{"id":1189,"date":"2022-09-18T02:00:32","date_gmt":"2022-09-18T02:00:32","guid":{"rendered":"https:\/\/sunucucozumleri.com\/?p=1189"},"modified":"2022-10-09T19:33:15","modified_gmt":"2022-10-09T19:33:15","slug":"ddos-nedir-ddos-saldiri-turleri-nelerdir","status":"publish","type":"post","link":"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/","title":{"rendered":"DDoS Nedir? DDoS Sald\u0131r\u0131 T\u00fcrleri Nelerdir?"},"content":{"rendered":"<p><strong>DDoS<\/strong>\u00a0(<strong>D<\/strong>istributed\u00a0<strong>D<\/strong>enial\u00a0<strong>o<\/strong>f\u00a0<strong>S<\/strong>ervice) yani Da\u011f\u0131t\u0131k Hizmet Reddi Sald\u0131r\u0131s\u0131 olarak T\u00fcrk\u00e7ele\u015ftirilen bir <a href=\"https:\/\/sunucucozumleri.com\/blog\/siber-saldirilar-ve-korunma-yontemleri\/\">siber sald\u0131r\u0131<\/a> t\u00fcr\u00fcd\u00fcr. \u00d6rne\u011fin bir web sitesine, bir sunucuya farkl\u0131 farkl\u0131 yerlerden \u00e7ok say\u0131da bilgisayar\u0131n ayn\u0131 anda istek (request) yapmas\u0131 ile sunucunun cevap (response) veremeyecek hale gelmesine ve devre d\u0131\u015f\u0131 kalmas\u0131na\u00a0<strong>DDoS sald\u0131r\u0131s\u0131<\/strong>\u00a0denir.<\/p>\n<p>Bu i\u015flemde genelde ayn\u0131 anda \u00e7ok farkl\u0131 IP\u2019lerden da\u011f\u0131t\u0131k bir \u015fekilde, belli bir hedefe paketler halinde veri veya istek g\u00f6nderilir. Hedef web sitesinin bar\u0131nd\u0131\u011f\u0131 sunucunun (server) normal \u015fartlar alt\u0131nda ayn\u0131 anda yapabilece\u011fi i\u015flem say\u0131s\u0131 ve kapasitesi bellidir. Bunun yan\u0131nda sunucunun size tan\u0131mlad\u0131\u011f\u0131 bandwidth (trafik) oran\u0131nda i\u015flem yap\u0131lmas\u0131na izin verilir. Bu kapasitelerin a\u015f\u0131lmas\u0131 sistemi fel\u00e7 edecek ve sunucunun down olmas\u0131na neden olacakt\u0131r.<\/p>\n<p>DDoS sald\u0131r\u0131lar\u0131, metodlar\u0131 ve sald\u0131r\u0131 i\u00e7in kullan\u0131lan protokole g\u00f6re \u00e7e\u015fitli \u015fekillerde ger\u00e7ekle\u015ftirilmektedir. DDoS sald\u0131r\u0131lar\u0131 internetin baz\u0131 protokollerinde (TCP\/IP)\u00a0 veya sunucular\u0131n baz\u0131 \u00f6zellikleri (Bandwidth) manipule edilerek ger\u00e7ekle\u015ftirilir. DDoS sald\u0131r\u0131s\u0131n\u0131 a\u00e7\u0131klayabilmek i\u00e7in \u00f6ncelikle baz\u0131 tan\u0131mlar\u0131 a\u00e7\u0131klamak gerekir.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Makale \u0130\u00e7eri\u011fi<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\u0130\u00e7indekiler Tablosunu A\u00e7\/Kapat\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Botnet_Agi\" >Botnet A\u011f\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Bandwidth_Bant_Genisligi\" >Bandwidth (Bant Geni\u015fli\u011fi)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#TCPIP\" >TCP\/IP<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Application_Layer_Uygulama_Katmani\" >Application Layer (Uygulama Katman\u0131)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Transport_Layer_Tasima_Katmani\" >Transport Layer (Ta\u015f\u0131ma Katman\u0131)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Internet_Layer_Internet_Katmani\" >Internet