{"id":14490,"date":"2026-04-28T17:35:14","date_gmt":"2026-04-28T14:35:14","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=14490"},"modified":"2026-04-28T17:35:14","modified_gmt":"2026-04-28T14:35:14","slug":"security-console-hardening","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/security-console-hardening\/14490\/","title":{"rendered":"G\u00fcvenlik sisteminiz g\u00fcvenli mi?"},"content":{"rendered":"<p>\u015eirketler, sald\u0131r\u0131ya a\u00e7\u0131k alanlar\u0131n\u0131 azaltmak i\u00e7in sistematik bir \u015fekilde \u00e7al\u0131\u015fmaktad\u0131r. A\u011flar\u0131 segmentlere ay\u0131r\u0131r, g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 y\u00f6netir, EDR\/XDR \u00e7\u00f6z\u00fcmlerini devreye al\u0131r ve m\u00fcdahale s\u00fcre\u00e7lerini otomatikle\u015ftirmeye \u00e7al\u0131\u015f\u0131rlar. Ne kadar \u00e7eli\u015fkili g\u00f6r\u00fcnse de genellikle bulmacan\u0131n \u00e7ok \u00f6nemli bir par\u00e7as\u0131n\u0131; t\u00fcm bu savunma sistemini y\u00f6neten ara\u00e7lar\u0131n kendisinin g\u00fcvenli\u011fini, g\u00f6zden ka\u00e7\u0131r\u0131rlar.<\/p>\n<p>Bu durum, zihinsel bir k\u00f6r nokta nedeniyle ortaya \u00e7\u0131kabilir. Bir kurulu\u015fun gerekli t\u00fcm g\u00fcvenlik \u00e7\u00f6z\u00fcmlerini kurmu\u015f olmas\u0131 nedeniyle g\u00fcvenli oldu\u011funu d\u00fc\u015f\u00fcnmek kolayd\u0131r. Ger\u00e7ekte, eklenen her t\u00fcrl\u00fc yaz\u0131l\u0131m (g\u00fcvenlik ara\u00e7lar\u0131 dahil) sald\u0131r\u0131 y\u00fczeyini geni\u015fletir. Bu, s\u00f6z konusu ara\u00e7lar\u0131n da korunmaya ihtiyac\u0131 oldu\u011fu anlam\u0131na gelir ve i\u015fe; do\u011fru ayarlarla bu ara\u00e7lar\u0131 g\u00fcvenli hale getirmekle ba\u015flanmal\u0131d\u0131r.<\/p>\n<h2>G\u00fcvenlik konsolunun ele ge\u00e7irilmesi neden bir kabus senaryosudur?<\/h2>\n<p>G\u00fcvenlik ara\u00e7lar\u0131, ancak onlar\u0131 \u00e7al\u0131\u015ft\u0131ran sistem kadar g\u00fc\u00e7l\u00fcd\u00fcr. Bir sald\u0131rgan, bir kurulu\u015fun altyap\u0131s\u0131na s\u0131zmay\u0131 ba\u015far\u0131r ve g\u00fcvenlik y\u00f6netimi konsolunun kontrol\u00fcn\u00fc ele ge\u00e7irirse, o alanda fiilen tam yetkiye sahip olur. Bu, her \u015feye eri\u015fim sa\u011flayan m\u00fckemmel bir anahtar gibidir. Merkezile\u015ftirilmi\u015f ilke y\u00f6netimi, u\u00e7 nokta izleme, API entegrasyonlar\u0131 ve bunlar\u0131n aras\u0131ndaki her \u015feye do\u011frudan eri\u015fim sa\u011flar.<\/p>\n<p>Bu senaryoda sald\u0131rgan\u0131n, savunmalar\u0131 a\u015fmak i\u00e7in kurnaz y\u00f6ntemler bulmakla zaman kaybetmesine gerek yoktur; tek yapmas\u0131 gereken, yap\u0131land\u0131rmay\u0131 de\u011fi\u015ftirmektir. Konsol eri\u015fimi sayesinde, bir bilgisayar korsan\u0131 sald\u0131r\u0131n\u0131n zorlu a\u015famalar\u0131n\u0131 atlayabilir:<\/p>\n<ul>\n<li>A\u011f\u0131 tek tek taramalar\u0131na gerek yoktur; konsol, t\u00fcm altyap\u0131 ve g\u00fcvenlik mimarisini an\u0131nda ku\u015fbak\u0131\u015f\u0131 bir bak\u0131\u015f a\u00e7\u0131s\u0131yla sunar.<\/li>\n<li>K\u00f6t\u00fc niyetli faaliyetlerini gizlemelerine gerek yoktur; g\u00fcvenlik ilkelerini kolayca de\u011fi\u015ftirebilir, belirli ara\u00e7lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakabilir veya baz\u0131 uyar\u0131lar\u0131 susturabilirler.<\/li>\n<li>Y\u00fck\u00fc u\u00e7 noktalara gizlice yayman\u0131n yollar\u0131n\u0131 aramak yerine, konsolun yerle\u015fik ara\u00e7lar\u0131n\u0131 kullanarak yaz\u0131l\u0131mlar\u0131 ve g\u00fcncellemeleri toplu olarak y\u00fckleyebilirler.