{"id":476877,"date":"2023-08-09T09:04:34","date_gmt":"2023-08-09T09:04:34","guid":{"rendered":""},"modified":"2023-09-05T11:13:37","modified_gmt":"2023-09-05T11:13:37","slug":"dns-amplification-attack","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/tr\/wiki\/dns-amplification-attack\/","title":{"rendered":"DNS y\u00fckseltme sald\u0131r\u0131s\u0131"},"content":{"rendered":"

girii\u015f<\/h2>\n

DNS (Alan Ad\u0131 Sistemi), alan adlar\u0131n\u0131 IP adreslerine \u00e7eviren ve kullan\u0131c\u0131lar\u0131n web sitelerine tan\u0131d\u0131k adlar\u0131yla eri\u015fmesine olanak tan\u0131yan, internet altyap\u0131s\u0131n\u0131n kritik bir bile\u015fenidir. DNS internetin temel ta\u015f\u0131 olarak hizmet verirken ayn\u0131 zamanda \u00e7e\u015fitli g\u00fcvenlik tehditlerine de a\u00e7\u0131kt\u0131r; bunlardan biri DNS amplifikasyon sald\u0131r\u0131s\u0131d\u0131r. Bu makalede DNS y\u00fckseltme sald\u0131r\u0131s\u0131n\u0131n ge\u00e7mi\u015fi, mekanizmas\u0131, t\u00fcrleri ve kar\u015f\u0131 \u00f6nlemleri ele al\u0131nmaktad\u0131r.<\/p>\n

K\u00f6keni ve \u0130lk S\u00f6z\u00fc<\/h2>\n

DNS yans\u0131ma sald\u0131r\u0131s\u0131 olarak da bilinen DNS amplifikasyon sald\u0131r\u0131s\u0131 ilk olarak 2000'li y\u0131llar\u0131n ba\u015f\u0131nda ortaya \u00e7\u0131kt\u0131. DDoS (Da\u011f\u0131t\u0131lm\u0131\u015f Hizmet Reddi) sald\u0131r\u0131lar\u0131n\u0131n etkisini art\u0131rmak i\u00e7in DNS sunucular\u0131ndan yararlanma tekni\u011finin "Dale Drew" adl\u0131 bir sald\u0131rgana atfedildi\u011fi belirtiliyor. 2002 y\u0131l\u0131nda Dale Drew, DNS altyap\u0131s\u0131n\u0131 kullanarak bir hedefi a\u015f\u0131r\u0131 trafikle doldurarak hizmet kesintisine neden olan bu t\u00fcr bir sald\u0131r\u0131y\u0131 g\u00f6sterdi.<\/p>\n

DNS Amplifikasyon Sald\u0131r\u0131s\u0131 Hakk\u0131nda Detayl\u0131 Bilgi<\/h2>\n

DNS y\u00fckseltme sald\u0131r\u0131s\u0131, b\u00fcy\u00fck DNS sorgular\u0131na daha da b\u00fcy\u00fck yan\u0131tlarla yan\u0131t vermek i\u00e7in belirli DNS sunucular\u0131n\u0131n do\u011fal davran\u0131\u015f\u0131ndan yararlan\u0131r. Yaln\u0131zca kendi a\u011flar\u0131ndaki sorgulara yan\u0131t vermek yerine, herhangi bir kaynaktan gelen DNS sorgular\u0131n\u0131 kabul eden ve yan\u0131tlayan a\u00e7\u0131k DNS \u00e7\u00f6z\u00fcmleyicilerden yararlan\u0131r.<\/p>\n

DNS Amplifikasyon Sald\u0131r\u0131s\u0131n\u0131n \u0130\u00e7 Yap\u0131s\u0131<\/h2>\n

DNS y\u00fckseltme sald\u0131r\u0131s\u0131 genellikle a\u015fa\u011f\u0131daki ad\u0131mlar\u0131 i\u00e7erir:<\/p>\n

    \n
  1. \n

    Sahte Kaynak IP'si:<\/strong> Sald\u0131rgan kaynak IP adresini taklit ederek kurban\u0131n IP adresi gibi g\u00f6r\u00fcnmesini sa\u011flar.<\/p>\n<\/li>\n

  2. \n

    DNS Sorgusu:<\/strong> Sald\u0131rgan, a\u00e7\u0131k bir DNS \u00e7\u00f6z\u00fcmleyiciye belirli bir alan ad\u0131 i\u00e7in bir DNS sorgusu g\u00f6ndererek, iste\u011fin kurbandan geliyormu\u015f gibi g\u00f6r\u00fcnmesini sa\u011flar.<\/p>\n<\/li>\n

  3. \n

    G\u00fc\u00e7lendirilmi\u015f Yan\u0131t:<\/strong> A\u00e7\u0131k DNS \u00e7\u00f6z\u00fcmleyici, iste\u011fin me\u015fru oldu\u011funu varsayarak \u00e7ok daha b\u00fcy\u00fck bir DNS yan\u0131t\u0131yla yan\u0131t verir. Bu yan\u0131t kurban\u0131n IP adresine g\u00f6nderilerek a\u011f kapasitesinin a\u015f\u0131lmas\u0131na neden olur.<\/p>\n<\/li>\n

  4. \n

    DDoS Etkisi:<\/strong> \u00c7ok say\u0131da a\u00e7\u0131k DNS \u00e7\u00f6z\u00fcmleyicinin kurban\u0131n IP'sine g\u00fc\u00e7lendirilmi\u015f yan\u0131tlar g\u00f6ndermesiyle, hedefin a\u011f\u0131 trafi\u011fe bo\u011fulur ve bu da hizmetin kesintiye u\u011framas\u0131na ve hatta hizmetin tamamen reddedilmesine yol a\u00e7ar.<\/p>\n<\/li>\n<\/ol>\n

    DNS Amplifikasyon Sald\u0131r\u0131s\u0131n\u0131n Temel \u00d6zellikleri<\/h2>\n