Ukufana nokupakisha iipakethe , ukukhangela i-port , kunye nezinye "izixhobo zokukhusela", ukukhangela ukutshatyalaliswa kunokukunceda ukuba ukhusele inethwekhi yakho okanye ingasetyenziswa ngabantu ababi ukufumanisa ubuthathaka kwinkqubo yakho ukukhusela ukuhlaselwa. Ingcamango yokuba usebenzise ezi zixhobo ukuchonga nokulungisa lobuthathaka ngaphambi kokuba abantu ababi bawasebenzise.
Injongo yokuqhuba umtshini wokutshatyalaliswa kwingozi kukufumanisa iifowuni kwintanethi yakho evulelekileyo kubungozi obuthathaka. Iifayile ezihlukeneyo zifezekisa le njongo ngeendlela ezahlukeneyo. Abanye basebenza kangcono kunabanye.
Abanye banokukhangela iimpawu ezinjengeeRejista zokungena kwiinkqubo zolawulo ze-Microsoft Windows ukuchonga ukuba iqhosha elithile okanye uhlaziyo luye lwasetyenziswa. Abanye, ngokukodwa, i- Nessus , ngokwenene bazame ukuxhatshaza ubunzima kwisicatshulwa ngasinye kwisigxina kunokuba bathembele kwingcaciso yobhaliso.
U-Kevin Novak wenza uhlaziyo lwabahlalutyi bezentengiso kwi-Network Computing Magazine ngoJuni ka-2003. Nangona enye yeemveliso, uMbane oPhezulu, ubuye waphononongwa njenge-front-end ye-Nessus, iNessus ngokwayo ayizange ihlolwe ngqo kwimveliso yorhwebo. Cofa apha ukuze uthole iinkcukacha ezipheleleyo kunye neziphumo zokuhlaziywa: VA Scanners zikhomba iindawo zakho ezibuthathaka.
Omnye umcimbi kunye nabasemngciphekweni wokungcipheko yempembelelo yabo kwizixhobo abazitshekishayo. Ngakolunye uhlangothi, ufuna ukutshekisha ukuba ukwazi ukwenza ngasemva ngaphandle kokuchaphazela isixhobo. Ngakolunye uhlangothi, ufuna ukuqinisekiswa ukuba ukukhangela kuphelile. Ngokuqhelekileyo, ngenjongo yokwenza ingqiqo kwaye kuxhomekeke kwindlela umtshini oqokelela ngayo ulwazi lwakhe okanye uqinisekise ukuba ifowuni isengozini, ukukhwabanisa kunokunyanzelisa kwaye kubangele ukuphazamiseka kwenkqubo kunye nokutshatyalaliswa kwenkqubo kwisixhobo esicatshungulwayo.
Kukho inani leephakheji ezinokulinganiswa kakhulu zokuthengiswa kweentengiso eziquka i-Foundstone Professional, eEye Retina, kunye ne-SAINT. Ezi mveliso nazo zithatha itekethi enenani elifanelekileyo. Kulula ukulungelelanisa iindleko ezinikeziweyo ukhuseleko lwentengano olongezelelweyo kunye noxolo lwengqondo, kodwa iinkampani ezininzi azinalo uhlobo lwebhajethi olufunekayo kule mveliso.
Nangona kungengowona umgcini wezinto ezikhuselekileyo, iinkampani ezithembele ngokukodwa kwiimveliso ze-Microsoft Windows zingasebenzisa i- Microsoft Baseline Security Analyzer (MBSA) ngokukhululekileyo . I-MBSA izakuhlola inkqubo yakho kwaye ichonge ukuba kukho na iipatches ezingekho kwimveliso efana neenkqubo ze-Windows, i-Intanethi ye-Intanethi ye-Intanethi (IIS), iSQL Server, Exchange Server, i-Internet Explorer, iWindows Media Player kunye neMveliso ye-Microsoft Office. Kuye kwaba nemicimbi ethile kwixesha elidlulileyo kwaye kukho iziphambeko ezithile ngezihlandlo ze-MBSA-kodwa isixhobo sikhululekile kwaye ngokuqhelekileyo sinceda ekuqinisekiseni ukuba ezi mveliso kunye nezicelo zichanekile ngokuchasene nobunzima obwaziwayo. I-MBSA iya kukwazisa kwaye ikuxwayise ukuba ulahleke okanye iiphasiwedi ezinobuthakathaka kunye nezinye izinto zokuphepha ezifanayo.
I-Nessus imveliso evulekileyo kwaye ifumaneka ngokukhululekile. Nangona kukho i-graphical front-end inokufumaneka, umkhiqizo weNessus oyintloko ufuna i Linux / Unix ukuba isebenze. Umgca wukuthi i-Linux inokufumaneka kwiimpazamo zamahhala kunye ezininzi ze-Linux zineemfuno eziphantsi kweenkqubo ukuze kungabi nzima ukuba uthathe i-PC endala kwaye uyibeke njengeseva ye Linux. Abalawuli abasebenzisa ukusetyenziswa kwihlabathi leMicrosoft kuya kuba nekharityhulam yokufunda ukuze basebenzisane kwiinkqubo ze-Linux baze bafumane imveliso yeNessus efakwe.
Emva kokuba uqalise ukutshintshiswa kokuqala, uzakufuna ukuphumeza inkqubo yokujongana nokukhubazeka okuchongiweyo. Kwiimeko ezininzi, kuya kubakho iipatches okanye izibuyekezo ezikhoyo ukunyanga ingxaki. Ngamanye amaxesha kungakhathaliseki ukuba kusetyenziswe okanye ishishini lisizathu sokuba ungeke usebenzise isiqendu kwindawo yakho okanye umthengisi weemveliso zakho akanakudalula ukuhlaziywa okanye ipaki. Kuloo meko, kuya kufuneka uqwalasele iindlela ezingezinye zokunciphisa ingozi. Ungabhekisela kwiinkcukacha ezivela kwimithombo efana neSecunia okanye i-Bugtraq okanye i-US-CERT ukuchonga naziphi na iipropathi zokuvimba okanye iinkonzo zokuvalela oku kunokukunceda ekukhuseleni.
Ngaphezulu nangaphezulu ukwenza izilungiso eziqhelekileyo zesofthiwe ye-antivirus kunye nokusetyenziswa kweempawu ezifunekayo nakweyiphi na intsha engathintekiyo, kubulumko ukuphumeza ishedyuli yezicwangciso zokususelwa kwimiba ekhuselekileyo ukuze kuqinisekiswe ukuba akukho nto ilahlekile. Ukukhawulwa kweengcipheko zonyaka kunye nonyaka-nonyaka kungenza indlela ende ukuqinisekisa ukuba ubamba ubuthathaka kwinethiwekhi yakho phambi kokuba abantu ababi benze.
Ulungiswe nguAndy O'Donnell - ngoMeyi 2017