<\/li>\n<\/ul>\n<p>\u0130\u015fte bu y\u00fczden kontrol katman\u0131n\u0131n ele ge\u00e7irilmesi bu kadar tehlikelidir. Proaktif bir siber g\u00fcvenlik anlay\u0131\u015f\u0131, ka\u00e7 tane ara\u00e7 kullan\u0131ld\u0131\u011f\u0131yla ilgili de\u011fildir; as\u0131l mesele, kurumsal g\u00fcvenlik mimarisinin ger\u00e7ekte ne kadar dayan\u0131kl\u0131 oldu\u011fudur. Kontrol katman\u0131 zay\u0131f halka ise, hi\u00e7bir y\u00fcksek teknolojili yaz\u0131l\u0131m bu riski azaltamaz.<\/p>\n<h2>G\u00fcvenlik konsolunu nas\u0131l koruyabilirsiniz?<\/h2>\n<p>Ka\u011f\u0131t \u00fczerinde, \u00e7o\u011fu g\u00fcvenlik y\u00f6netim sistemi korumay\u0131 g\u00fc\u00e7lendirmek i\u00e7in gereken t\u00fcm mekanizmalara zaten sahiptir. Peki sorun nedir? Bu g\u00fcvenlik \u00f6nlemleri (iki fakt\u00f6rl\u00fc kimlik do\u011frulama gibi temel \u00f6nlemler dahil) genellikle var olmakla birlikte zorunlu de\u011fildir. G\u00fcvenlik \u00f6nerileri yay\u0131nlan\u0131r, ancak her zaman tutarl\u0131 bir \u015fekilde uygulanmaz. Bazen ise tamamen g\u00f6rmezden gelinirler. Daha da k\u00f6t\u00fcs\u00fc, varsay\u0131lan olarak etkinle\u015ftirilmi\u015f olan kritik g\u00fcvenlik ayarlar\u0131 genellikle tek bir t\u0131klamayla devre d\u0131\u015f\u0131 b\u0131rak\u0131labilir ve bu de\u011fi\u015fiklik an\u0131nda t\u00fcm kullan\u0131c\u0131lara yans\u0131t\u0131l\u0131r. D\u00fcr\u00fcst olal\u0131m; insanlar genellikle kolayl\u0131k u\u011fruna bu \u00f6zellikleri devre d\u0131\u015f\u0131 b\u0131rak\u0131r.<\/p>\n<p>Ger\u00e7ek hayatta bu, kurumsal g\u00fcvenli\u011fin sonu\u00e7ta bir y\u00f6neticinin ki\u015fisel disiplinine ba\u011fl\u0131 oldu\u011fu anlam\u0131na gelir. Ancak disiplin, mimari bir savunma mekanizmas\u0131 i\u015flevi g\u00f6remez.<\/p>\n<p>Kontrol katman\u0131n\u0131 korumaya y\u00f6nelik modern yakla\u015f\u0131m, varsay\u0131lan olarak g\u00fcvenli bir modele do\u011fru kaymaktad\u0131r. Bu yap\u0131land\u0131rmada, kritik g\u00fcvenlik \u00f6nlemleri temel yap\u0131land\u0131rmaya entegre edilmi\u015ftir ve bunlar\u0131n genel olarak devre d\u0131\u015f\u0131 b\u0131rak\u0131lmas\u0131 k\u0131s\u0131tlanm\u0131\u015ft\u0131r. Esasen, g\u00fcvenlik art\u0131k iste\u011fe ba\u011fl\u0131 bir \u00f6zellik olmaktan \u00e7\u0131kmantad\u0131r.<\/p>\n<p>Buradaki ama\u00e7, savunma ara\u00e7lar\u0131n\u0131n g\u00fcvenli\u011fi konusunda tahminlere dayal\u0131 yakla\u015f\u0131mlar\u0131 ortadan kald\u0131rmak ve y\u00f6netim d\u00fczeyinde sald\u0131r\u0131 y\u00fczeyini daraltmakt\u0131r.<\/p>\n<h2>Kaspersky Security Center Linux\u2019ta bu yakla\u015f\u0131m\u0131 nas\u0131l uyguluyoruz?<\/h2>\n<p>\u00dcr\u00fcnlerimiz, kritik g\u00fcvenlik mekanizmalar\u0131n\u0131n iste\u011fe ba\u011fl\u0131 bir \u00f6zellik olmaktan ziyade temel mimarinin bir par\u00e7as\u0131 oldu\u011fu bir modele do\u011fru istikrarl\u0131 bir \u015fekilde ilerlemektedir. K\u0131sa bir s\u00fcre \u00f6nce, bu mimari de\u011fi\u015fikli\u011fin temel ilkelerine entegre edildi\u011fi Kaspersky Security Center Linux\u2019un yeni s\u00fcr\u00fcm\u00fcn\u00fc (16.1) yay\u0131nlad\u0131k. Bu de\u011fi\u015fiklik, \u00f6ncelikle konsol eri\u015fim denetimini s\u0131k\u0131la\u015ft\u0131rarak ger\u00e7ekle\u015ftirildi. Art\u0131k iki fakt\u00f6rl\u00fc kimlik do\u011frulama varsay\u0131lan olarak etkin ve bunu genel olarak devre d\u0131\u015f\u0131 b\u0131rakma se\u00e7ene\u011fi kald\u0131r\u0131ld\u0131. Y\u00fckseltme i\u015fleminden \u00f6nce y\u00f6neticiler; Web Console \u00fczerinden \u00e7al\u0131\u015fanlar veya OpenAPI otomasyonunu kullananlar da dahil olmak \u00fczere, t\u00fcm kullan\u0131c\u0131lar i\u00e7in iki a\u015famal\u0131 kimlik do\u011frulaman\u0131n (2FA) etkinle\u015ftirildi\u011finden emin olmal\u0131lar.