{"id":3162,"date":"2017-05-09T02:55:00","date_gmt":"2017-05-09T06:55:00","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=3162"},"modified":"2019-11-15T14:51:18","modified_gmt":"2019-11-15T11:51:18","slug":"travel-routers-not-secure","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/travel-routers-not-secure\/3162\/","title":{"rendered":"Seyahat kablosuz modemleri g\u00fcvenli mi?"},"content":{"rendered":"<p>Ge\u00e7ti\u011fimiz g\u00fcnlerde Kaspersky Lab\u2019\u0131n d\u00fczenledi\u011fi <a href=\"https:\/\/sas.kaspersky.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Security Analyst Summit<\/a> (the SAS) etkinli\u011finde kat\u0131l\u0131mc\u0131lar\u0131 d\u00fc\u015f\u00fcnd\u00fcren bir\u00e7ok ilgi \u00e7ekici ara\u015ft\u0131rmac\u0131 vard\u0131. Bir\u00e7o\u011funun konu\u015fmas\u0131n\u0131n ana noktas\u0131 \u015firketlere APT tehdidi olsa da, konu\u015fmalar\u0131n bir k\u0131sm\u0131 bireysel kullan\u0131c\u0131lar\u0131n i\u00e7erisinde bulundu\u011fu risklerdi.<\/p>\n<p>Mesela Securai GmbH\u2019den BT g\u00fcvenlik dan\u0131\u015fman\u0131 Jan Hoersch\u2019in konu\u015fmas\u0131 da b\u00f6yleydi. Ba\u011fl\u0131 Nesnelerin \u0130nterneti (Internet of Things \u2013 IoT) cihazlarda buldu\u011fu a\u00e7\u0131klardan bahseden Jan, 20 dakikal\u0131k konu\u015fmas\u0131 s\u0131ras\u0131nda bahsetti\u011fi en kusurlu yedi \u00fcr\u00fcnden d\u00f6rt tanesi seyahat kablosuz modemleri oldu.<\/p>\n<p>Daha \u00f6nce otellerin Wi-Fi g\u00fcvenlikleri hakk\u0131nda yazm\u0131\u015ft\u0131k. Her zaman %100 g\u00fcvenli de\u011fillerdir, bu y\u00fczden seyahat eden ak\u0131ll\u0131 kullan\u0131c\u0131lar internet g\u00fcvenliklerine fazladan bir g\u00fcvenlik katman\u0131 daha eklemek i\u00e7in ve cihazlar\u0131n\u0131 tek tek otel internetine ba\u011flamakla u\u011fra\u015fmamak i\u00e7in seyahat kablosuz modemleri kullan\u0131yorlar.<\/p>\n<p>Seyahat kablosuz modemlerinin e-ticaret sitelerindeki yorumlar\u0131 genellikle olumlu, hatta harika olarak g\u00f6z\u00fck\u00fcyor. Ancak bu olumlu yorumlar\u0131n i\u00e7erisine bakt\u0131\u011f\u0131nda \u201cg\u00fcvenlik\u201d kelimesini \u00e7ok nadir g\u00f6rebiliyorsunuz.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The password is root\u2026 and you can't change it \u2013 Jan Hoersch <a href=\"https:\/\/twitter.com\/hashtag\/thesas2017?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#thesas2017<\/a> <a href=\"https:\/\/t.co\/xNjYAWa43V\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/xNjYAWa43V<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/849302035388403713?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 4, 2017<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Kullan\u0131c\u0131 i\u00e7in uygunluk ve rahatl\u0131k g\u00fcvenli olmaktan \u00e7ok daha \u00f6nemlidir. Otelin engelledi\u011fi siteye girebildikten sonra cihaz\u0131n\u0131z\u0131 hacklemi\u015fler, kimin umrunda?<\/p>\n<p>Yukar\u0131daki kinayeli c\u00fcmlemiz bir yana, \u00fcz\u00fcc\u00fc ger\u00e7ek (daha \u00f6nce de defalarca bahsetti\u011fimiz gibi), konu <a href=\"https:\/\/www.kaspersky.com\/blog\/?s=IoT\" target=\"_blank\" rel=\"noopener nofollow\">IoT cihazlar<\/a> oldu\u011funda <a href=\"https:\/\/www.kaspersky.com\/blog\/iot-state-of-mind\/11577\/\" target=\"_blank\" rel=\"noopener nofollow\">g\u00fcvenlik<\/a> ilk s\u0131rada yer alm\u0131yor maalesef.<\/p>\n<p>Kablosuz modemler hakk\u0131nda Hoersch, \u201cS\u0131kl\u0131kla g\u00f6m\u00fcl\u00fc parolalar\u0131 kullan\u0131yorsunuz. \u00c7o\u011fu zaman bu parolalar kullan\u0131larak hackleniyorlar, backdoorlar gibi\u201d <a href=\"https:\/\/threatpost.com\/travel-routers-nas-devices-among-easily-hacked-iot-devices\/124877\/\" target=\"_blank\" rel=\"noopener nofollow\">dedi<\/a>.<\/p>\n<p>Peki ne a\u00e7\u0131klar\u0131 buldu?<\/p>\n<p>Ba\u015flang\u0131\u00e7 i\u00e7in, bu kablosuz modemlerin bir tanesi kullan\u0131c\u0131 verisinini (Kullan\u0131c\u0131 ad\u0131, SSID, y\u00f6netici parolas\u0131) d\u00fcz metin olarak sald\u0131rgana g\u00f6nderiyor \u2013 sald\u0131rgan\u0131n bu bilgileri elde etmesi i\u00e7in yapmas\u0131 gereken tek \u015fey kablosuz modeme SMS atmak ve bilgilerin gelmesini beklemek. Di\u011ferleri LAN port a\u00e7\u0131klar\u0131 i\u00e7eriyor, kolayca manip\u00fcle edilen ayarlar, ve ayr\u0131ca zararl\u0131 yaz\u0131l\u0131m enjekte edebilme yetene\u011fi, do\u011frulu\u011fu onaylanmam\u0131\u015f komutlar. K\u0131saca, internet trafi\u011finiz etraf\u0131nda dola\u015fmas\u0131n\u0131 veya bilgisayar\u0131n\u0131za ba\u011fl\u0131 olmas\u0131n\u0131 istemeyece\u011finiz \u015feyler.