Layer (\u0130nternet Katman\u0131)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Network_Interface_Layer_Ag_Arayuz_Katmani\" >Network Interface Layer (A\u011f Aray\u00fcz Katman\u0131)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#DDoS_Saldiri_Cesitleri\" >DDoS Sald\u0131r\u0131 \u00c7e\u015fitleri<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Volume_Based_Hacim_Bazli_DDoS_Saldirisi\" >Volume Based (Hacim Bazl\u0131) DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Protocol_Based_Protokol_Bazli_DDoS_Saldirisi\" >Protocol Based (Protokol Bazl\u0131) DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Flood_DDoS_Saldirisi\" >Flood DDoS Sald\u0131r\u0131s\u0131<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Ping_Flood_DDoS_Saldirisi\" >Ping Flood DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#SYN_Flood_DDoS_Saldirisi\" >SYN Flood DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#UDP_Flood_DDoS_Saldirisi\" >UDP Flood DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Application_Layer_Aplikasyon_Katmani_DDoS_Saldirisi\" >Application Layer (Aplikasyon Katman\u0131) DDoS Sald\u0131r\u0131s\u0131<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#Neden_DDoS_Saldirisi_Yapilir\" >Neden DDoS Sald\u0131r\u0131s\u0131 Yap\u0131l\u0131r?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/sunucucozumleri.com\/blog\/ddos-nedir-ddos-saldiri-turleri-nelerdir\/#DDoS_Saldirilarindan_Korunmanin_Yollari\" >DDoS Sald\u0131r\u0131lar\u0131ndan Korunman\u0131n Yollar\u0131<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Botnet_Agi\"><\/span><span id=\"Botnet_Agi\">Botnet A\u011f\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>Botnet a\u011f\u0131,<\/strong>\u00a0hackerlar taraf\u0131ndan zararl\u0131 yaz\u0131l\u0131m yard\u0131m\u0131 ile ele ge\u00e7irilmi\u015f bilgisayarlar taraf\u0131ndan olu\u015fturulan zombi <a href=\"https:\/\/sunucucozumleri.com\/blog\/bilgisayar-nasil-kullanilir\/\">bilgisayar<\/a> a\u011f\u0131na denir. Hackerler \u00e7e\u015fitli yaz\u0131l\u0131mlar yard\u0131m\u0131yla birer birer bir\u00e7ok bilgisayar\u0131 ele ge\u00e7irirler ve bu bilgisayarlar\u0131 \u00e7e\u015fitli ama\u00e7larla (Kripto para madencili\u011fi, siber sald\u0131r\u0131 vb.) tek tek veya ayn\u0131 anda kullan\u0131rlar. \u00c7o\u011fu zaman anla\u015f\u0131lamayan bu durum sizi botnet a\u011f\u0131n\u0131n bir \u00fcyesi haline getirir.\u00a0DDoS sald\u0131r\u0131lar\u0131 da genelde bu Botnet A\u011f\u0131 bilgisayarlar\u0131ndan, yani farkl\u0131 Ip adreslerinden ayn\u0131 anda yap\u0131lmaktad\u0131r. \u00d6zetle\u00a0<strong>Botnet ( Zombi A\u011f)\u00a0<\/strong>olu\u015fturma ama\u00e7lar\u0131 genelde;<\/p>\n<ul>\n<li>Spam yaratma<\/li>\n<li>DDoS Sald\u0131r\u0131s\u0131<\/li>\n<li>Bilgi \u00e7alma<\/li>\n<li>Kripto para madencili\u011fi<\/li>\n<li>Google reklamlar\u0131ndan para kazanma<\/li>\n<li>Google\u2019da \u00f6ne \u00e7\u0131kma veya bir firmay\u0131 a\u015fa\u011f\u0131 \u00e7ekme<\/li>\n<\/ul>\n<p>gibi ama\u00e7larla yap\u0131labilmektedir.