- إنضم
- 27 يوليو 2011
- المشاركات
- 241
- التفاعل
ﻗﺪ ﻳﺒﺪﻭﺍ ﻋﻨﻮﺍﻥ ﺍﻟﻤﻮﺿﻮﻉ ﺧﻴﺎﻟﻴﺎ..
ﻟﻜﻦ ﺍﻟﻮﺍﻗﻊ-ﻓﻲ ﻇﻞ ﺍﻟﺜﻮﺭﺓ ﺍﻟﺘﻲ
ﺃﺣﺪﺛﺘﻬﺎ ﺇﻧﺘﺮﻧﺖ-ﻳﺘﺠﺎﻭﺯ ﺍﻟﺨﻴﺎﻝ ﺑﻤﺮﺍﺣﻞ..
ﻣﺎﻫﻲ ﺍﻵﺛﺎﺭ ﺍﻟﻤﺪﻣﺮﺓ ﺍﻟﻤﻤﻜﻨﺔ ﻟﻬﺠﻮﻡ
ﺇﻟﻜﺘﺮﻭﻧﻲ ﺿﺪ ﻣﻔﺎﻋﻞ ﻧﻮﻭﻱ؟ ﻭ ﻫﻞ
ﻳﻤﻜﻦ ﺣﻘﺎ ﺍﺧﺘﺮﺍﻕ ﺍﻟﻨﻈﺎﻡ ﺍﻹﻟﻜﺘﻮﻧﻲ
ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ ﺑﻌﻤﻠﻴﺔsocial
؟ engineering
ﺍﻟﺒﺎﺭﺣﺔ ﻓﻲ ﻣﺆﺗﻤﺮRSA 2008ﺗﻤﺖ
ﻣﻨﺎﻗﺸﺔ ﻫﺬﺍ ﺍﻟﻤﻮﺿﻮﻉ ﺗﺤﺪﻳﺪﺍ!
http://
www.rsaconference.com/2008/
US/home.aspx
http://en.wikipedia.org/wiki/
RSA_Conference
ﻭ ﻣﺪﺍﺧﻠﺔ ﺃﺣﺪ ﺃﺑﺮﺯ ﺍﻟﺨﺒﺮﺍﺀ ﻓﻲ ﺍﻟﻤﻴﺪﺍﻥ
ﺳﻠﻄﺖ ﺍﻟﻀﻮﺀ ﻋﻠﻰ ﺃﺣﺪ ﺍﻟﻤﺸﺎﻛﻞ
ﺍﻟﺴﺎﺧﻨﺔ ﻓﻲ ﻋﺼﺮ ﺍﻹﻧﺘﺮﻧﺖ:ﺍﻟﺤﻤﺎﻳﺔ
ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻟﻠﻤﻨﺸﺂﺕ ﺍﻟﺼﻨﺎﻋﻴﺔ!
Ira Winklerﺍﻟﻤﺪﻳﺮ ﺍﻟﻌﺎﻡ ﻟﺸﺮﻛﺔ
ISAG
http://www.isag.com/
index.html
ﺃﺑﺮﺯ ﺍﻟﺒﺎﺭﺣﺔ ﻟﺠﻤﻬﻮﺭSan Francisco
ﻛﻴﻔﻴﺔ ﺍﺧﺘﺮﺍﻕ ﺍﻟﻨﻈﺎﻡ ﺍﻹﻟﻜﺘﺮﻭﻧﻲ
ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ!
ﺣﺴﺐ ﺍﻟﺨﺒﻴﺮ ﻓﺈﻧﻪ ﻣﻦ ﺍﻟﺴﻬﻮﻟﺔ
"ﺍﻟﻤﺮﻋﺒﺔ"ﺇﻣﻜﺎﻧﻴﺔ ﺍﺧﺘﺮﺍﻕ ﺳﻴﺮﻓﺮﺍﺕ
ﺍﻟﺘﺤﻜﻢ ﻭ ﺍﻟﺴﻴﻄﺮﺓ ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ ﻋﺒﺮ
ﺧﻄﻮﺍﺕ ﻭ ﻣﺮﺍﺣﻞ ﻗﻠﻴﻠﺔ!
