{"id":13688,"date":"2022-04-20T15:30:03","date_gmt":"2022-04-20T12:30:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=13688"},"modified":"2022-04-20T15:30:03","modified_gmt":"2022-04-20T12:30:03","slug":"hackerlarin-vpn-kontaklarini-izleyebildikleri-acik","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=13688","title":{"rendered":"Hackerlar&#8217;\u0131n VPN Kontaklar\u0131n\u0131 \u0130zleyebildikleri A\u00e7\u0131k"},"content":{"rendered":"<p>Ara\u015ft\u0131rmac\u0131lar, Linux, Android, macOS ve ba\u015fka Unix tabanl\u0131 i\u015fletim sistemlerini etkileyen ve hacker&#39;lar\u0131n\u00a0<strong>VPN temaslar\u0131n\u0131<\/strong>\u00a0izleyebildikleri bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 oldu\u011funu ortaya koydu. Unix tabanl\u0131 i\u015fletim sistemlerinde g\u00f6r\u00fcnen a\u00e7\u0131k, a\u011f y\u0131\u011f\u0131nlar\u0131nda g\u00f6r\u00fcl\u00fcyor ve beklenmedik a\u011f paketi izlemelerine m\u00fcsaade veriyor.<\/p>\n<p>Ara\u015ft\u0131rma tak\u0131m\u0131na nazaran, sald\u0131rganlar ayg\u0131tlar\u0131 izlemek ve kullan\u0131c\u0131lar\u0131n <strong>VPN irtibat durumu<\/strong> hakk\u0131nda \u00e7e\u015fitli detaylar\u0131 ke\u015ffetmek i\u00e7in bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kullanabilir. Hacker&#39;lar bir eri\u015fim noktas\u0131ndan, router&#39;dan yahut t\u0131pk\u0131 a\u011f \u00fczerinden\u00a0sald\u0131rarak,\u00a0kullan\u0131c\u0131lar\u0131n VPN&#39;e ba\u011fl\u0131 olup olmad\u0131\u011f\u0131n\u0131, VPN sunucusu taraf\u0131ndan atanm\u0131\u015f olan sanal IP adreslerini ve\u00a0belirli bir web sitesine etkin bir temas\u0131 olmad\u0131\u011f\u0131n\u0131 belirleyebiliyor.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/33\/5cc5967fa26cbe35c58585105935446a469c1b3e.jpeg\"\/><\/p>\n<p>New Mexico \u00dcniversitesi&#39;ndeki Breakpointing Bad ara\u015ft\u0131rma grubunun \u00fc\u00e7 \u00fcyesinden biri olan William J. Tolley, <em>&#8220;Bu a\u00e7\u0131k, TCP ak\u0131\u015f\u0131na data s\u0131zd\u0131rmam\u0131za ve irtibatlar\u0131 koparmam\u0131za m\u00fcsaade veriyor&#8221;<\/em> dedi.\u00a0Ekip, a\u015fa\u011f\u0131daki i\u015fletim sistemlerinde g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 test edip kullanabildiklerini\u00a0belirtiyor:<\/p>\n<ul>\n<li>Ubuntu 19.10 (systemd)<\/li>\n<li>Fedora (systemd)<\/li>\n<li>Debian 10.2 (systemd)<\/li>\n<li>Arch 2019.05 (systemd)<\/li>\n<li>Manjaro 18.1.1 (systemd)<\/li>\n<li>Devuan (sysV init)<\/li>\n<li>MX Linux 19 (Mepis+antiX)<\/li>\n<li>Void Linux (runit)<\/li>\n<li>Slackware 14.2 (rc.d)<\/li>\n<li>Deepin (rc.d)<\/li>\n<li>FreeBSD (rc.d)<\/li>\n<li>OpenBSD (rc.d)<\/li>\n<\/ul>\n<p>G\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan\u00a0Android ve macOS \u00fczere \u00f6teki <strong>Unix tabanl\u0131<\/strong> i\u015fletim sistemleri de etkileniyor. Ara\u015ft\u0131rma tak\u0131m\u0131, taarruzlar\u0131n\u0131n OpenVPN, WireGuard ve IKEv2\/IPSec \u00fczere VPN teknolojilerinde i\u015fe yarad\u0131\u011f\u0131n\u0131 ve muhtemelen ba\u015fka hizmetlerde de kullan\u0131labilece\u011fini s\u00f6yledi.<\/p>\n<p>Yap\u0131lan a\u00e7\u0131klamalara cevaben,\u00a0a\u00e7\u0131k kaynakl\u0131 WireGuard VPN&#39;in yarat\u0131c\u0131s\u0131 Jason A. Donenfeld, <em>&#8220;Bu bir WireGuard g\u00fcvenlik a\u00e7\u0131\u011f\u0131 de\u011fil. Etkilenen i\u015fletim sistemlerinde y\u00f6nlendirme tablosu kodundan ve\/veya TCP kodundan kaynaklan\u0131yor. Temel olarak en yayg\u0131n Unix a\u011f y\u0131\u011f\u0131nlar\u0131n\u0131 etkiliyor \u00fczere g\u00f6r\u00fcn\u00fcyor&#8221;<\/em> a\u00e7\u0131klamas\u0131n\u0131 yapt\u0131.<\/p>\n<p>Donenfeld, CVE-2019-12899 olarak tan\u0131mlanan a\u00e7\u0131\u011f\u0131n &#8220;g\u00fczel bir a\u00e7\u0131k&#8221; olarak nitelendirirken, Amazon Web Hizmetleri m\u00fchendisi ve Apache HTTPd geli\u015ftirme tak\u0131m\u0131n\u0131n \u00fcyesi Colm MacC\u00e1rthaigh sald\u0131r\u0131y\u0131 &#8220;\u00e7ok etkileyici&#8221; olarak yorumlad\u0131.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Ara\u015ft\u0131rmac\u0131lar, Linux, Android, macOS ve ba\u015fka Unix tabanl\u0131 i\u015fletim sistemlerini etkileyen ve hacker&#39;lar\u0131n\u00a0VPN temaslar\u0131n\u0131\u00a0izleyebildikleri &#8230;<\/p>\n","protected":false},"author":1,"featured_media":13689,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[1533,2843,1399],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/13688"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=13688"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/13688\/revisions"}],"predecessor-version":[{"id":13690,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/13688\/revisions\/13690"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/13689"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=13688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=13688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=13688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}