<\/p>\n<p>Bir Botnet a\u011f\u0131na dahil olmak istemiyorsan\u0131z bir antivir\u00fcs program\u0131 kullanmal\u0131, g\u00fcvenli olmayan kaynaklardan dosya veya program indirmemelisiniz.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Bandwidth_Bant_Genisligi\"><\/span><span id=\"Bandwidth_Bant_Genisligi\">Bandwidth (Bant Geni\u015fli\u011fi)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Bir sunucudan ayn\u0131 anda girip \u00e7\u0131kabilecek veri ak\u0131\u015f\u0131 s\u0131n\u0131rl\u0131d\u0131r ve bu s\u0131n\u0131r baz\u0131 durumlarda \u00f6zel olarak geni\u015fletilebilir. Yani sunucunun saniye ba\u015f\u0131na aktarabilece\u011fi maksimum veri miktar\u0131 o sunucunun bandwidth de\u011feridir.<\/p>\n<p>\u00d6rne\u011fin bir haber sitesine ayn\u0131 anda \u00e7ok say\u0131da ki\u015fi ula\u015fmaya \u00e7al\u0131\u015f\u0131rken, sunucunun bant geni\u015fli\u011finin kapasitesi kadar veri ak\u0131\u015f\u0131 oldu\u011fu m\u00fcddet\u00e7e site ula\u015f\u0131labilir haldedir. Daha fazla talep gelmeye ba\u015flarsa <a href=\"https:\/\/sunucucozumleri.com\/blog\/frontpage\/\">sunucu<\/a> yan\u0131t s\u00fcreleri uzar ve sonras\u0131nda tamamen yan\u0131ts\u0131z kal\u0131r.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"TCPIP\"><\/span><span id=\"TCPIP\">TCP\/IP<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0130nternet a\u011f\u0131 \u00e7e\u015fitli katmanlara ayr\u0131lm\u0131\u015ft\u0131r ve internet a\u011f\u0131 \u00fczerinden ger\u00e7ekle\u015fen ileti\u015fim i\u00e7in olu\u015fturulmu\u015f baz\u0131 protokoller vard\u0131r. TCP\/IP sistemi i\u00e7inde bulunan ba\u011flant\u0131 protokolleri \u00e7e\u015fitli ama\u00e7larla kullan\u0131l\u0131r. Bir bilgisayar\u0131n di\u011fer bir bilgisayara ba\u011flant\u0131 yapmas\u0131, internet \u00fczerinden veri ak\u0131\u015f\u0131 bu karma\u015f\u0131k ba\u011flant\u0131 protokolleri \u00fczerinden bu 4 katmanda ger\u00e7ekle\u015fir.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Application_Layer_Uygulama_Katmani\"><\/span><span id=\"Application_Layer_Uygulama_Katmani\">Application Layer (Uygulama Katman\u0131)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Bu katmanda veriyi g\u00f6ndermeye \u00e7al\u0131\u015fan uygulama ve dosya bi\u00e7imine g\u00f6re farkl\u0131 protokoller kullan\u0131l\u0131r.\u00a0<strong>HTTP<\/strong>\u00a0(<strong>H<\/strong>yper\u00a0<strong>T<\/strong>ext\u00a0<strong>T<\/strong>ransfer\u00a0<strong>P<\/strong>rotocol) ,\u00a0<strong>SMTP<\/strong>\u00a0(<strong>S<\/strong>imple\u00a0<strong>M<\/strong>ail\u00a0<strong>T<\/strong>ransfer\u00a0<strong>P<\/strong>rotocol),\u00a0<strong>FTP<\/strong>\u00a0(<strong>F<\/strong>ile\u00a0<strong>T<\/strong>ransfer\u00a0<strong>P<\/strong>rotocol), Telnet vs bu katmanda kullan\u0131lan protokollerdir. Her protokol ta\u015f\u0131ma katman\u0131yla baz\u0131 portlar (HTTP: 80 nolu port, FTP 21 nolu port vs.) yard\u0131m\u0131yla ba\u011flant\u0131 kurar.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Transport_Layer_Tasima_Katmani\"><\/span><span id=\"Transport_Layer_Tasima_Katmani\">Transport Layer (Ta\u015f\u0131ma Katman\u0131)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Ta\u015f\u0131ma katman\u0131 verinin ta\u015f\u0131nmas\u0131n\u0131 ve ilgili tarafa aktar\u0131lmas\u0131n\u0131 sa\u011flar.