Iwasen

Iwasen jimin cii

Mnenge u sha Ijingi i nengen shin injin

Shadowserver u ijingi i nengen shin injin ne statistics u tsembelee u u tesen tithi data u jimjim u Shadowserver ka a ngohol shi a tindi a min sha ityom i ayange ayange ken ripoti mba hemban 100 hanma iyange. Atihi a data la ka a wase u kaven mtenum u ken igbar ken won, mbamkor shio, u koron chio ga, mban u taha u ahumbe a lamenkua mvershima sha mtenum. data, u i tindi a min inja er ka uripoti, ka alu a vighe vighe u u IP u ibaver i gande gande sha ma ityo i ahumbe a lamen shin akaa a zough sha min yo. Shadowserver u ijingi i nengen shin injinun a faityo u nan imbyia ian ne nahan ga. saa di u nan statistics u gande gandeu tesen foto u akaa ne. Kwagh ne un a na mkavsha akaa a van a mchiem, mbamkor shio, atoakyaa van ior a mkav ken ajiir ase kpa geman duen a ma or ken igbar ga.

Ajiir a zuan a akaa man tags

Data u duen a min ka i zua a min hen ato wase sources man tags. Ape zuan a akaa yo ka ijiir i dedoo i kohol data sha anza anza. ajiir a zuan a akaa ne yo ka honeypot, population, scan, sinkhole. Iyengeior man foto u toon cii i zua ve ken atihi a data a foto gema iyenge ior yo ka utesen mkur u kwagh la ken igbar wa mkor shio ker ga/u timen sha kura iyol. 6 mkur u itii tile sha ityogh ki IPv6 data (akaa a i nyer a min a ikyav i mkur u itii la shio cii a yila a er IPv4 data).

pe zuan a tag un a faityo u lun ken mzough a mba seer van a gbenda sha ci u data u i tese un la. Ikyav i tesen, utag sha ci u scan un a faityo van a ufoto mba nyiar ato kposo kposo ( ka inja er, ityom eren/ukpetekpete mba akaav mba i nyiar ve foto inja er telnet, ftp man rdp). Utag sha ci u sinkhole un a tese pe mzeiyol u a zough sha ihyungwa i i tim ( ka vough er ijiir i ngohol akaazua a angev hen ma tsombor u nan mzeyol inja er adload, andromeda man necurs).

Utag ka ve seer nan mkav sha data u igbe won a min la

U seer shamin yoshi se seer van a gbenda paven atihi u seer wasen u nengen sha mkor shio shin ajiir a veren akaa - ikyav i tesen, http_vulnerable shin compromised_website. Kwagh ne un a faityo u lun a utag mba tesen u CVE mba mkor shio kpor kpor, mbateen kwagh shin ikyav mbi mbi zough a zayol shin kwaghoronu sha ihinda i ken jime, ikyar i jime ikyor webshells shin akaa a ken myer a i nenge a min yo. Ikyav i tesen sha http_vulnerable alu citrix or cve-2023-3519.

Kwagh u mase jime yo se seer akaa a wasen u nengen sha atihi a data wase nahan se seer zuan a utag. Kwagh ne tese er semba a igbenda i he i se faityo u tsuan yo. Ikyav i tesen, shin er snmp ka tag u alu sha pe zuan a akaa scan, mba feityo u tesen un er ka gbenda u zuan a akaa nahan. Kwagh ne ka a na se ian duen a uververmba snmp mba nyiar foto u ka na ian i nengen a snmp ufoto mba ve zough sha mkor shio inja er cve-2017-6736.

Mzough mba fese a data anza anza: Teran u yemen a kwagh ken Imese

Atihi a data a itese a la ka i va amain ijiir imom gbing vough er sha gbenda u timeihyungwa, foto u nyiar man ityegh ki iyough nahan. ka i samber a anza a atihi a data ne sha teran u yemen a akaa ken imese man hanmo na a ikiva i sha ijingi na.

Ishimaverenkeghen yo ka u wasen mlu u fele fele u ma source sha anza na. Ikyav i tesen:

