{"id":1285,"date":"2020-01-12T16:37:13","date_gmt":"2020-01-12T13:37:13","guid":{"rendered":"https:\/\/izhost.com\/blog\/?p=1285"},"modified":"2020-01-12T16:39:28","modified_gmt":"2020-01-12T13:39:28","slug":"zimbra-memcached-exploiti-engelleme","status":"publish","type":"post","link":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/","title":{"rendered":"Zimbra memcached exploit’i engelleme"},"content":{"rendered":"\n
\"\"<\/figure>
\n

Bu yaz\u0131da Zimbra memcached 11211 portuna ger\u00e7ekle\u015ftirilen “memcrashd” sald\u0131r\u0131s\u0131 ile ilgili bilgi verece\u011fiz. E\u011fer sunucu hizmetinizde g\u00fcvenlik duvar\u0131 yok ise Memcached default olarak sunucu ip adresini dinleyecektir. <\/p>\n<\/div><\/div>\n\n\n\n

Zimbra Memcache sunucular\u0131n\u0131z g\u00fcvenlik duvar\u0131 arkas\u0131nda ise Zimbra Memcache 11211 portunun gelen ve giden trafi\u011fini engellemenizi \u00f6neririz. Bu i\u015flemi yapt\u0131\u011f\u0131n\u0131z bu makalede ba\u015fka i\u015flem yapman\u0131za gerek kalmayacakt\u0131r. <\/p>\n\n\n\n

Zimbra memcache sunucunuz bir g\u00fcvenlik duvar\u0131n\u0131n arkas\u0131nda DE\u011e\u0130LSE <\/strong>ve \u0130nternet \u00fczerinden eri\u015filebiliyorsa<\/strong>, devam edin.<\/p>\n\n\n\n

Zimbra tek sunucu kurulumu<\/strong> i\u00e7in<\/p>\n\n\n\n

Bu sald\u0131r\u0131y\u0131 \u00f6nlemek i\u00e7in Memcached’i yaln\u0131zca 127.0.0.1’de dinleyecek \u015fekilde yap\u0131land\u0131r\u0131n. A\u015fa\u011f\u0131daki komutlar\u0131 kullan\u0131n.<\/p>\n\n\n\n

