{"id":10295,"date":"2021-11-23T14:22:09","date_gmt":"2021-11-23T11:22:09","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10295"},"modified":"2021-11-23T14:22:09","modified_gmt":"2021-11-23T11:22:09","slug":"proxyware","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/proxyware\/10295\/","title":{"rendered":"\u0130\u015fletmelerin ba\u015f\u0131 proxy yaz\u0131l\u0131mlarla dertte"},"content":{"rendered":"<p>\u0130\u015fteki internet bant geni\u015fli\u011finizin ufac\u0131k bir k\u0131sm\u0131na eri\u015fim kar\u015f\u0131l\u0131\u011f\u0131nda \u00f6deme ald\u0131\u011f\u0131n\u0131z\u0131 hayal edin. Kula\u011fa ho\u015f geliyor de\u011fil mi? Bilgisayar nas\u0131l olsa s\u00fcrekli a\u00e7\u0131k; s\u0131n\u0131rs\u0131z internet eri\u015fiminiz de var. \u00d6yleyse neden olmas\u0131n? \u00dcstelik kendi kaynaklar\u0131n\u0131z\u0131 bile kullanm\u0131yorsunuz; bilgisayar da, bant geni\u015fli\u011fi de \u015firketin.<\/p>\n<p>T\u00fcm bunlar \u00e7ok basit g\u00f6r\u00fcnse de i\u015f bilgisayar\u0131na bir proxy yaz\u0131l\u0131m istemcisi y\u00fcklerken kabul etti\u011finiz \u015feyler hi\u00e7 de zarars\u0131z de\u011fil. Proxy yaz\u0131l\u0131m y\u00fckledi\u011finizde \u015firket a\u011f\u0131n\u0131 kazanabilece\u011finiz paran\u0131n \u00e7ok \u00e7ok \u00fczerinde zararlara yol a\u00e7abilecek risklere kar\u015f\u0131 savunmas\u0131z b\u0131rakm\u0131\u015f oluyorsunuz. A\u00e7\u0131k konu\u015fmak gerekirse internetten para kazanmay\u0131 vadeden dolaplar\u0131n hi\u00e7biri bu kadar \u00e7ok istenmeyen sonu\u00e7 do\u011furmuyor. Bug\u00fcn, proxy yaz\u0131l\u0131mlar\u0131n neden tehlikeli oldu\u011funu a\u00e7\u0131kl\u0131yoruz.<\/p>\n<h2>Proxy yaz\u0131l\u0131m nedir?<\/h2>\n<p><em>Proxy yaz\u0131l\u0131m<\/em> terimi, ilk olarak <a href=\"https:\/\/blog.talosintelligence.com\/2021\/08\/proxyware-abuse.html\" target=\"_blank\" rel=\"noopener nofollow\">bu olgu hakk\u0131nda derinlemesine bir rapor haz\u0131rlayan<\/a> Cisco Talos ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan ortaya at\u0131ld\u0131. Bir proxy yaz\u0131l\u0131m servisi \u00f6z\u00fcnde bir proxy sunucu gibi davran\u0131r. Y\u00fcklendi\u011fi masa\u00fcst\u00fc bilgisayar\u0131n veya ak\u0131ll\u0131 telefonun internet ba\u011flant\u0131s\u0131n\u0131 \u00fc\u00e7\u00fcnc\u00fc bir taraf i\u00e7in eri\u015filebilir hale getirir. \u0130stemci, program\u0131n ne kadar uzun s\u00fcre etkin kald\u0131\u011f\u0131na ve ne kadar bant geni\u015fli\u011fi kullanmas\u0131na izin verildi\u011fine ba\u011fl\u0131 olarak puan kazan\u0131r. Sonras\u0131nda bu puanlar para birimine \u00e7evrilip bir banka hesab\u0131na transfer edilebilir.<\/p>\n<p>Elbette bu t\u00fcr servisler her zaman yasa d\u0131\u015f\u0131 ama\u00e7larla kullan\u0131lmaz; bazen yasal uygulama alanlar\u0131 da olabilir. \u00d6rne\u011fin, farkl\u0131 co\u011frafi b\u00f6lgelerden m\u00fcmk\u00fcn oldu\u011funca fazla internet giri\u015fine ihtiya\u00e7 duyan b\u00fcy\u00fck \u015firketlerin pazarlama departmanlar\u0131 taraf\u0131ndan da kullan\u0131labilirler.<\/p>\n<h2>\u015eirket bilgisayar\u0131na proxy yaz\u0131l\u0131m y\u00fcklemek neden iyi bir fikir de\u011fil<\/h2>\n<p>Proxy yaz\u0131l\u0131m servisleri \u201ckirac\u0131lar\u0131n\u201d zarars\u0131z oldu\u011funu \u00f6ne s\u00fcrse de bazen IP adresi itibar\u0131n\u0131n zedelenmesi ve yaz\u0131l\u0131m g\u00fcvenilirli\u011fi gibi problemler ortaya \u00e7\u0131kabilir.<\/p>\n<h3>IP adresi pesimizasyonu<\/h3>\n<p>Proxy yaz\u0131l\u0131m \u00e7al\u0131\u015ft\u0131ran bilgisayar kullan\u0131c\u0131lar\u0131 (hatta tek bir IP adresi varsa a\u011f\u0131n tamam\u0131) i\u00e7in en yayg\u0131n problem, bu servislerin s\u0131kl\u0131kla <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/captcha\/\" target=\"_blank\" rel=\"noopener\">CAPTCHA<\/a>\u2018larla kar\u015f\u0131 kar\u015f\u0131ya gelmesidir. CAPTCHA\u2019lar\u0131n amac\u0131, belirli bir \u00e7evrimi\u00e7i kayna\u011fa yaln\u0131zca ger\u00e7ek insanlar\u0131n eri\u015fim sa\u011flamas\u0131d\u0131r. Proxy yaz\u0131l\u0131ma sahip bir bilgisayar hakl\u0131 olarak \u015f\u00fcphe uyand\u0131r\u0131r.