuthola I-Intrusion Detection (IDS) kunganikeza izinzuzo ezimbalwa ezinhlanganweni ezifuna ukuthuthukisa ukuzivikela kwazo ku-cybersecurity.
Firstly, an IDS can help detect and prevent unauthorized access to the network. By monitoring network traffic or individual hosts, an IDS can identify suspicious or malicious activity and alert the organization to threats. This early detection can help prevent data breaches, unauthorized access to sensitive information, or the spread of malware within the network.
Okwesibili, i-IDS inganikeza imininingwane ebalulekile ezinhlotsheni zokuhlasela nokuba sengozini okuqondiswe kunethiwekhi yenhlangano. Ngokuhlaziya amaphethini namasignesha okuhlasela okutholiwe, izinhlangano zingaqonda kangcono ubuthakathaka benethiwekhi yazo futhi zithathe izinyathelo ezisheshayo zokuqinisa izinyathelo zazo zokuphepha.
Ukwengeza, i-IDS ingasiza ekuphenduleni isigameko kanye nophenyo lwe-forensic. Uma kwenzeka isigameko sokuvikeleka, i-IDS inganikeza amalogi anemininingwane nolwazi mayelana nokuhlasela, isize izinhlangano zihlonze umthombo, zihlole umthelela, futhi zenze izinyathelo ezifanele ukunciphisa umonakalo.
Ngaphezu kwalokho, ukusebenzisa i-IDS kungasiza izinhlangano ukuthi zithobelane nezidingo zokulawula kanye namazinga omkhakha. Imithetho nezinhlaka eziningi, njenge-Payment Card Industry Data Security Standard (PCI DSS) noma i-Health Insurance Portability and Accountability Act (HIPAA), idinga ukuthi izinhlangano zibe nekhono lokubona ngokugxambukela ukuze zivikele idatha ebucayi.
Sekukonke, i-IDS iyingxenye ebalulekile yesu eliphelele le-cybersecurity. I-IDS ingathuthukisa kakhulu ukuvikela kwe-cybersecurity yenhlangano ngokuthola nokuvimbela ukufinyelela okungagunyaziwe kunethiwekhi, inikeze imininingwane ngobungozi, isize ekuphenduleni isigameko, kanye nokuqinisekisa ukuthobela imithetho.
Imikhuba engcono kakhulu yokulungisa nokuphatha i-IDS.
Ukulungisa nokuphatha i-Intrusion Detection System (IDS) kudinga ukuhlela okucophelelayo nokuqaliswa ukuqinisekisa ukusebenza kahle kwayo ekutholeni nasekuvimbeleni ukufinyelela okungagunyaziwe kunethiwekhi yakho. Nazi izinqubo ezingcono kakhulu okufanele uzicabangele:
1. Chaza izinhloso ezicacile: Ngaphambi kokusebenzisa i-IDS, chaza ngokucacile izinjongo zenhlangano yakho kanye nalokho ofuna ukukuzuza ngohlelo. Lokhu kuzosiza ukuqondisa izinqumo zakho zokucushwa nokuphatha.
2. Hlaziya njalo amasiginesha: I-IDS incike kumasiginesha ukuze ithole izinsongo ezaziwayo. Kubalulekile ukubuyekeza njalo lawa masignesha ukuze uhlale unolwazi lwakamuva ngezinsongo zakamuva nokuba sengozini. Cabangela ukuzenzela inqubo yokubuyekeza ukuze uqinisekise izibuyekezo ezifika ngesikhathi.
3. Yenza ngokwezifiso imithetho nezixwayiso: Hlela imithetho ye-IDS nezixwayiso ukuze zifane nezidingo eziqondile zenhlangano yakho nendawo yenethiwekhi. Lokhu kuzosiza ekunciphiseni ukuhlehlisa okungamanga futhi kugxile ezinsongweni ezifanele kakhulu.
4. Qapha futhi uhlaziye izexwayiso: Qaphela futhi uhlaziye izexwayiso ezikhiqizwa i-IDS. Lokhu kuzosiza ukukhomba amaphethini, izitayela, kanye nezigameko ezingaba zokuphepha. Sebenzisa uhlelo lokugawula nokuhlaziya oluphakathi nendawo ukuze wenze le nqubo ibe lula.
5. Yenza ukuhlolwa okujwayelekile kokuba sengozini: Hlola njalo inethiwekhi yakho ukuze uthole ubungozi kanye nobuthakathaka. Sebenzisa imininingwane ezuzwe kulokhu kuhlola ukuze ulungise kahle ukulungiselelwa kwe-IDS yakho futhi ubeke phambili izinyathelo zokuphepha.