\u00a0<strong>TCP<\/strong>\u00a0(<strong>T<\/strong>ransmission\u00a0<strong>C<\/strong>ontrol\u00a0<strong>P<\/strong>rotocol) ve\u00a0<strong>UDP<\/strong>\u00a0(<strong>U<\/strong>ser<strong>\u00a0D<\/strong>atagram\u00a0<strong>P<\/strong>rotocol) bu katmandaki iki \u00e7e\u015fit veri aktar\u0131m protokol\u00fcd\u00fcr.<\/p>\n<p>TCP veri aktar\u0131m protokol\u00fcnde iki bilgisayar aras\u0131nda\u00a0<strong>Three-Way Handshake<\/strong>\u00a0(\u00fc\u00e7 y\u00f6nl\u00fc el s\u0131k\u0131\u015fma) olmadan ba\u011flant\u0131 olu\u015fmaz.<\/p>\n<p>\u00d6rne\u011fin bir web sitesine ba\u011flanmak istiyoruz diyelim,<\/p>\n<ul>\n<li>Bilgisayar\u0131m\u0131z o web sitesinin sunucuya\u00a0<strong>SYN<\/strong>\u00a0bayrakl\u0131 bir paket yollar<\/li>\n<li>Sunucu bu\u00a0<strong>SYN<\/strong>\u00a0bayra\u011f\u0131na,\u00a0<strong>SYN ve ACK<\/strong>\u00a0bayrakl\u0131 paket ile cevap verir<\/li>\n<li>Bilgisayar\u0131m\u0131z da bu mesaja\u00a0 kendi\u00a0<strong>ACK\u00a0<\/strong>bayrakl\u0131 paket yollar<\/li>\n<\/ul>\n<p>bu a\u015famada ba\u011flant\u0131 ger\u00e7ekle\u015fmi\u015ftir, veri al\u0131\u015fveri\u015fine haz\u0131r hale geliriz ve web sitesinin g\u00f6r\u00fcnt\u00fclenmesi ba\u015flat\u0131l\u0131r.<\/p>\n<p>Bu ba\u011flant\u0131n\u0131n sonlanmas\u0131 da benzer ba\u015fka bir i\u015flem ad\u0131mlar\u0131n\u0131 gerektirir.<\/p>\n<ul>\n<li>Bilgisayar\u0131m\u0131z\u00a0<strong>FIN<\/strong>\u00a0bayrakl\u0131 paketi sunucuya yollar<\/li>\n<li>Sunucu\u00a0<strong>FIN ve ACK<\/strong>\u00a0bayrakl\u0131 paketle cevap verir<\/li>\n<li>Bilgisayar da\u00a0<strong>ACK<\/strong>\u00a0paketiyle i\u015fleme devam eder<\/li>\n<\/ul>\n<p>ve ba\u011flant\u0131 sonlan\u0131r.<\/p>\n<p>Bu veri aktar\u0131m protokol\u00fcnde\u00a0<strong>HTTP,\u00a0HTTPS, POP3, SMTP, FTP<\/strong>\u00a0ba\u011flant\u0131 protokolleri kullanmaktad\u0131r.<\/p>\n<p>UDP protokol\u00fcnde ise verinin iletilip iletilmedi\u011fi kontrol edilmez. \u00c7ok daha h\u0131zl\u0131 veri aktar\u0131m\u0131 ger\u00e7ekle\u015ftirilen bir protokold\u00fcr ve\u00a0<strong>TFTP (T<\/strong>rivial<strong>\u00a0F<\/strong>ile<strong>\u00a0T<\/strong>ransfe<strong>r P<\/strong>rotocol<strong>) ile SNMP (S<\/strong>imple\u00a0<strong>N<\/strong>etwork\u00a0<strong>M<\/strong>anagement\u00a0<strong>P<\/strong>rotocol) protokolleri\u00a0<strong>UDP<\/strong>\u00a0yoluyla \u00e7al\u0131\u015fmaktad\u0131r. \u00dc\u00e7l\u00fc handshake olu\u015fturmad\u0131\u011f\u0131 i\u00e7in daha h\u0131zl\u0131d\u0131r ancak g\u00fcvenilir bir veri aktar\u0131m protokol\u00fc de\u011fildir.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Internet_Layer_Internet_Katmani\"><\/span><span id=\"Internet_Layer_Internet_Katmani\">Internet Layer (\u0130nternet Katman\u0131)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Bu katmanda IP adresleri yoluyla ba\u011flant\u0131 yapan bilgisayarlar tan\u0131mlan\u0131r veriye eklenirler.