<\/p>\n<p>Bant geni\u015fli\u011fi kirac\u0131lar\u0131n\u0131n proxy yaz\u0131l\u0131m y\u00fckl\u00fc bilgisayarlar\u0131 kullanmak i\u00e7in se\u00e7ti\u011fi yollardan biri, s\u00fcrekli bir istek ta\u015fmas\u0131 g\u00f6ndererek interneti taramak ya da internet sitesinin eri\u015fim h\u0131z\u0131n\u0131 \u00f6l\u00e7mektir. Bu durum otomatik DDoS koruma sistemlerinin ho\u015funa gitmez. Ayr\u0131ca spam e-postalar gibi daha \u015f\u00fcpheli bir \u015feylerin g\u00f6stergesi de olabilir.<\/p>\n<p>Otomatik istekler y\u00fcz\u00fcnden i\u015fletme IP adresinin g\u00fcvenli olmayan adresler listesine girmesi, \u015firket i\u00e7in \u00e7ok ciddi sonu\u00e7lar do\u011furabilir.\u00a0 \u00d6rne\u011fin, e-posta sunucusu da ayn\u0131 adreste \u00e7al\u0131\u015f\u0131yorsa \u00e7al\u0131\u015fanlar\u0131n mesajlar\u0131 bir noktadan sonra d\u0131\u015far\u0131dan al\u0131c\u0131lara ula\u015fmamaya ba\u015flayabilir. Di\u011fer e-posta sunucular\u0131, i\u015fletmenin IP adresini ve alan\u0131n\u0131 engellemeye ba\u015flayacakt\u0131r.<\/p>\n<h3>Sahte proxy yaz\u0131l\u0131m istemcileri<\/h3>\n<p>Proxy yaz\u0131l\u0131m y\u00fckleyen \u00e7al\u0131\u015fanlar\u0131n ald\u0131\u011f\u0131 risklerden biri de istemedikleri bir \u015fey indirmektir. Birlikte \u015fu k\u00fc\u00e7\u00fck deneyi yapal\u0131m: Google\u2019a girip \u201choneygain indir\u201d yaz\u0131n. Kar\u015f\u0131n\u0131za geli\u015ftiricinin resmi sitesinin yan\u0131 s\u0131ra y\u00fczlerce dosya payla\u015f\u0131m sitesi ba\u011flant\u0131s\u0131 \u00e7\u0131kacak. Herhangi bir ilkeye ba\u011fl\u0131 \u00e7al\u0131\u015fmayan bu dosya payla\u015f\u0131m sitelerindeki ba\u011flant\u0131lar\u0131n yar\u0131s\u0131, indirdi\u011finiz dosyan\u0131n yan\u0131nda bir tak\u0131m \u201cbonus i\u00e7erikler\u201d i\u00e7erir.<\/p>\n<p>Ne t\u00fcr bonus i\u00e7erikler? Ara\u015ft\u0131rmac\u0131lara g\u00f6re bu t\u00fcr Truva At\u0131 y\u00fckleyicilerden biri, (bilgisayar kaynaklar\u0131n\u0131n yan\u0131 s\u0131ra elektrik t\u00fcketen) bir kripto madencili\u011fi program\u0131 ve siber su\u00e7lular\u0131n komuta sunucusuna ba\u011flanmak i\u00e7in bir ara\u00e7 i\u00e7eriyordu. Siber su\u00e7lular bu sunuculardan diledikleri zaman diledikleri \u015feyi indirebiliyordu.<\/p>\n<p>Bu t\u00fcr bir proxy yaz\u0131l\u0131m, bir i\u015fletmenin t\u00fcm BT altyap\u0131s\u0131n\u0131 \u00e7\u00f6kertebilir. Fidye yaz\u0131l\u0131mlar\u0131n verileri \u015fifrelemesine, fidye taleplerine ve \u00e7ok daha fazlas\u0131na da yol a\u00e7abilir. \u00d6zetle proxy yaz\u0131l\u0131mlar i\u015fletmeler i\u00e7in \u00e7ok \u00e7e\u015fitli tehlikeler olu\u015fturabilir.<\/p>\n<h2>Proxy yaz\u0131l\u0131mlar\u0131n gizli olarak y\u00fcklenmesi<\/h2>\n<p>\u00c7o\u011fu senaryoda, yukar\u0131da bahsetti\u011fimiz gibi, (bazen yetkisiz de olsa) bilin\u00e7li olarak y\u00fcklenen proxy yaz\u0131l\u0131mlar\u0131n istenmeyen sonu\u00e7lar\u0131 s\u00f6z konusudur. Ancak bazen aksi de olabilir. Bir \u00e7al\u0131\u015fan, \u015f\u00fcpheli bir siteden ger\u00e7ekten k\u00f6t\u00fc ama\u00e7l\u0131 bir yaz\u0131l\u0131m kapabilir ve bu yaz\u0131l\u0131m bilgisayara de\u011fi\u015ftirilmi\u015f bir proxy yaz\u0131l\u0131m istemcisi y\u00fckleyebilir. Bu da bilgisayarlar\u0131n yava\u015flamas\u0131 ve a\u011f bant geni\u015fli\u011finin azalmas\u0131ndan veri h\u0131rs\u0131zl\u0131\u011f\u0131na kadar bir\u00e7ok sorun yaratabilir.