<\/p>\n<p>Bu, konsol d\u00fczeyinde ayr\u0131cal\u0131kl\u0131 eri\u015fim i\u00e7in temel bir koruma sa\u011flar; y\u00f6netici hesaplar\u0131n\u0131n ele ge\u00e7irilme riskini azalt\u0131r, otomasyon kanallar\u0131n\u0131 korur, API\u2019lerin k\u00f6t\u00fcye kullan\u0131lmas\u0131 olas\u0131l\u0131\u011f\u0131n\u0131 d\u00fc\u015f\u00fcr\u00fcr ve g\u00fcvenli\u011fi iste\u011fe ba\u011fl\u0131 hale getirmenin yol a\u00e7t\u0131\u011f\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 ortadan kald\u0131r\u0131r. Bu sayede, \u00f6zellikle y\u00f6netim kontrol katman\u0131nda potansiyel sald\u0131r\u0131 y\u00fczeyi azalt\u0131l\u0131r.<\/p>\n<p>Ancak, daha \u00f6nce de belirtildi\u011fi gibi, \u00e7o\u011fu konsol ve y\u00f6netim sistemindeki sorun g\u00fcvenlik \u00f6zelliklerinin eksikli\u011finden de\u011fil, bunlar\u0131n nas\u0131l kullan\u0131ld\u0131\u011f\u0131na dair sistematik bir kontrol\u00fcn olmamas\u0131ndan kaynaklanmaktad\u0131r. \u00d6rne\u011fin, a\u015f\u0131r\u0131 yetkiye sahip y\u00f6neticiler ya da g\u00fcvenli olmayan Y\u00f6netim Sunucusu ba\u011flant\u0131 ayarlar\u0131 s\u0131k s\u0131k kar\u015f\u0131m\u0131za \u00e7\u0131kmaktad\u0131r. Kaspersky Security Center i\u00e7in bu konular\u0131 ayr\u0131nt\u0131lar\u0131yla ele alan bir <a href=\"https:\/\/support.kaspersky.com\/ksc-linux\/16.1\/245736\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik g\u00fc\u00e7lendirme k\u0131lavuzunu<\/a> daha \u00f6nce yay\u0131nlam\u0131\u015ft\u0131k; ancak ne yaz\u0131k ki herkes bu t\u00fcr kapsaml\u0131 teknik k\u0131lavuzlar\u0131 okumak i\u00e7in zaman ay\u0131rm\u0131yor.<\/p>\n<p>Bu nedenle, kimsenin \u00f6nemli noktalar\u0131 g\u00f6zden ka\u00e7\u0131rmamas\u0131 i\u00e7in Kaspersky Security Center Linux s\u00fcr\u00fcm 16.1\u2019i g\u00fcvenli hale getirmek \u00fczere <a href=\"https:\/\/support.kaspersky.com\/ksc-linux\/16.1\/314276\" target=\"_blank\" rel=\"noopener\">yap\u0131land\u0131r\u0131lm\u0131\u015f bir kontrol listesi<\/a> haz\u0131rlad\u0131k. Bu kontrol listesi:<\/p>\n<ul>\n<li>Kimlik do\u011frulama ve eri\u015fim izinlerinin do\u011fru \u015fekilde yap\u0131land\u0131r\u0131ld\u0131\u011f\u0131n\u0131 teyit eder<\/li>\n<li>A\u015f\u0131r\u0131 ayr\u0131cal\u0131klara sahip rolleri ve kullan\u0131c\u0131lar\u0131 tespit etmeye yard\u0131mc\u0131 olur<\/li>\n<li>Konsola a\u011f eri\u015fimini k\u0131s\u0131tlama konusunda kullan\u0131c\u0131ya rehberlik eder<\/li>\n<li>API\u2019lerin korunmas\u0131na \u00f6nem verir<\/li>\n<li>\u015eifreleme gerekliliklerini g\u00fc\u00e7lendirir<\/li>\n<li>Denetim ve g\u00fcnl\u00fck kayd\u0131 i\u015flemlerinin do\u011fru \u015fekilde yap\u0131land\u0131r\u0131lmas\u0131n\u0131 sa\u011flar<\/li>\n<li>Yap\u0131land\u0131rma eksiklikleri riskini azalt\u0131r<\/li>\n<\/ul>\n<p>Esasen bu, kontrol katman\u0131n\u0131n sistematik bir \u015fekilde denetlenmesi i\u00e7in kullan\u0131lan bir ara\u00e7t\u0131r. Bu, konsolun sald\u0131rganlar i\u00e7in bir giri\u015f noktas\u0131 veya altyap\u0131 i\u00e7inde yatay olarak yay\u0131lmalar\u0131na olanak tan\u0131yan bir ara\u00e7 haline gelmesini engeller. Kullan\u0131c\u0131n\u0131n takdirine b\u0131rak\u0131lan kritik ayarlar\u0131n say\u0131s\u0131 ne kadar az olursa, hata veya g\u00fcvenlik ihlali riski de o kadar azal\u0131r.