\u00a0 \u0130nternette veriler belirli b\u00fcy\u00fckl\u00fckteki paketler halinde aktar\u0131lmaktad\u0131r. Paketler bu katmanda olu\u015fturulur ve bu paketlerin maksimum boyutu\u00a0<strong>65.535 byte<\/strong>\u00a0olmaktad\u0131r.\u00a0<strong>IP\u00a0(I<\/strong>nternet<strong>\u00a0P<\/strong>rotocol<strong>), ICMP (I<\/strong>nternet<strong>\u00a0C<\/strong>ontrol<strong>\u00a0M<\/strong>essage<strong>\u00a0P<\/strong>rotocol<strong>), ARP (A<\/strong>ddress<strong>\u00a0R<\/strong>esolution<strong>\u00a0P<\/strong>rotocol<strong>), IGMP<\/strong>\u00a0gibi protokoller bu katmanda \u00e7al\u0131\u015fmaktad\u0131r.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Network_Interface_Layer_Ag_Arayuz_Katmani\"><\/span><span id=\"Network_Interface_Layer_Ag_Arayuz_Katmani\">Network Interface Layer (A\u011f Aray\u00fcz Katman\u0131)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Ethernet ba\u011flant\u0131 protokolleri ile verilerin fiziksel olarak a\u011fdan aktar\u0131lmas\u0131n\u0131 sa\u011flayan katmand\u0131r.\u00a0<strong>MAC (M<\/strong>edia<strong>\u00a0A<\/strong>ccess<strong>\u00a0C<\/strong>ontrol<strong>)<\/strong>,\u00a0<strong>LLC<\/strong>\u00a0(<strong>L<\/strong>ogical\u00a0<strong>L<\/strong>ink\u00a0<strong>C<\/strong>ontrol) ve Fiziksel ba\u011flant\u0131 gibi katmanlar ile veriler elektriksel sinyallere d\u00f6n\u00fc\u015f\u00fcrler.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"DDoS_Saldiri_Cesitleri\"><\/span><span id=\"DDoS_Saldiri_Cesitleri\">DDoS Sald\u0131r\u0131 \u00c7e\u015fitleri<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u015eimdi bu sald\u0131r\u0131 t\u00fcr\u00fcn\u00fcn \u00e7e\u015fitlerini ba\u015fl\u0131klar \u00fczerinden de\u011ferlendirelim isterseniz.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Volume_Based_Hacim_Bazli_DDoS_Saldirisi\"><\/span><span id=\"Volume_Based_Hacim_Bazli_DDoS_Saldirisi\">Volume Based (Hacim Bazl\u0131) DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Hacim bazl\u0131 DDoS sald\u0131r\u0131lar\u0131nda hedef\u00a0sunucunun\u00a0bandwidth kapasitesi olur. Bu sald\u0131r\u0131 t\u00fcr\u00fcnde hedef sunucuya kapasitesinin \u00fcst\u00fcnde veri paketleri yollan\u0131r ve sistemin kapasitesinin a\u015f\u0131m\u0131 nedeniyle yan\u0131t verememesi ile down olmas\u0131 hedeflenir. Genelde bu DDoS sald\u0131r\u0131s\u0131\u00a0<strong>UDP<\/strong>,\u00a0<strong>SYN<\/strong>\u00a0paketlerinin manip\u00fclasyonu yoluyla ger\u00e7ekle\u015ftirilir.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Protocol_Based_Protokol_Bazli_DDoS_Saldirisi\"><\/span><span id=\"Protocol_Based_Protokol_Bazli_DDoS_Saldirisi\">Protocol Based (Protokol Bazl\u0131) DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Ad\u0131 \u00fcst\u00fcnde TCP\/IP ve OSI internet protokollerinin a\u00e7\u0131klar\u0131 \u00fczerinden i\u015flev g\u00f6ren DDoS sald\u0131r\u0131 modeline protokol bazl\u0131 DDoS sald\u0131r\u0131s\u0131 denir.