ﻧﻔﺲlerﻳﺆﻛﺪ ﺃﻧﻪ ﺗﻤﻜﻦ ﻋﺪﺓ ﻣﺮﺍﺕ ﻣﻦ
ﺍﺧﺘﺮﺍﻕ ﺃﺣﺪ ﻫﺬﻩ ﺍﻷﻧﻈﻤﺔ:
http://
www.internetevolution.com/
author.asp?doc_id
=136047&f_src=drnewsalert
ﺍﻟﺨﻄﻮﺓ ﺍﻷﻭﻟﻰ ﺍﻟﻤﻮﺿﺤﺔ:
http://
www.news.com/8301-10784_
3-9914896-7.html?
part=rss&subj=news&tag=2547
-1001_3-0-5
ﺗﺘﻤﺜﻞ ﻓﻲ ﺇﻧﺸﺎﺀweb serverﻳﻘﻮﻡ
ﺑﺘﺜﺒﻴﺖ ﺑﺮﺍﻣﺞ ﺗﺠﺴﺴﺲ ﻓﻲ ﺃﺟﻬﺰﺓ
ﺯﺍﺋﺮﻳﻪ!
ﻓﻲ ﺍﻟﻤﺮﺣﻠﺔ ﺍﻟﻤﻮﺍﻟﻴﺔ ﻳﻘﻮﻡ ﺍﻟﻤﻬﺎﺟﻢ
ﺑﻌﻤﻠﻴﺔsocial engineering
ﻓﻌﻠﻴﺔ..ﻋﻦ ﻃﺮﻳﻖ ﺇﺭﺳﺎﻝ ﺳﻴﻞ ﻣﻦ
ﺭﺳﺎﺋﻞ ﺍﻟﺒﺮﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﻧﻲ ﻟﻤﻮﻇﻔﻲ
ﺍﻟﻤﻔﺎﻋﻞ ﺍﻟﻨﻮﻭﻱ..ﺭﺳﺎﺋﻞ ﺗﺤﺘﻮﻱ ﻋﻠﻰ
hyperlinkﻝspywareﺍﻝweb
! server
ﺍﻟﻤﺮﺣﻠﺔ ﺍﻷﺧﻴﺮﺓ ﻫﻲ ﺑﺒﺴﺎﻃﺔ ﺍﻧﺘﻈﺎﺭ
ﺍﻧﺘﺸﺎﺭ ﺍﻟﻌﺪﻭﻯ!
Winklerﻳﺆﻛﺪ ﺃﻥ ﺍﻟﻄﺮﻳﻘﺔ ﺍﻟﻤﻮﺿﺤﺔ
ﺟﺮﺑﺖ ﻋﺪﺓ ﻣﺮﺍﺕ ﻭ ﺃﻧﻬﺎ ﺗﻨﺘﺞ ﻏﺎﻟﺒﺎ
ﺍﻹﺧﺘﺮﺍﻕ ﺍﻟﺘﺎﻡ ﻟﻠﻨﻈﺎﻡ ﺍﻟﻬﺪﻑ!
ﻣﻤﺎ ﻳﻌﻨﻲ ﺃﻥ ﺍﻟﻤﻬﺎﺟﻢ ﻳﻤﻜﻨﻪ ﺍﻟﻮﺻﻮﻝ
ﺑﺒﺴﺎﻃﺔ ﺇﻟﻰ ﺗﺴﺠﻴﻞ ﻧﺴﺦ ﻣﻦ ﺷﺎﺷﺎﺕ
ﻭ ﺃﻧﻈﻤﺔ ﺍﻟﺘﺤﻜﻢ ﺩﻭﺭﻳﺎ ﺛﻢ ﺑﺎﻟﺘﺎﻟﻲ
ﺍﻟﺴﻴﻄﺮﺓ ﻋﻠﻴﻬﺎ!
