Kwiintsuku ezithile ezidlulileyo I-Cloudflare iboniswe eluntwini ukumiliselwa kweprojekthi yeFlan Scan, Eskena ukubamba umnatha kwinethiwekhi ngobungozi obungalunganga. Iskena seFlan ngu ukongezwa kwiskena senethiwekhi yokhuseleko lweNmap, eyenza ukuba ibe sisixhobo esisebenza ngokupheleleyo ekuchongeni iinginginya ezisemngciphekweni kuthungelwano olukhulu. Ikhowudi yeprojekthi ibhaliwe kwiPython kwaye ihanjiswa phantsi kwelayisensi ye-BSD.
Iskena seFlan ayisiyiyo projekthi intsha njengoko yaphuhliswa ijikeleze iNmap, Ukuskena iFlan Idibanisa imephu yenethiwekhi kunye nokuskena okusemngciphekweni, kwaye inkampani iphuhlise iFlan Scan emva "kwemizamo engaphumelelanga" yokusebenzisa izikena ezikhoyo.
"Senze iFlan Scan emva kwemizamo emibini engaphumelelanga yokusebenzisa izikena 'zomgangatho oshishino' kwizikeni zethu zokuthobela"
Ngaphezulwana konyaka ophelileyo, besibhatala umthengisi omkhulu wesikena sabo de sabe siqonda ukuba yenye yezona ndleko zethu ziphambili zokhuseleko kwaye uninzi lweempawu zalo bezingadibani nokuseta kwethu, utshilo uCloudflare.
Malunga neFlan Scan
Iskripthi sithintela iseva yomntu wesithathu ekude, Ukuchonga ubungozi obuchaphazela iinkonzo, Iskripthi se-vulners esinikezwe kwi-nmap siyasetyenziswa eqinisekisa ukuba isoftware ekujoliswe kuyo iqhagamshelwe kwimicimbi yezokhuseleko eyaziwayo kunye nokusetyenziswa kwayo kungathintelwa kumanqaku eCVSS amanqanaba obukhali athile.
IFlan Scan isebenzisa iNmap ukuqhuba i-ICMP ping scan, i-SYN port scan, ukukhangela ukufunyanwa kwenkonzo, ukuskena kwe-TCP ngesandla, kunye ne-banner scan scans, kunye nokukhethwa kwedilesi ye-UDP kunye ne-IPv6.
Ukongeza ekwenzeni lula ukufumana amazibuko womnatha avulekileyo kuthungelwano oluphantsi kophando, igqiba iinkonzo ezinxulumene noko kunye neenguqulelo zeenkqubo ezisetyenzisiweyo, kwaye ikwadala uluhlu lwezinto ezinobungozi ezichaphazela iinkonzo ezichongiweyo. Emva kokugqiba umsebenzi, kwenziwa ingxelo eshwankathela imiba echongiweyo kwaye idwelise izikhombi ze-CVE ezinxulumene nobuthathaka obufunyenweyo, zihlelwe ngokwenqanaba lomngcipheko.
Imisebenzi yenziwe ngeFlan Scan kuncitshiswa ikakhulu ekwenzeni lula ukuphunyezwa kwenkqubo yokukhangela ubungozi nmap-esekwe kuthungelwano olukhulu nakwimeko yelifu. Iskripthi sibonelelwa ukuhambisa ngokukhawuleza isikhongozeli esizimeleyo esekwe kwi-Docker okanye kwi-Kubernetes ukuqala inkqubo yokuqinisekisa kwilifu kunye nokudlulisela iziphumo kuGcino lwaMafu kuGoogle okanye kwiAmazon S3.
Ngokusekwe kwingxelo yeXML eyakhiweyo eyenziwe yi-nmap, iFlan Scan ivelisa ingxelo ekulula ukuyifunda kwifomathi yeLaTeX, enokuguqulwa ibe yiPDF.
Cloudflare yongeze loo ntoe ibingafumani 'xabiso lemali' kwizikena ezikhoyo kwaye ke, itshintshelwe kukhetho lomthombo ovulekileyo ukuhlangabezana nexesha elimiselweyo lokuthobela.
"Sasidinga iskena esinokufumana ngokuchanekileyo iinkonzo kwinethiwekhi yethu kwaye emva koko sijonge ezo nkonzo kwindawo yogcino lwedatha ye-CVE ukufumana ubungozi obufanelekileyo kwiinkonzo zethu," utshilo uCloudflare.
Uyifumana njani kwaye uyisebenzise njani iFlan Scan?
Kulabo abanomdla wokukwazi ukufaka esi sixhobo Into ekufuneka bayenzile kukuvula i-terminal (Ungayenza ngokudibanisa isitshixo Ctrl + Alt + T).
Kwaye kuye uza kuchwetheza oku kulandelayo:
sudo apt install git git clone https://github.com/cloudflare/flan.git
Kwaye ngoku kufuneka ungene kwifolda nge:
cd flan
Nje ukuba kwenziwe oku, kuya kufuneka wakhe iipakeji (koku kuyimfuneko ukuba ufake i-Doker kwinkqubo yakho) oku kunokwenziwa ngalo myalelo ulandelayo:
make build
Kwaye ukuqala isixhobo usenza ngokwenza lo mthetho ulandelayo:
make start
Si ufuna ukwazi ngakumbi ngayo malunga nesi sixhobo, unokujonga eli khonkco lilandelayo. Ngelixa ufuna ukwazi iinkcukacha zokusetyenziswa kunye nekhowudi yesi sixhobo onokwenza kuyo eli khonkco.