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Flood_DDoS_Saldirisi\"><\/span><span id=\"Flood_DDoS_Saldirisi\">Flood DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><span class=\"ez-toc-section\" id=\"Ping_Flood_DDoS_Saldirisi\"><\/span><span id=\"Ping_Flood_DDoS_Saldirisi\">Ping Flood DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\u00c7ok say\u0131da bilgisayar bir IP adresine\u00a0ping\u00a0atar. Bu i\u015flemler o kadar \u00e7ok say\u0131dad\u0131r ki ping i\u015flemiyle g\u00f6nderilen paketlere sununun cevap vermesini imkans\u0131z hale gelir ve i\u015flem yapmas\u0131n\u0131 engeller. ICMP protokol\u00fc \u00fczerinden yap\u0131lan bu sald\u0131r\u0131 hayati \u00f6nemi olmayan bu servis kapat\u0131larak kolayca engellenebilir.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"SYN_Flood_DDoS_Saldirisi\"><\/span><span id=\"SYN_Flood_DDoS_Saldirisi\">SYN Flood DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Bu DDoS sald\u0131r\u0131s\u0131 modelinde sunucuya \u00e7ok say\u0131da farkl\u0131 ip adresinden SYN bayrakl\u0131 paket g\u00f6nderilir ve sunucunun kapasitesi \u00fcst\u00fcnde gelen bu paketlere yan\u0131t vermesi imkans\u0131zla\u015f\u0131r. Bir i\u015fletim sisteminde al\u0131nan her SYN paketi ile Three-way Handshake ger\u00e7ekle\u015fene kadar bir veri kapasitesi ayr\u0131lmaktad\u0131r. \u00dc\u00e7l\u00fc el s\u0131k\u0131\u015fma ger\u00e7ekle\u015fmemi\u015f her SYN bayrakl\u0131 paket, backlog queue denen bir log kuyru\u011fu olu\u015fturur.<\/p>\n<p>Bu kuyru\u011fun uzunlu\u011fu i\u015fletim sisteminin kapasitesiyle do\u011fru orant\u0131l\u0131 olacakt\u0131r. \u0130\u015flem kuyru\u011fu sistemin kapasitesinin \u00fczerine gelince ba\u015fka SYN paketi al\u0131nmaz hale gelir ve hi\u00e7bir kimse taraf\u0131ndan ba\u011flant\u0131 ger\u00e7ekle\u015ftirilemez.<\/p>\n<p>TCP\/IP internet modelinin manip\u00fclasyonu yoluyla yap\u0131lan bu sald\u0131r\u0131 en \u00e7ok kar\u015f\u0131la\u015f\u0131lan sald\u0131r\u0131 tipidir.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"UDP_Flood_DDoS_Saldirisi\"><\/span><span id=\"UDP_Flood_DDoS_Saldirisi\">UDP Flood DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>UDP paketleri kullan\u0131larak ger\u00e7ekle\u015fen bu sald\u0131r\u0131da ise UDP portlar\u0131n kapanmas\u0131 hedeflenir. Kapanan UDP portu nedeniyle hizmet engellenmi\u015f olur.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Application_Layer_Aplikasyon_Katmani_DDoS_Saldirisi\"><\/span><span id=\"Application_Layer_Aplikasyon_Katmani_DDoS_Saldirisi\">Application Layer (Aplikasyon Katman\u0131) DDoS Sald\u0131r\u0131s\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>HTTP\u00a0protokol\u00fc kullan\u0131larak ger\u00e7ekle\u015fen bu DDoS sald\u0131r\u0131s\u0131 modelinde GET POST i\u015flemleri \u00fczerinden i\u015flem yap\u0131l\u0131r. Nispeten daha basit ve zarars\u0131z sald\u0131r\u0131 t\u00fcr\u00fcd\u00fcr.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Neden_DDoS_Saldirisi_Yapilir\"><\/span><span id=\"Neden_DDoS_Saldirisi_Yapilir\">Neden DDoS Sald\u0131r\u0131s\u0131 Yap\u0131l\u0131r?<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Bilgisayar korsanlar\u0131n\u0131n b\u00fcy\u00fck bir \u00e7o\u011funlu\u011fu, internet sisteminde bask\u0131n olma duygusu ile ekonomik ve siyasi \u00e7\u0131karlar nedeniyle eylemde bulunurlar. Tecr\u00fcbesiz olanlar ise sadece yeteneklerini test etmek i\u00e7in veya sebepsiz yere sald\u0131r\u0131da bulunabilir.