ﺧﻮﻑ ﺍﻷﺟﻬﺰﺓ ﺍﻻﺳﺘﺨﺒﺎﺭﺍﺗﻴﺔ ﺍﻟﻐﺮﺑﻴﺔ ﻣﻦ
ﻫﺠﻮﻡ ﺇﻟﻜﺘﺮﻭﻧﻲ ﺿﺪ ﻣﻔﺎﻋﻼﺕ ﻧﻮﻭﻳﺔ
ﻳﻠﻘﻰ ﺻﺪﻯ ﻭﺍﺳﻌﺎ ﻟﺪﻯ ﺧﺒﺮﺍﺀ ﺍﻟﻤﻴﺪﺍﻥ!
ﻭ ﻣﺎ ﻳﺰﻳﺪ ﻣﻦ ﺧﻮﻓﻬﻢ ﺳﺮﻋﺔ ﺍﻻﺧﺘﺮﺍﻕ
ﺍﻟﺬﻱ ﺗﻢ!
Winklerﻳﺆﻛﺪ ﺃﻥ ﺍﻟﺘﺤﻀﻴﺮ ﻟﻠﻬﺠﻮﻡ
ﻣﻤﻜﻦ ﺃﻥ ﻳﺴﺘﻐﺮﻕ ﻳﻮﻣﺎ..ﺑﻴﻨﻤﺎ ﺍﻹﺧﺘﺮﺍﻕ
ﺍﻟﻔﻌﻠﻲ ﻣﻤﻜﻦ ﺇﺗﻤﺎﻣﻪ ﻓﻲ ﺩﻗﺎﺋﻖ
ﻣﻌﺪﻭﺩﺓ!
ﻣﻦ ﺍﻟﺒﺪﻳﻬﻲ ﺃﻥ ﺃﺟﻬﺰﺓ ﺍﻟﺘﺤﻜﻢ ﻓﻲ
ﺍﻟﻤﻔﺎﻋﻼﺕ ﺍﻟﻨﻮﻭﻳﺔ ﻟﺪﻳﻬﺎ ﺃﻧﻈﻤﺔ ﺣﻤﺎﻳﺔ
ﻣﺘﻄﻮﺭﺓ..ﻟﻜﻦ ﻏﺎﻟﺒﺎ ﻣﺎ ﺗﻜﻮﻥ
ﺍﻟﺴﻴﺮﻓﻴﺮﺍﺕ ﻧﻔﺴﻬﺎ ﻣﺠﻬﺰﺓ ﺏ
Windows NTﻭ ﺗﺴﺘﻄﻴﻊ ﺍﻻﺭﺗﺒﺎﻁ
ﺑﺎﻹﻧﺘﺮﻧﺖ ﻣﺜﻞ ﺃﻱ ﺟﻬﺎﺯ ﻛﻤﺒﻴﻮﺗﺮ ﻣﻨﺰﻟﻲ!
ﺧﺒﻴﺮ ﺍﻟﺴﻼﻣﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺗﻴﺔ ﺃﺷﺎﺭ ﻓﻲ
ﻧﻬﺎﻳﺔ ﺑﺤﺜﻪ ﺇﻟﻰ ﺷﺮﻳﻂ ﻓﻴﺪﻳﻮ ﻳﻮﺿﺢ
ﺧﻄﻮﺭﺓ ﻫﺠﻮﻡ ﺇﻟﻜﺘﺮﻭﻧﻲ ﻋﻠﻰ ﻣﻔﺎﻋﻞ
ﻧﻮﻭﻱ)..ﻭ ﺍﻟﻤﻀﺤﻚ ﻓﻲ ﻫﺬﺍ ﺍﻟﺴﻴﺎﻕ
ﺃﻥ ﺍﻟﺸﺮﻳﻂ ﺣﺬﻑ ﻣﻦyoutubeﻋﻠﻰ
ﻣﺎ ﻳﺒﺪﻭﺍ..ﻣﻤﺎ ﻳﻈﻬﺮ ﺍﻟﺮﻋﺐ ﺍﻟﻤﻨﺘﺸﺮ ﻓﻲ
ﺍﻷﻭﺳﺎﻁ ﺍﻟﻐﺮﺑﻴﺔ ﺍﻟﻤﺘﺨﺼﺼﺔ ﻓﻲ ﻣﻴﺪﺍﻥ
ﺍﻟﺴﻼﻣﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺗﻴﺔ(...