 su - zimbra\n \/opt\/zimbra\/bin\/zmprov ms `zmhostname` zimbraMemcachedBindAddress 127.0.0.1 \n \/opt\/zimbra\/bin\/zmprov ms `zmhostname` zimbraMemcachedClientServerList 127.0.0.1<\/code><\/pre>\n\n\n\n
Memcached restart edin<\/p>\n\n\n\n
 zmmemcachedctl restart<\/code><\/pre>\n\n\n\n
For Zimbra Multi Server Installation<\/strong><\/p>\n\n\n\n
Zimbra \u00e7oklu sunucu kurulumlar\u0131nda memcache portunu, d\u0131\u015far\u0131dan gelen isteklere kar\u015f\u0131 kapatarak sadece zimbra proxy sunucular\u0131n\u0131n eri\u015fmesine izin vermek gerekir. \u0130lk \u00f6nce sunucular\u0131m\u0131z da firewalld yada ufw’yi etkinle\u015ftirmek gerekir. E\u011fer Sunucunuz da Ununtu kullan\u0131yorsan\u0131z bu adresten<\/a>, Centos kullan\u0131yorsan\u0131z bu adresten<\/a> nas\u0131l etkinle\u015ftirece\u011finizi \u00f6\u011frenebilir siniz.  <\/p>\n\n\n\n
T\u00fcm memcached sunucular\u0131n\u0131zda a\u015fa\u011f\u0131daki komutlar\u0131 s\u0131ras\u0131 ile uygulay\u0131n\u0131z.<\/p>\n\n\n\n
Redhat tabanl\u0131 sunucular i\u00e7in iptables kurallar\u0131<\/strong><\/p>\n\n\n\n
T\u00fcm ba\u011flant\u0131lar i\u00e7in 11211 portunu kapat\u0131n.<\/p>\n\n\n\n
 iptables -I INPUT -p udp --dport 11211 -j DROP\n iptables -I INPUT -p tcp --dport 11211 -j DROP<\/code><\/pre>\n\n\n\n
Sadece localhost dan ba\u011flant\u0131lar\u0131 kabul edin<\/p>\n\n\n\n
 iptables -I INPUT -p udp -s 127.0.0.1 --dport 11211 -j ACCEPT\n iptables -I INPUT -p tcp -s 127.0.0.1 --dport 11211 -j ACCEPT<\/code><\/pre>\n\n\n\n
Di\u011fer proxy sunucular\u0131ndan ba\u011flant\u0131lar\u0131 kabul edin. Zimbra kurulumunuzdaki her proxy sunucu IP’si i\u00e7in iki komutun alt\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131n.<\/p>\n\n\n\n
 iptables -I INPUT -p udp -s <Proxy IP> --dport 11211 -j ACCEPT\n iptables -I INPUT -p tcp -s <Proxy IP> --dport 11211 -j ACCEPT<\/code><\/pre>\n\n\n\n
Ubuntu sunucular\u0131 i\u00e7in UFW kurallar\u0131<\/strong><\/p>\n\n\n\n
 T\u00fcm ba\u011flant\u0131lar i\u00e7in 11211 portunu kapat\u0131n. <\/p>\n\n\n\n
 ufw deny 11211<\/code><\/pre>\n\n\n\n
 Sadece localhost dan ba\u011flant\u0131lar\u0131 kabul edin <\/p>\n\n\n\n
 ufw allow from 127.0.0.1 to any port 11211<\/code><\/pre>\n\n\n\n
 Di\u011fer proxy sunucular\u0131ndan ba\u011flant\u0131lar\u0131 kabul edin. Zimbra kurulumunuzdaki her proxy sunucu IP’si i\u00e7in iki komutun alt\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131n. <\/p>\n\n\n\n
ufw allow from <Proxy1 IP> to any port 11211\nufw allow from <Proxy2 IP> to any port 11211<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Bu yaz\u0131da Zimbra memcached 11211 portuna ger\u00e7ekle\u015ftirilen “memcrashd” sald\u0131r\u0131s\u0131 ile ilgili bilgi verece\u011fiz. E\u011fer sunucu hizmetinizde g\u00fcvenlik duvar\u0131 yok ise Memcached default olarak sunucu ip adresini dinleyecektir. Zimbra Memcache sunucular\u0131n\u0131z g\u00fcvenlik duvar\u0131 arkas\u0131nda ise Zimbra Memcache 11211 portunun gelen ve giden trafi\u011fini engellemenizi \u00f6neririz. Bu i\u015flemi yapt\u0131\u011f\u0131n\u0131z bu makalede ba\u015fka i\u015flem yapman\u0131za gerek kalmayacakt\u0131r. Zimbra […]<\/p>\n","protected":false},"author":1,"featured_media":1256,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[168],"tags":[175,176,177,178],"yoast_head":"\nZimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler\" \/>\n<meta property=\"og:description\" content=\"Bu yaz\u0131da Zimbra memcached 11211 portuna ger\u00e7ekle\u015ftirilen “memcrashd” sald\u0131r\u0131s\u0131 ile ilgili bilgi verece\u011fiz. E\u011fer sunucu hizmetinizde g\u00fcvenlik duvar\u0131 yok ise Memcached default olarak sunucu ip adresini dinleyecektir. Zimbra Memcache sunucular\u0131n\u0131z g\u00fcvenlik duvar\u0131 arkas\u0131nda ise Zimbra Memcache 11211 portunun gelen ve giden trafi\u011fini engellemenizi \u00f6neririz. Bu i\u015flemi yapt\u0131\u011f\u0131n\u0131z bu makalede ba\u015fka i\u015flem yapman\u0131za gerek kalmayacakt\u0131r. Zimbra […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/\" \/>\n<meta property=\"og:site_name\" content=\"\u0130zHost Blog, Teknolojiden g\u00fcncel haberler\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-12T13:37:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-12T13:39:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1069\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@izhostcom\" \/>\n<meta name=\"twitter:site\" content=\"@izhostcom\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"izhost\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/izhost.com\/blog\/#website\",\"url\":\"https:\/\/izhost.com\/blog\/\",\"name\":\"\u0130zHost Blog, Teknolojiden g\u00fcncel haberler\",\"description\":\"Domain, Hosting, Sunucu Y\u00f6netimi ve Teknoloji d\u00fcnyas\u0131ndan haberler.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/izhost.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"tr\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#primaryimage\",\"inLanguage\":\"tr\",\"url\":\"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png\",\"contentUrl\":\"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png\",\"width\":1920,\"height\":1069},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#webpage\",\"url\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/\",\"name\":\"Zimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler\",\"isPartOf\":{\"@id\":\"https:\/\/izhost.