<\/p>\n<p><strong>DDoS sald\u0131r\u0131s\u0131n\u0131n etkisi,<\/strong>\u00a0sistemin \u00e7al\u0131\u015fmas\u0131n\u0131 durdurma y\u00f6n\u00fcnde oldu\u011fu i\u00e7in as\u0131l amac\u0131 zarar vermektir.<\/p>\n<p>Siyasi ama\u00e7la yap\u0131lan DDoS sald\u0131r\u0131lar\u0131 \u00fclkeler aras\u0131ndaki gerginlikler artt\u0131\u011f\u0131 zaman meydana gelir. Genelde \u00fclkeler aras\u0131nda ulusal ve milli \u00e7\u0131karlar\u0131n \u00e7at\u0131\u015ft\u0131\u011f\u0131 zamanlarda ger\u00e7ekle\u015firler. \u00dclkenin bankac\u0131l\u0131k sistemi, dijital devlet i\u015flemlerinin y\u00fcr\u00fct\u00fcld\u00fc\u011f\u00fc web tabanl\u0131 sistemler ilk hedef al\u0131nan yerler olmaktad\u0131r.<\/p>\n<p>Di\u011fer DDoS sald\u0131r\u0131lar\u0131 ise genelde ticari ama\u00e7la yap\u0131l\u0131r. \u00c7ok fazla reklam geliri elde eden bir web sitesine yap\u0131lan sald\u0131r\u0131 sonucunda sunucunun kapan\u0131p tekrar a\u00e7\u0131lmas\u0131na kadar ge\u00e7en s\u00fcrede kaybedece\u011fi t\u0131klama ba\u015f\u0131na reklam geliri \u00e7ok fazla olacakt\u0131r.<\/p>\n<p>Yine benzer \u015fekilde bir kripto para borsas\u0131 b\u00f6yle bir sald\u0131r\u0131ya maruz kald\u0131\u011f\u0131 zaman, yay\u0131n\u0131n kesildi\u011fi s\u00fcre boyunca yap\u0131lamayan i\u015flemlerden dolay\u0131 hem kullan\u0131c\u0131lar hem de borsa i\u015fletenler zarar g\u00f6recektir.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"DDoS_Saldirilarindan_Korunmanin_Yollari\"><\/span><span id=\"DDoS_Saldirilarindan_Korunmanin_Yollari\">DDoS Sald\u0131r\u0131lar\u0131ndan Korunman\u0131n Yollar\u0131<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>DDoS sald\u0131r\u0131s\u0131ndan tamamen kurtulmak m\u00fcmk\u00fcn olmamakla beraber baz\u0131 \u00f6nlemler ile b\u00fcy\u00fck oranda korunmak m\u00fcmk\u00fcnd\u00fcr.\u00a0<strong>Apache Web Server\u2019<\/strong>lar yap\u0131s\u0131 ve kapasitesi gere\u011fi Litespeed Web Server\u2019 a nazaran daha kolay manip\u00fcle edilebilir. Bu sebeple Web Server\u2019\u0131n banner bilgisinin kapat\u0131lmas\u0131 hangi web server\u0131 kullan\u0131ld\u0131\u011f\u0131n\u0131n anla\u015f\u0131lmas\u0131n\u0131 da engeller.<\/p>\n<p>Bunun yan\u0131nda\u00a0<strong><a href=\"https:\/\/sunucucozumleri.com\/blog\/cloudflare-rehberi\/\">CloudFlare<\/a><\/strong>\u00a0gibi sunucu sistemi kullanmak da yine DDoS sald\u0131r\u0131lar\u0131na kar\u015f\u0131 daha fazla g\u00fcvende olunmas\u0131 anlam\u0131na gelmektedir. Yap\u0131s\u0131 gere\u011fi bulut sistemlerin kaynak t\u00fcketimi daha zor olacakt\u0131r.