ﻟﻜﻦ ﺍﻟﻮﺍﻗﻊ-ﻓﻲ ﻇﻞ ﺍﻟﺜﻮﺭﺓ ﺍﻟﺘﻲ
ﺃﺣﺪﺛﺘﻬﺎ ﺇﻧﺘﺮﻧﺖ-ﻳﺘﺠﺎﻭﺯ ﺍﻟﺨﻴﺎﻝ ﺑﻤﺮﺍﺣﻞ..
ﻣﺎﻫﻲ ﺍﻵﺛﺎﺭ ﺍﻟﻤﺪﻣﺮﺓ ﺍﻟﻤﻤﻜﻨﺔ ﻟﻬﺠﻮﻡ
ﺇﻟﻜﺘﺮﻭﻧﻲ ﺿﺪ ﻣﻔﺎﻋﻞ ﻧﻮﻭﻱ؟ ﻭ ﻫﻞ
ﻳﻤﻜﻦ ﺣﻘﺎ ﺍﺧﺘﺮﺍﻕ ﺍﻟﻨﻈﺎﻡ ﺍﻹﻟﻜﺘﻮﻧﻲ
ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ ﺑﻌﻤﻠﻴﺔsocial
؟ engineering
ﺍﻟﺒﺎﺭﺣﺔ ﻓﻲ ﻣﺆﺗﻤﺮRSA 2008ﺗﻤﺖ
ﻣﻨﺎﻗﺸﺔ ﻫﺬﺍ ﺍﻟﻤﻮﺿﻮﻉ ﺗﺤﺪﻳﺪﺍ!
http://
www.rsaconference.com/2008/
US/home.aspx
http://en.wikipedia.org/wiki/
RSA_Conference
ﻭ ﻣﺪﺍﺧﻠﺔ ﺃﺣﺪ ﺃﺑﺮﺯ ﺍﻟﺨﺒﺮﺍﺀ ﻓﻲ ﺍﻟﻤﻴﺪﺍﻥ
ﺳﻠﻄﺖ ﺍﻟﻀﻮﺀ ﻋﻠﻰ ﺃﺣﺪ ﺍﻟﻤﺸﺎﻛﻞ
ﺍﻟﺴﺎﺧﻨﺔ ﻓﻲ ﻋﺼﺮ ﺍﻹﻧﺘﺮﻧﺖ:ﺍﻟﺤﻤﺎﻳﺔ
ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻟﻠﻤﻨﺸﺂﺕ ﺍﻟﺼﻨﺎﻋﻴﺔ!
Ira Winklerﺍﻟﻤﺪﻳﺮ ﺍﻟﻌﺎﻡ ﻟﺸﺮﻛﺔ
ISAG
http://www.isag.com/
index.html
ﺃﺑﺮﺯ ﺍﻟﺒﺎﺭﺣﺔ ﻟﺠﻤﻬﻮﺭSan Francisco
ﻛﻴﻔﻴﺔ ﺍﺧﺘﺮﺍﻕ ﺍﻟﻨﻈﺎﻡ ﺍﻹﻟﻜﺘﺮﻭﻧﻲ
ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ!
ﺣﺴﺐ ﺍﻟﺨﺒﻴﺮ ﻓﺈﻧﻪ ﻣﻦ ﺍﻟﺴﻬﻮﻟﺔ
"ﺍﻟﻤﺮﻋﺒﺔ"ﺇﻣﻜﺎﻧﻴﺔ ﺍﺧﺘﺮﺍﻕ ﺳﻴﺮﻓﺮﺍﺕ
ﺍﻟﺘﺤﻜﻢ ﻭ ﺍﻟﺴﻴﻄﺮﺓ ﻟﻤﻔﺎﻋﻞ ﻧﻮﻭﻱ ﻋﺒﺮ
ﺧﻄﻮﺍﺕ ﻭ ﻣﺮﺍﺣﻞ ﻗﻠﻴﻠﺔ!