6. Hlanganyela namanye amathuluzi okuvikela: Hlanganisa i-ID yakho namanye amathuluzi okuvikela, njengama-firewall nesofthiwe yokuvikela amagciwane, ukuze udale isu lokuvikela elinezingqimba. Lokhu kubambisana kungathuthukisa ukusebenza kahle kukonke kokuvikela kwakho ku-inthanethi.
7. Qeqesha futhi ufundise abasebenzi: Qinisekisa ukuthi abasebenzi bakho be-IT abanomthwalo wemfanelo wokuphatha i-IDS baqeqeshwe ngokufanelekile futhi bafundiswe ngamakhono nezindlela zabo ezihamba phambili. Lokhu kuzosiza ukukhulisa amandla esistimu futhi kuqinisekise ukuphathwa okusebenzayo.
8. Yenza ukucwaninga kwamabhuku okuvamile: Yenza ucwaningo lwezikhathi ezithile lokucushwa kwe-IDS yakho kanye nezinqubo zokuphatha ukuze ubone noma yiziphi izikhala noma izindawo okufanele zithuthukiswe. Lokhu kuzosiza ukugcina ukusebenza kahle kwesistimu futhi kuzivumelanise nezinsongo ezivelayo.
9. Hlala unolwazi mayelana nezinsongo ezivelayo: Hlala unolwazi mayelana namathrendi akamuva okuphepha ku-inthanethi, ubungozi, namasu okuhlasela. Lolu lwazi luzokusiza ukuthi ulungise ngokushesha ukulungiselelwa kwe-IDS yakho namasu okuphatha ukuze ubhekane nezinsongo ezivelayo.
10. Continuously evaluate and improve: Regularly assess your IDS’s performance and effectiveness. Use metrics and feedback to identify areas for improvement and implement necessary changes to enhance your cybersecurity defenses.
Ngokulandela lezi zinqubo ezihamba phambili, ungakwazi ukuthuthukisa ukucushwa nokuphathwa kwe-ID yakho, uqinisekisa ukuthi idlala indima ebalulekile ekutholeni nasekuvimbeleni ukufinyelela okungagunyaziwe kunethiwekhi yakho.
Ungazi kanjani uma i-hacker ikunethiwekhi yakho yasekhaya noma yebhizinisi?
Iningi izinhlangano thola sekwephuzile kakhulu ukuthi babekwe engcupheni. Inkampani entshontshiwe ivamise ukwaziswa ngokwephula kwayo inkampani yangaphandle. Kodwa-ke, abanye kungenzeka bangalokothi baziswe futhi bathole ngemuva kokuthi othile emndenini wabo noma ibhizinisi webe ubunikazi babo. Umcabango okhona uthi a hacker uzongena. Ngakho-ke, uzokwazi kanjani noma uthole kanjani ukuthi bengena?
Nakhu okunye ukwephulwa komthetho okukhulu okwenzeke kumabhizinisi azimele nohulumeni
- I-Equifax: Izigebengu ze-Cybercriminal zingene ku-Equifax (EFX), enye yezikhungo ezinkulu zezikweletu, ngoJulayi futhi zeba idatha yomuntu siqu yabantu abayizigidi ezingu-145. Kubhekwe njengokwephulwa kwemithetho embi kakhulu eyake yaba khona ngenxa yolwazi olubucayi oludaluliwe, okuhlanganisa nezinombolo Zokuvikeleka Komphakathi.
- Ibhomu le-Yahoo: Inkampani engumzali i-Verizon (VZ) yamemezela ngo-Okthoba ukuthi wonke ama-akhawunti e-Yahoo angu-3 bhiliyoni agqekeziwe ngo-2013 - okuphindwe kathathu kunalokho okwakucatshangwa kuqala.
- Amathuluzi Kahulumeni Aputshuziwe: Ngo-Ephreli, iqembu elingaziwa elibizwa ngokuthi i-Shadow Brokers liveze uchungechunge lwamathuluzi okugebenga okukholakala ukuthi angawe-National Security Agency.
Amathuluzi avumela abaduni ukuthi bafake engcupheni amaseva e-Windows ahlukahlukene nezinhlelo zokusebenza, okuhlanganisa i-Windows 7 ne-8. - WannaCry: WannaCry, which spanned over 150 countries, leveraged some of the leaked NSA tools. In May, ransomware targeted businesses that were running outdated Windows software and locked down computer systems. The hackers behind WannaCry demanded money to unlock files. As a result, more than 300,000 machines were hit across numerous industries, including healthcare and car companies.