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#primaryimage\"},\"datePublished\":\"2020-01-12T13:37:13+00:00\",\"dateModified\":\"2020-01-12T13:39:28+00:00\",\"author\":{\"@id\":\"https:\/\/izhost.com\/blog\/#\/schema\/person\/1c523b378da673113a14d11bd7c3fa64\"},\"breadcrumb\":{\"@id\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Ana sayfa\",\"item\":\"https:\/\/izhost.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zimbra memcached exploit’i engelleme\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/izhost.com\/blog\/#\/schema\/person\/1c523b378da673113a14d11bd7c3fa64\",\"name\":\"izhost\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/izhost.com\/blog\/#personlogo\",\"inLanguage\":\"tr\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8c378cd99e98c114e7126f81d1f06864?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8c378cd99e98c114e7126f81d1f06864?s=96&d=mm&r=g\",\"caption\":\"izhost\"},\"sameAs\":[\"https:\/\/izhost.com\"],\"url\":\"https:\/\/izhost.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/","og_locale":"tr_TR","og_type":"article","og_title":"Zimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler","og_description":"Bu yaz\u0131da Zimbra memcached 11211 portuna ger\u00e7ekle\u015ftirilen “memcrashd” sald\u0131r\u0131s\u0131 ile ilgili bilgi verece\u011fiz. E\u011fer sunucu hizmetinizde g\u00fcvenlik duvar\u0131 yok ise Memcached default olarak sunucu ip adresini dinleyecektir. Zimbra Memcache sunucular\u0131n\u0131z g\u00fcvenlik duvar\u0131 arkas\u0131nda ise Zimbra Memcache 11211 portunun gelen ve giden trafi\u011fini engellemenizi \u00f6neririz. Bu i\u015flemi yapt\u0131\u011f\u0131n\u0131z bu makalede ba\u015fka i\u015flem yapman\u0131za gerek kalmayacakt\u0131r. Zimbra […]","og_url":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/","og_site_name":"\u0130zHost Blog, Teknolojiden g\u00fcncel haberler","article_published_time":"2020-01-12T13:37:13+00:00","article_modified_time":"2020-01-12T13:39:28+00:00","og_image":[{"width":1920,"height":1069,"url":"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_creator":"@izhostcom","twitter_site":"@izhostcom","twitter_misc":{"Yazan:":"izhost","Tahmini okuma s\u00fcresi":"2 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/izhost.com\/blog\/#website","url":"https:\/\/izhost.com\/blog\/","name":"\u0130zHost Blog, Teknolojiden g\u00fcncel haberler","description":"Domain, Hosting, Sunucu Y\u00f6netimi ve Teknoloji d\u00fcnyas\u0131ndan haberler.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/izhost.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"tr"},{"@type":"ImageObject","@id":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#primaryimage","inLanguage":"tr","url":"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png","contentUrl":"https:\/\/izhost.com\/blog\/wp-content\/uploads\/2020\/01\/zimbra-logo.png","width":1920,"height":1069},{"@type":"WebPage","@id":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#webpage","url":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/","name":"Zimbra memcached exploit'i engelleme » \u0130zHost Blog, Teknolojiden g\u00fcncel haberler","isPartOf":{"@id":"https:\/\/izhost.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#primaryimage"},"datePublished":"2020-01-12T13:37:13+00:00","dateModified":"2020-01-12T13:39:28+00:00","author":{"@id":"https:\/\/izhost.com\/blog\/#\/schema\/person\/1c523b378da673113a14d11bd7c3fa64"},"breadcrumb":{"@id":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/izhost.com\/blog\/zimbra-memcached-exploiti-engelleme\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Ana sayfa","item":"https:\/\/izhost.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Zimbra memcached exploit’i engelleme"}]},{"@type":"Person","@id":"https:\/\/izhost.com\/blog\/#\/schema\/person\/1c523b378da673113a14d11bd7c3fa64","name":"izhost","image":{"@type":"ImageObject","@id":"https:\/\/izhost.com\/blog\/#personlogo","inLanguage":"tr","url":"https:\/\/secure.gravatar.com\/avatar\/8c378cd99e98c114e7126f81d1f06864?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8c378cd99e98c114e7126f81d1f06864?s=96&d=mm&r=g","caption":"izhost"},"sameAs":["https:\/\/izhost.com"],"url":"https:\/\/izhost.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/posts\/1285"}],"collection":[{"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/comments?post=1285"}],"version-history":[{"count":2,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/posts\/1285\/revisions"}],"predecessor-version":[{"id":1289,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/posts\/1285\/revisions\/1289"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/media\/1256"}],"wp:attachment":[{"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/media?parent=1285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/categories?post=1285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/izhost.com\/blog\/wp-json\/wp\/v2\/tags?post=1285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}