ﻧﻔﺲlerﻳﺆﻛﺪ ﺃﻧﻪ ﺗﻤﻜﻦ ﻋﺪﺓ ﻣﺮﺍﺕ ﻣﻦ
ﺍﺧﺘﺮﺍﻕ ﺃﺣﺪ ﻫﺬﻩ ﺍﻷﻧﻈﻤﺔ:
http://
www.internetevolution.com/
author.asp?doc_id
=136047&f_src=drnewsalert
ﺍﻟﺨﻄﻮﺓ ﺍﻷﻭﻟﻰ ﺍﻟﻤﻮﺿﺤﺔ:
http://
www.news.com/8301-10784_
3-9914896-7.html?
part=rss&subj=news&tag=2547
-1001_3-0-5
ﺗﺘﻤﺜﻞ ﻓﻲ ﺇﻧﺸﺎﺀweb serverﻳﻘﻮﻡ
ﺑﺘﺜﺒﻴﺖ ﺑﺮﺍﻣﺞ ﺗﺠﺴﺴﺲ ﻓﻲ ﺃﺟﻬﺰﺓ
ﺯﺍﺋﺮﻳﻪ!
ﻓﻲ ﺍﻟﻤﺮﺣﻠﺔ ﺍﻟﻤﻮﺍﻟﻴﺔ ﻳﻘﻮﻡ ﺍﻟﻤﻬﺎﺟﻢ
ﺑﻌﻤﻠﻴﺔsocial engineering
ﻓﻌﻠﻴﺔ..ﻋﻦ ﻃﺮﻳﻖ ﺇﺭﺳﺎﻝ ﺳﻴﻞ ﻣﻦ
ﺭﺳﺎﺋﻞ ﺍﻟﺒﺮﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﻧﻲ ﻟﻤﻮﻇﻔﻲ
ﺍﻟﻤﻔﺎﻋﻞ ﺍﻟﻨﻮﻭﻱ..ﺭﺳﺎﺋﻞ ﺗﺤﺘﻮﻱ ﻋﻠﻰ
hyperlinkﻝspywareﺍﻝweb
! server
ﺍﻟﻤﺮﺣﻠﺔ ﺍﻷﺧﻴﺮﺓ ﻫﻲ ﺑﺒﺴﺎﻃﺔ ﺍﻧﺘﻈﺎﺭ
ﺍﻧﺘﺸﺎﺭ ﺍﻟﻌﺪﻭﻯ!
Winklerﻳﺆﻛﺪ ﺃﻥ ﺍﻟﻄﺮﻳﻘﺔ ﺍﻟﻤﻮﺿﺤﺔ
ﺟﺮﺑﺖ ﻋﺪﺓ ﻣﺮﺍﺕ ﻭ ﺃﻧﻬﺎ ﺗﻨﺘﺞ ﻏﺎﻟﺒﺎ
ﺍﻹﺧﺘﺮﺍﻕ ﺍﻟﺘﺎﻡ ﻟﻠﻨﻈﺎﻡ ﺍﻟﻬﺪﻑ!
ﻣﻤﺎ ﻳﻌﻨﻲ ﺃﻥ ﺍﻟﻤﻬﺎﺟﻢ ﻳﻤﻜﻨﻪ ﺍﻟﻮﺻﻮﻝ
ﺑﺒﺴﺎﻃﺔ ﺇﻟﻰ ﺗﺴﺠﻴﻞ ﻧﺴﺦ ﻣﻦ ﺷﺎﺷﺎﺕ
ﻭ ﺃﻧﻈﻤﺔ ﺍﻟﺘﺤﻜﻢ ﺩﻭﺭﻳﺎ ﺛﻢ ﺑﺎﻟﺘﺎﻟﻲ
ﺍﻟﺴﻴﻄﺮﺓ ﻋﻠﻴﻬﺎ!