  • Sinkholes - ka a na mkav sha sha atihi a data a i kohol sha gbenda u zuan a akaa sinkhole. U faityo u nengen a atam a tom u timeihyungwa sha u tsuan tag mom shin atihi a utag,
  • Scans - ka a na mkav u laa u atihia data a i kohol a sha gbenda u i zough a min la scan (u ngun ne ngu a kwagh u toon foto nan result sha ityom i kwagh u mkor u i a taver yo, u faityo u nengen a ingyeri uresult mba i nyiar foto ve yo sha u tsuan pe zuan a akaa population instead). Man u mase nengen a ma foto u nyiarresult sha u tsuan ma tag shin atihi a utag.
  • Honeypots - ka a na mkav u atihi data a i kohol a sha gbenda u i zough a min la honeypot. Man u faityo u nengen a ma result u ityegh ki iyough sha u tsuan ma tag shin atihi a utag.
  • DDoS - ka a na mkav u atihi a data a i kohol a sha gbenda u i zough a min la honeypot_ddos_amp. akaa a ngan a seer mtenum nja er DDoS a i nengen a a sha mfe ken ma tar/kpentar. U faityo u nengen a ma gbenda u i er tom yo sha u tsuan ma tag shin atihi autag.
  • ICS - ka a na mkav u atihi a data sha gbenda u i zough amin la ics (mban ka uresult mba i nyiar ve mba kpete kpete mba nengen sha kompani i tsuaa). Man u mase nengen a kpete kpete u tsuaa la sha u tsuan ma tag shin atihi a utag.
  • Web CVEs - ka a na mkav u atihi a data a ikohl a sha http_vulnerable man exchange. mban ka mbamkor shio mba ukper mba tesen tar mba i zough a ve ken foto u nyiar wase sha gbenda u CVE. U faityo u nengen a CVEs mban shin ikyav mbi mbi saa she yo sha u tsuan ma tag shin atihi a utagor.

A faityo u veren atihi a data mbela ker sha atihi atihi sha ityogh ki tar mom shin shin ityar.

Hanma tihi data yo i pase kwagh na sha gbenda ne nahan er “Kwagh u data ne”.

Ma u fe kwagh ne nahan wer atihi a data nga kpishi dugh mba i hembe ve hembe lun sha shi la. Ikyav i tesen, pe zuan a akaa beacon Un a nau ian u koroncio u kaven akaa a ken hemen a isor i ver yo C2s se nenge ufoto mba nyiar asev, man pe zuan a akaa compromised_website un a na u ian u koroncio a mbamkur mba mbamershaminga mba i nenge a min ken ufoto mba nyiar asev la.

Teran u sha u yemen a aka

Teran u hiden a akaa u ulu vegher sha la ka u wase u nengen a atoakyaa kposo kpososha mtese u data, man shi sha mnenge u nengen ikyav man u kaven mtenum u atihi a data.

Statistics u laa laa

Statistics u laa ngu a tahav mbu nengen sha hanma source and tag sha u tsuan:

  • World map - mkper u taregh u u alu tesen er tsua sources man tags. akaa a gen a i seer yo ka: mkorcio u bughun sha u tesen tag u alu can u nengen a min ga sha ityough ki tar sha ityough ki hanma gbenda u zuan a min,veren vough sha hanma iyenge ior,GDP, zua mba eren tom a min etc. U faityo u shi tsuan akav sha mkper la u tesen mlu mba hanma tar.
  • Region map -mkper u sha iaven i tar ka a teseshi a pav ityar ken upyaven man ajiir a hemen ior.
  • Comparison map - ka mkper u karen mlu u ityar ihyar.
  • Time series - chart i ilu tesen source and tag zuan akaa sha ashighe. Fa wer ka a na un ian u kohol atihi a data kposo kposo (ka sha ityough ki tar mom tso ga).
  • Visualization - ka ana otoaikyaa kpishi a timen nyoron shin atihi a data, man mba mlu mba injaa sha ashighe ashighe. ka a na ian i tesen udata sha utebul, uchart mba lun a teran, akaa akperan a lun er mbolo mbolo man ikpila i akaa a genegh.

IoTka kwagh u statistics (statistics u keren akaa)

Tihi data ne man akaa a azough sha a na a nengen sha akaa la ka a na mtee u foto kwa mom u duen a ikighir i tihiu kohl un sha u duen a mbateen akaa man akaa a teen ve a i zough a min sha gbenda u nyiar foto la. I pav data ker sha mlu mbateen, inja mlu na man inja i akaa a i er un amin la.Mba fe akaa ne sha igbenda kposo kposo, inja er akaa a alu ken itine ikper u nengen sha tar, takerada u tesen mye u ikyaren i SSL/TLS, ituta i ikende a i sha yo etc,Atihi a data la nga a data u iyenge ior ker tseegh tese er ma ikyaren imom ngi i er sha ciu mbamkor shio mba ve lu wegh sha mkur u i dugh a na ken igbar la ga. (u zuan a amba la yo, stua pe zuan aakaa inja er ikyav i tesen http_vulnerable sha “statistics u laalaa).

Uchart mba nengen kere mba lun er “Statistics u laa laa” mba ken igbar, mkposo ve yo u eren tom a sources man tags yo u faityo u bughun nengen (and group by) vendors, models man device types .

Numtan sha statistics: Mkor shio

Tihi data ne man akaa na a nengen kera la ka a na mtee u foto kwa mom hanma iyange sha mbamtenum mba i nenge a min sha akaa a nengen tsula a sha tsua iyough u sha ahumbe ase la, u hemban veren shima sha mbamkor shio mba i er tom a ve u vihin kwagh la. akaa na nga a iwasen u nengen sha ikyav mbi ka i taan num sha mbi hanma shighe la man u fan gbenda u ka va ta num sha mbi la ( ka shau fan mkorshio mba ka ve lu a CVE ui kav un la). U faityou shinengen a uchart sha gbenda u mbamtenum sha ve man shi ikighir ve.