<\/p>\n<p>Y\u00f6netim konsolunda geli\u015ftirilmi\u015f kimlik do\u011frulama ve yap\u0131land\u0131r\u0131lm\u0131\u015f g\u00fcvenlik g\u00fc\u00e7lendirmeleri, sadece k\u00fc\u00e7\u00fck de\u011fi\u015fiklikler de\u011fildir; bunlar, g\u00fcvenlik y\u00f6netimine y\u00f6nelik daha kapsaml\u0131 bir yakla\u015f\u0131m\u0131 temsil etmektedir. Bu koruma katman\u0131n\u0131 geli\u015ftirmeye devam etmeyi planl\u0131yoruz. B\u00f6ylece sald\u0131r\u0131 y\u00fczeyini sadece u\u00e7 nokta d\u00fczeyinde de\u011fil, y\u00f6netim sisteminin kendi i\u00e7inde de azaltmay\u0131 hedefliyoruz. Kaspersky Security Center hakk\u0131nda daha fazla bilgiyi <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/security-center?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team_______bec110d08549578a\" target=\"_blank\" rel=\"noopener\">konsol sayfas\u0131nda<\/a> bulabilirsiniz; g\u00fcvenlik g\u00fc\u00e7lendirme kontrol listesi ise <a href=\"https:\/\/support.kaspersky.com\/ksc-linux\/16.1\/314276\" target=\"_blank\" rel=\"noopener\">teknik destek sitemizde<\/a> mevcuttur.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"mdr\"><input type=\"hidden\" class=\"placeholder_for_banner\" data-cat_id=\"mdr\" value=\"14436\">\n","protected":false},"excerpt":{"rendered":"<p>Bir g\u00fcvenlik konsolunu korumak, san\u0131ld\u0131\u011f\u0131ndan daha \u00f6nemlidir. \u0130\u015fte kontrol katman\u0131n\u0131n ele ge\u00e7irilmesi konusunda bilmeniz gerekenler ve bunun nas\u0131l \u00f6nlenebilece\u011fi.<\/p>\n","protected":false},"author":2782,"featured_media":14491,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[881,519,551],"class_list":{"0":"post-14490","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-ayarlar","11":"tag-ipuclari-2","12":"tag-urunler-2"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/security-console-hardening\/14490\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/security-console-hardening\/30382\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/security-console-hardening\/25432\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/security-console-hardening\/30230\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/security-console-hardening\/32032\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/security-console-hardening\/41672\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/security-console-hardening\/55577\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/security-console-hardening\/24929\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/security-console-hardening\/30512\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/security-console-hardening\/36118\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/security-console-hardening\/35770\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/ayarlar\/","name":"ayarlar"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2782"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=14490"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14490\/revisions"}],"predecessor-version":[{"id":14493,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14490\/revisions\/14493"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/14491"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=14490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=14490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=14490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}