ﺧﻮﻑ ﺍﻷﺟﻬﺰﺓ ﺍﻻﺳﺘﺨﺒﺎﺭﺍﺗﻴﺔ ﺍﻟﻐﺮﺑﻴﺔ ﻣﻦ
ﻫﺠﻮﻡ ﺇﻟﻜﺘﺮﻭﻧﻲ ﺿﺪ ﻣﻔﺎﻋﻼﺕ ﻧﻮﻭﻳﺔ
ﻳﻠﻘﻰ ﺻﺪﻯ ﻭﺍﺳﻌﺎ ﻟﺪﻯ ﺧﺒﺮﺍﺀ ﺍﻟﻤﻴﺪﺍﻥ!
ﻭ ﻣﺎ ﻳﺰﻳﺪ ﻣﻦ ﺧﻮﻓﻬﻢ ﺳﺮﻋﺔ ﺍﻻﺧﺘﺮﺍﻕ
ﺍﻟﺬﻱ ﺗﻢ!
Winklerﻳﺆﻛﺪ ﺃﻥ ﺍﻟﺘﺤﻀﻴﺮ ﻟﻠﻬﺠﻮﻡ
ﻣﻤﻜﻦ ﺃﻥ ﻳﺴﺘﻐﺮﻕ ﻳﻮﻣﺎ..ﺑﻴﻨﻤﺎ ﺍﻹﺧﺘﺮﺍﻕ
ﺍﻟﻔﻌﻠﻲ ﻣﻤﻜﻦ ﺇﺗﻤﺎﻣﻪ ﻓﻲ ﺩﻗﺎﺋﻖ
ﻣﻌﺪﻭﺩﺓ!
ﻣﻦ ﺍﻟﺒﺪﻳﻬﻲ ﺃﻥ ﺃﺟﻬﺰﺓ ﺍﻟﺘﺤﻜﻢ ﻓﻲ
ﺍﻟﻤﻔﺎﻋﻼﺕ ﺍﻟﻨﻮﻭﻳﺔ ﻟﺪﻳﻬﺎ ﺃﻧﻈﻤﺔ ﺣﻤﺎﻳﺔ
ﻣﺘﻄﻮﺭﺓ..ﻟﻜﻦ ﻏﺎﻟﺒﺎ ﻣﺎ ﺗﻜﻮﻥ
ﺍﻟﺴﻴﺮﻓﻴﺮﺍﺕ ﻧﻔﺴﻬﺎ ﻣﺠﻬﺰﺓ ﺏ
Windows NTﻭ ﺗﺴﺘﻄﻴﻊ ﺍﻻﺭﺗﺒﺎﻁ
ﺑﺎﻹﻧﺘﺮﻧﺖ ﻣﺜﻞ ﺃﻱ ﺟﻬﺎﺯ ﻛﻤﺒﻴﻮﺗﺮ ﻣﻨﺰﻟﻲ!
ﺧﺒﻴﺮ ﺍﻟﺴﻼﻣﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺗﻴﺔ ﺃﺷﺎﺭ ﻓﻲ
ﻧﻬﺎﻳﺔ ﺑﺤﺜﻪ ﺇﻟﻰ ﺷﺮﻳﻂ ﻓﻴﺪﻳﻮ ﻳﻮﺿﺢ
ﺧﻄﻮﺭﺓ ﻫﺠﻮﻡ ﺇﻟﻜﺘﺮﻭﻧﻲ ﻋﻠﻰ ﻣﻔﺎﻋﻞ
ﻧﻮﻭﻱ)..ﻭ ﺍﻟﻤﻀﺤﻚ ﻓﻲ ﻫﺬﺍ ﺍﻟﺴﻴﺎﻕ
ﺃﻥ ﺍﻟﺸﺮﻳﻂ ﺣﺬﻑ ﻣﻦyoutubeﻋﻠﻰ
ﻣﺎ ﻳﺒﺪﻭﺍ..ﻣﻤﺎ ﻳﻈﻬﺮ ﺍﻟﺮﻋﺐ ﺍﻟﻤﻨﺘﺸﺮ ﻓﻲ
ﺍﻷﻭﺳﺎﻁ ﺍﻟﻐﺮﺑﻴﺔ ﺍﻟﻤﺘﺨﺼﺼﺔ ﻓﻲ ﻣﻴﺪﺍﻥ
ﺍﻟﺴﻼﻣﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺗﻴﺔ(...