- I-NotPetya: NgoJuni, igciwane lekhompyutha i-NotPetya laliqondise amabhizinisi ase-Ukraine lisebenzisa isofthiwe yentela esengozini. Uhlelo olungayilungele ikhompuyutha lusabalele ezinkampanini ezinkulu zomhlaba, ezihlanganisa i-FedEx, isikhungo sokukhangisa saseBrithani i-WPP, isikhondlakhondla sikawoyela negesi saseRussia i-Rosneft, kanye nenkampani yemikhumbi yase-Danish i-Maersk.
- Unogwaja Omubi: Omunye umkhankaso omkhulu we-ransomware, Unogwaja Omubi, ungene emakhompuyutheni ngokuzenza isifaki se-Adobe Flash kumawebhusayithi wezindaba nabezindaba izigebengu eziwafake engozini. Lapho i-ransomware ithelele umshini, yaskena inethiwekhi ukuze ithole amafolda abelwe anamagama ajwayelekile futhi yazama ukuntshontsha imininingwane yabasebenzisi ukuze ingene kwamanye amakhompyutha.
- Amarekhodi Abavoti Ayadalulwa: NgoJuni, umcwaningi wezokuphepha wathola amarekhodi abavoti acishe abe yizigidi ezingama-200 adalulwe ku-inthanethi ngemuva kokuthi inkampani yedatha ye-GOP ilungise kabi isilungiselelo sezokuphepha kusevisi yayo yokugcina amafu e-Amazon.
- Hacks Target School Districts: In October, the U.S. Department of Education warned teachers, parents, and K-12 education staff about a cyberthreat that targeted school districts nationwide.
- An Uber Coverup: In 2016, hackers stole data from 57 million Uber customers, and the company paid them $100,000 to cover it up. The breach wasn’t made public until this November when new Uber CEO Dara Khosrowshahi revealed it.
- Ngesikhathi kuphulwa uTarget ngo-2013, bathi abahlaseli bacathamela amanethiwekhi abo izinyanga bengazi.
- Ngenkathi i-infoSec RSA yephulwa ngo-2011, kwabikwa ukuthi abagebengu bacathamela inethiwekhi yabo isikhathi eside, kodwa kwaze kwashaya isikhathi lapho bethola khona.
- When the Office of Personal Management (OPM) was breached, the personal records of 22 million people exposed their sensitive information, which they couldn’t find until it was too late.
- I-Bangladesh yephule umthetho futhi yalahlekelwa izigidi ezingu-80, futhi abaduni bathola imali eyengeziwe ngoba benze iphutha lokuthayipha elibanjwe.
Kunokuphulwa okuningi okwengeziwe lapho abaduni bengatholwanga khona
Kungakuthatha isikhathi esingakanani wena noma inkampani yakho ukuthola ukuthi umgebengu we-inthanethi wephule inethiwekhi yakho efuna ukweba ibhizinisi lakho noma ulwazi lomuntu siqu? Ngokuvumelana ne FireEye, in 2019, the median time from compromise to discovery was cut by 59 days, down from 205 days. It is still a very long time for a hacker to get in and steal your data.
Umbiko ofanayo ovela FireEye highlighted new trends for 2019, in which hackers are causing significant disruptions. They disrupt businesses, steal personally identifiable information, and attack routers and switches. I believe this new trend will continue into the foreseeable future.
Izinkampani Kufanele Ziqale Ukugxila Ekutholeni:
Abantu abaningi kakhulu nezinkampani zincike ekuvimbeleni nasekungatholakalini. Asikwazi ukuqinisekisa ukuthi i-hacker ayikwazi noma ngeke igqekeze uhlelo lwakho. Kuzokwenzekani uma bengangena kumklamo wakho? Uzokwazi kanjani ukuthi bakusistimu yakho? Yilapho i-Cyber Security Consulting Ops ingasiza inethiwekhi yakho yasekhaya noma yebhizinisi ukuthi isebenzise amasu amahle okuthola angasiza ekutholeni izivakashi ezingafunwa kusistimu yakho. KUMELE siguqule ukugxila kwethu kukho kokubili ukuvimbela nokutholwa. Ukutholwa Kokungenela kungachazwa ngokuthi “…isenzo sokuthola izenzo ezizama ukufaka engozini ubumfihlo, ubuqotho, noma ukutholakala kwensiza. Ukutholwa kokungenela kuhloswe ukukhomba amabhizinisi azama ukuketula izilawuli zokuphepha zasendaweni. Izimpahla kufanele zisetshenziswe njengesiyengo sokuyenga nokulandelela amabhizinisi amabi ukuze axwayiswe kusenesikhathi.
Kumelwe ngisho ukuthi unezindatshana zekhwalithi ye-hi lapha. Ibhulogi yakho
ingaya ngegciwane. Udinga ukuthuthukiswa kokuqala kuphela. Ungayithola kanjani? Cinga; I-Miftolo's
amathuluzi abe negciwane
Siyabonga