<\/p>\n<h2>\u0130\u015fletmelere tavsiyeler<\/h2>\n<p>Proxy yaz\u0131l\u0131mlar arac\u0131l\u0131\u011f\u0131yla kriminal k\u00f6t\u00fcye kullan\u0131mla sava\u015fman\u0131n en iyi yolu, internet eri\u015fimi olan t\u00fcm bilgisayarlara <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/cloud?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kescloud___\" target=\"_blank\" rel=\"noopener\">g\u00fcvenilir bir antivir\u00fcs \u00e7\u00f6z\u00fcm\u00fc<\/a> kurmakt\u0131r. Bu yaln\u0131zca \u015firketinizi proxy yaz\u0131l\u0131mlar\u0131n zararl\u0131 etkilerine kar\u015f\u0131 g\u00fcvende tutmakla kalmaz, ayn\u0131 zamanda sizi di\u011fer k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n i\u00e7indeki proxy yaz\u0131l\u0131mlardan da korur.<\/p>\n<p>A\u00e7\u0131k konu\u015fmak gerekirse \u201ctemiz\u201d proxy yaz\u0131l\u0131mlar bile g\u00fcvenilir de\u011fildir. Sa\u011flam bir g\u00fcvenlik politikas\u0131, hem ofisteki bilgisayarlara hem de i\u015fletmenin VPN\u2019ine ba\u011flanan di\u011fer \u00e7al\u0131\u015fan bilgisayarlar\u0131na proxy yaz\u0131l\u0131m ya da ba\u015fka \u015f\u00fcpheli bir yaz\u0131l\u0131m y\u00fcklenmesine izin vermez. \u00c7o\u011fu \u00e7al\u0131\u015fan\u0131n bilgisayar\u0131na ba\u011f\u0131ms\u0131z olarak yaz\u0131l\u0131m y\u00fcklemeye ihtiyac\u0131 yoktur. Prensip olarak da buna izin verilmemelidir.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kes-cloud\">\n","protected":false},"excerpt":{"rendered":"<p>\u00c7al\u0131\u015fanlar\u0131n i\u015fverenlerden habersiz y\u00fckledi\u011fi proxy yaz\u0131l\u0131mlar i\u015fletmeleri daha fazla siber riskle kar\u015f\u0131 kar\u015f\u0131ya b\u0131rak\u0131yor. <\/p>\n","protected":false},"author":665,"featured_media":10296,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[777,2506],"class_list":{"0":"post-10295","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-internet","11":"tag-istenmeyen-yazilimlar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/proxyware\/10295\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/proxyware\/23676\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/proxyware\/19128\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/proxyware\/9592\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/proxyware\/25761\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/proxyware\/23814\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/proxyware\/23440\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/proxyware\/26478\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/proxyware\/26036\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/proxyware\/31966\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/proxyware\/42947\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/proxyware\/18161\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/proxyware\/18554\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/proxyware\/15564\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/proxyware\/27784\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/proxyware\/32163\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/proxyware\/27866\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/proxyware\/24607\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/proxyware\/29992\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/proxyware\/29795\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/internet\/","name":"Internet"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/665"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10295"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10295\/revisions"}],"predecessor-version":[{"id":10297,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10295\/revisions\/10297"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10296"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}