<\/p>\n<p><a href=\"https:\/\/sas.kaspersky.com\/?utm_medium=blg&amp;utm_source=kd_banner_170405&amp;utm_campaign=ww_sas2017promo\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3102\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2017\/04\/06013328\/what-is-sas-5.png\" alt=\"\" width=\"951\" height=\"341\"><\/a><\/p>\n<p>Soru ayn\u0131: Kendimi korumak i\u00e7in ne yapabilirim?<\/p>\n<p>\u2022 <strong>Ara\u015ft\u0131rman\u0131 yap<\/strong>. Bu Amazon\u2019a girip \u00fcr\u00fcn yorumlar\u0131 okumak anlam\u0131na gelmiyor. Teknoloji internet sitelerine, forumlar\u0131na girin veya Google\u2019da detayl\u0131ca \u00fcr\u00fcn hakk\u0131nda arama yap\u0131n.<\/p>\n<p>\u2022 <strong>Varsay\u0131lan parolay\u0131 de\u011fi\u015ftirip de\u011fi\u015ftiremedi\u011finize bak\u0131n.<\/strong> Ara\u015ft\u0131rman\u0131za bu konuyu da dahil edin. Hoersch\u2019in de belirtti\u011fi gibi, IoT cihazlar\u0131n \u00e7o\u011fu g\u00f6m\u00fcl\u00fc parola ile gelir. E\u011fer cihaz\u0131n\u0131z da b\u00f6yleyse 3. Maddeye bak\u0131n ve sat\u0131n al\u0131p almama konusunda tekrar d\u00fc\u015f\u00fcn\u00fcn.<\/p>\n<p>\u2022<strong> Tehdit seviyenizi belirleyin.<\/strong> Bu her kullan\u0131c\u0131 i\u00e7in farkl\u0131d\u0131r, ama ger\u00e7ekte g\u00fcvenlik her birey i\u00e7in farkl\u0131d\u0131r. E\u011fer <a href=\"http:\/\/kas.pr\/kdkistr\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">anti vir\u00fcs \u00fcr\u00fcn\u00fcn\u00fcz\u00fcn<\/a> ve ki\u015fisel g\u00fcvenlik protokollerinizin g\u00fc\u00e7l\u00fc oldu\u011funu d\u00fc\u015f\u00fcn\u00fcyorsan\u0131z, daha fazla sirk alabilirsiniz. Ancak e\u011fer parola1234 gibi bir parola kullan\u0131yorsan\u0131z, ayn\u0131 parolay\u0131 birden fazla sosyal medya hesab\u0131n\u0131z i\u00e7in kullan\u0131yorsan\u0131z tekrar de\u011ferlendirmelisiniz (ve <a href=\"https:\/\/www.kaspersky.com.tr\/free-password-manager\" target=\"_blank\" rel=\"noopener\">password manager<\/a> hakk\u0131nda d\u00fc\u015f\u00fcnmelisiniz).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ge\u00e7ti\u011fimiz g\u00fcnlerde Kaspersky Lab\u2019\u0131n d\u00fczenledi\u011fi Security Analyst Summit (the SAS) etkinli\u011finde kat\u0131l\u0131mc\u0131lar\u0131 d\u00fc\u015f\u00fcnd\u00fcren bir\u00e7ok ilgi \u00e7ekici ara\u015ft\u0131rmac\u0131 vard\u0131. Bir\u00e7o\u011funun konu\u015fmas\u0131n\u0131n ana noktas\u0131 \u015firketlere APT tehdidi olsa da, konu\u015fmalar\u0131n bir k\u0131sm\u0131 bireysel kullan\u0131c\u0131lar\u0131n i\u00e7erisinde bulundu\u011fu risklerdi.<\/p>\n","protected":false},"author":636,"featured_media":3163,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1351],"tags":[1183,1070,677,337,1219,1220,537,174],"class_list":{"0":"post-3162","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-thesas2017","10":"tag-modem","11":"tag-oneri","12":"tag-sas","13":"tag-sas-17","14":"tag-seyahat","15":"tag-tehditler","16":"tag-wi-fi"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/travel-routers-not-secure\/3162\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/travel-routers-not-secure\/11028\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/travel-routers-not-secure\/9088\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/travel-routers-not-secure\/10396\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/travel-routers-not-secure\/10133\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/travel-routers-not-secure\/14603\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/travel-routers-not-secure\/14652\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/travel-routers-not-secure\/6910\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/travel-routers-not-secure\/9109\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/travel-routers-not-secure\/6615\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/travel-routers-not-secure\/10062\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/travel-routers-not-secure\/15357\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/travel-routers-not-secure\/14652\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/travel-routers-not-secure\/14652\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/sas\/","name":"SAS"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3162","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=3162"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3162\/revisions"}],"predecessor-version":[{"id":7061,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3162\/revisions\/7061"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/3163"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=3162"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=3162"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=3162"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}