Uchart mba nengen kera mba lun er “Statistics u laa laa” mba ken igbar, kpa mkposo ve di yo u eren tom a sources man tags u faityou nengen (and group byman shi kohol atihi atihi sha) vendor, vulnerability man sha source man destination mba inyum tan la.

Akaa a iseer sha mnenege u atoakyaa kposo-kposo a i lu kenger a yo:

Ngun ka tebul u he u akaa i vande fan a ne mkorshio a i kohol aken gbenda u zuan a akaa u IPs u nengen sha mte u i te num yo (shin mtenum u i nenge amin, aluer u tsua gbenda u nongon u zuan sha statistics la yo). Ka i zua a data sha akaa a nengen tsula a tsuaiyough u sha ahumbe ase. I pav data ker sha mkav u mbamtenum. ve yo ka CISA Mbamtenum mba i kav shi i fe kwagh ve man i sor ve i ver yo. (u seer shamin yo shin ka a inja u fan man kaven gbenda u tihi u ransomware) man shi shin mtenum sha kwagh u i yer er IoT la a sha akaa a nan mertom sha ahumbe.

A mzeyol shio yo mtese ken igbar u akaa a i tese la tese mbamkor shio mba i fa ve kpishi mba i kav kwagh ve sha tar wuee yo, kpa u faityo u shi tsaghen sha ityough ki ma tar shin koholtihi shin u faityo tesen tebul u ma kwagh u zaniyol.

Numtan sha statistics: Ankaam

Dataset man akaa kpishi a se eren tom a a sha u kenger a la na se foto u toon sha anza a akaa aa ate num sha ikyav mbi se nengen tsula sha tsuayough wase sha ahumbe la. Ihowecivin sha ikyav mbin cii mba eren un ka sha scan u ayange ayange. Dataset ne wasen sha u koron mba tan num ato kposo-kposo, a faityo u kasen ikyav mbi teen man akav a lu ikav i tesen la sha hanma tar.

Ato-aliam a lu kwaghmom er alu ken “General statistics” yo, mkposo ve yo tese er u eren tom a sources and tags u faityo u kenger (man shi veren sha ikpen ikpen sha mlu) mtenum type, device vendor or model instead.

Akaa a iseer sha mnenege u atoakyaa kposo-kposo a i lu kenger a yo:

U ngun ka table u akaa aa lu hen ato wase i due ami sha u fan akaa lu tan num sha ikyav mbi se nengen ami mbi mbi lu kposo sha ijiir i yer er IPs mkenger zumbee sha akaa atan num la (shin akaa atswam a i kenger, aluer u tsuwa akaa azuan aa lu aa anniongon sha atoakyaa a sha ikpilaakaa la yo). Datasets u i tese un hen ijiir ne cii i zua ami ka ken tsuayough wase u nengen akaa tsula sha ahumbe la. I ver ve sha ikpen-ikpen sha mlu mtenum ve er i nengen yo, akaa ateen man kav (aluer ngu yo). Se faityo u fan ikyav mbi i te num ambi la sha u karen mbi vea IPs sha u nengen a ureporti mbi ikyav mbi shonon hanma yange i inyiar ihowecivin yase yo (nenge sha “ikyav mbi IoT statistcs” hen tion na u alu her la.

Sha mlu u vough ga u i tese sha akaa a lu hen ato wase aa te num sha ikyav (ajiir a izough ambi la) er se nengen ite num sha mbi yo (shin sea kera faityo u duen a ikav i tesen ga je kpaa, u faityo u tesen ikav sha kwagh u teen). U faityo u tsuwan akaa kasen sha hanma ipaven atar shin sha ikpen-kpen er i due ami sha table u kwatakerada u akaa a zaniyol la nahan.

Mer u Shadowserver Dashboard or u yange nan hii un yo lu UK FCDO. IoT ankwagh ihyowe i chaghen statistics man zwaiyough statistics zua na inyaregh sha hemen u Europe ijiir i European Union (EU CEF VARIoT project).

Sar se pe nan akar ase a a wase a ishima imom sha data u i er tom a min ken Shadowserver ijingi i nengen shin injin la ishughun, kua (asange a abc sha adondo adondo) APNIC Community Feeds, Bitsight, CISPA, if-is.net, Kryptos Logic, SecurityScorecard, Ijiir i henen kwagh i vesen i tar u Yokohama man mba ve tsough er i de fe ve ga la chicha cii.

Shadowserver eren tom a cookies u kohol mbamher. Ka a wase se u karen nengen er i eren tom a ijiir ahumbe ne yo man shi seer mkav u mba eren tom a i. U seer zuan mkav sha cookies man er Shadowserver a eren tom a min yo, nenge sha privacy policy wase. Sar se a mkav wou u eren tom a cookies sha gbenda ne sha ikyagh ki tomough you.