<\/p>\n<p><a href=\"https:\/\/sunucucozumleri.com\/blog\/hosting\/fast-web-hosting\/\">Hosting<\/a> hizmetini ald\u0131\u011f\u0131n\u0131z firman\u0131n bu hizmetleri sundu\u011fundan emin olun. SYN Flood DDoS sald\u0131r\u0131s\u0131nda en s\u0131k kullan\u0131lan korunma y\u00f6ntemleri;<\/p>\n<ul>\n<li><strong>SYN Cookie\u00a0<\/strong><\/li>\n<li><strong>SYN Cache<\/strong><\/li>\n<li><strong>SYN <a href=\"https:\/\/sunucucozumleri.com\/blog\/073-proxy-nedir-proxy-nasil-kullanilabilir\/\">Proxy<\/a><\/strong><\/li>\n<\/ul>\n<p><strong>SYN Cookie<\/strong>\u2019de, backlog queue olu\u015fturmamak i\u00e7in her SYN paketi i\u00e7in bir kaynak ayr\u0131lmaz ba\u011flant\u0131 ger\u00e7ekle\u015fene kadar sistem kayna\u011f\u0131 ayr\u0131lmad\u0131\u011f\u0131 i\u00e7in kayna\u011f\u0131n doyurulmas\u0131 m\u00fcmk\u00fcn olmaz. Ancak bu y\u00f6ntem sistemin \u00e7al\u0131\u015fmas\u0131nda genel ba\u015fka sorunlara yol a\u00e7abilir. Ayr\u0131ca sunucunun CPU kullan\u0131m\u0131n\u0131 artt\u0131r\u0131r.<\/p>\n<p><strong>SYN Cache<\/strong>\u00a0ise SYN paketleri i\u00e7in ayr\u0131lan sistem kaynak boyutunu azalt\u0131r ve belirli bir kapasitenin \u00fcst\u00fcne \u00e7\u0131karsa SYN Cookie\u2019yi tetikler.<\/p>\n<p><strong>SYN Proxy<\/strong>, ad\u0131ndan da anla\u015f\u0131laca\u011f\u0131 \u00fczere, bir proxy sistemi kurularak ger\u00e7ekle\u015fir. <a href=\"https:\/\/sunucucozumleri.com\/blog\/073-proxy-nedir-proxy-nasil-kullanilabilir\/\">Proxy sunucusu<\/a> ba\u011flant\u0131lar\u0131 s\u00fczer ve \u00fc\u00e7l\u00fc el s\u0131k\u0131\u015fma ger\u00e7ekle\u015fmeyen ba\u011flant\u0131lar\u0131 as\u0131l sunucuya iletmez. B\u00f6ylece ba\u011flant\u0131lar daha sa\u011fl\u0131kl\u0131 bir \u015fekilde ger\u00e7ekle\u015fir.<\/p>\n<p>Ayr\u0131ca sunucularda daha komplike\u00a0firewall\u00a0(g\u00fcvenlik duvar\u0131) sistemleri kurulmu\u015f olabilir. Ancak DDoS u tamamen engellemek neredeyse m\u00fcmk\u00fcn de\u011fildir.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DDoS\u00a0(Distributed\u00a0Denial\u00a0of\u00a0Service) yani Da\u011f\u0131t\u0131k Hizmet Reddi Sald\u0131r\u0131s\u0131 olarak T\u00fcrk\u00e7ele\u015ftirilen bir siber sald\u0131r\u0131 t\u00fcr\u00fcd\u00fcr. \u00d6rne\u011fin bir web sitesine, bir sunucuya farkl\u0131 farkl\u0131 yerlerden \u00e7ok say\u0131da bilgisayar\u0131n ayn\u0131 anda istek (request) yapmas\u0131 ile sunucunun cevap (response) veremeyecek hale gelmesine ve devre d\u0131\u015f\u0131 kalmas\u0131na\u00a0DDoS sald\u0131r\u0131s\u0131\u00a0denir. Bu i\u015flemde genelde ayn\u0131 anda \u00e7ok farkl\u0131 IP\u2019lerden da\u011f\u0131t\u0131k bir \u015fekilde, belli bir hedefe &hellip;<\/p>\n","protected":false},"author":1,"featured_media":1456,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[12],"tags":[],"class_list":["post-1189","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-seo"],"acf":[],"_links":{"self":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts\/1189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/comments?post=1189"}],"version-history":[{"count":0,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/posts\/1189\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/media\/1456"}],"wp:attachment":[{"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/media?parent=1189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/categories?post=1189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sunucucozumleri.com\/blog\/wp-json\/wp\/v2\/tags?post=1189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}