{"id":477441,"date":"2023-08-09T09:15:09","date_gmt":"2023-08-09T09:15:09","guid":{"rendered":""},"modified":"2023-09-05T11:14:42","modified_gmt":"2023-09-05T11:14:42","slug":"heartbleed","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/tr\/wiki\/heartbleed\/","title":{"rendered":"Kalp kanamas\u0131"},"content":{"rendered":"

Heartbleed, OpenSSL \u015fifreleme yaz\u0131l\u0131m\u0131 kitapl\u0131\u011f\u0131nda bulunan ve \u0130nternet'in g\u00fcvenli\u011fini sa\u011flamak i\u00e7in kullan\u0131lan SSL\/TLS \u015fifrelemesiyle korunan bilgilerin \u00e7al\u0131nmas\u0131na olanak tan\u0131yan kritik bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131d\u0131r.<\/p>\n

Tarihsel Bir Bak\u0131\u015f: Kalp Kanamas\u0131n\u0131 \u00c7\u00f6zmek<\/h2>\n

Heartbleed ilk kez Nisan 2014'te kamuya duyuruldu ve Codedenomicon ve Google'daki g\u00fcvenlik m\u00fchendisleri taraf\u0131ndan ba\u011f\u0131ms\u0131z olarak ke\u015ffedildi. \u0130nternetteki \u015fifreleme korumas\u0131 i\u00e7in en pop\u00fcler k\u00fct\u00fcphanelerden biri olan OpenSSL \u015fifreleme k\u00fct\u00fcphanesindeki bir g\u00fcvenlik hatas\u0131d\u0131r. Veriler payla\u015f\u0131lmad\u0131\u011f\u0131nda bile ba\u011flant\u0131lar\u0131 canl\u0131 tutmak i\u00e7in kullan\u0131lan bir sistem olan OpenSSL k\u00fct\u00fcphanesinin "kalp at\u0131\u015f\u0131" b\u00f6l\u00fcm\u00fcnde bulundu\u011fu i\u00e7in bu \u015fekilde adland\u0131r\u0131lm\u0131\u015ft\u0131r.<\/p>\n

Heartbleed'i Geni\u015fletmek: Daha Derin Bir Bak\u0131\u015f<\/h2>\n

Heartbleed \u00f6zellikle OpenSSL'in "kalp at\u0131\u015f\u0131" uzant\u0131s\u0131n\u0131 etkiler. Bu, istemci ile sunucu aras\u0131nda g\u00fcvenli bir ba\u011flant\u0131 sa\u011flamak i\u00e7in kullan\u0131lan Aktar\u0131m Katman\u0131 G\u00fcvenli\u011fi (TLS) protokol\u00fcn\u00fcn OpenSSL uygulamas\u0131ndaki iste\u011fe ba\u011fl\u0131 bir \u00f6zelliktir.<\/p>\n

G\u00fcvenlik a\u00e7\u0131\u011f\u0131, kalp at\u0131\u015f\u0131 iste\u011finin i\u015flenme bi\u00e7iminde mevcuttur. Sald\u0131rgan, k\u00f6t\u00fc ama\u00e7la haz\u0131rlanm\u0131\u015f bir kalp at\u0131\u015f\u0131 iste\u011fi g\u00f6ndererek, bir sunucuyu veya istemciyi, kalp at\u0131\u015f\u0131 kapsam\u0131n\u0131n \u00e7ok \u00f6tesinde, belle\u011finde depolanan b\u00fcy\u00fck miktarda veriyi geri g\u00f6ndermesi i\u00e7in kand\u0131rabilir.<\/p>\n

\u0130\u00e7 Mekanizma: Heartbleed Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/h2>\n

OpenSSL'deki kalp at\u0131\u015f\u0131 mekanizmas\u0131, sunucuya bir y\u00fck ve y\u00fck uzunlu\u011funa sahip bir istek ("kalp at\u0131\u015f\u0131" iste\u011fi) g\u00f6ndererek \u00e7al\u0131\u015f\u0131r. Sunucu daha sonra h\u00e2l\u00e2 \u00e7evrimi\u00e7i oldu\u011funu ve dinledi\u011fini do\u011frulamak i\u00e7in veriyi tekrarlar.<\/p>\n

Ancak Heartbleed hatas\u0131, OpenSSL'nin istekte g\u00f6nderilen y\u00fck uzunlu\u011funun ger\u00e7ek y\u00fcke kar\u015f\u0131l\u0131k geldi\u011fini do\u011frulamamas\u0131 nedeniyle ortaya \u00e7\u0131k\u0131yor. Sald\u0131rgan, k\u00fc\u00e7\u00fck bir veri y\u00fck\u00fcyle bir kalp at\u0131\u015f\u0131 iste\u011fi g\u00f6nderebilir, ancak sunucuya \u00e7ok daha b\u00fcy\u00fck bir veri y\u00fck\u00fc g\u00f6nderdi\u011fini s\u00f6yleyerek sunucuyu, belle\u011finin 64 kilobayta kadar\u0131n\u0131 geri g\u00f6ndermesi i\u00e7in kand\u0131r\u0131r. Bu bellek, kullan\u0131c\u0131 adlar\u0131ndan ve parolalardan SSL \u015fifrelemesi i\u00e7in kullan\u0131lan anahtarlara kadar her \u015feyi i\u00e7erebilir.<\/p>\n

Heartbleed'in Temel \u00d6zellikleri<\/h2>\n