{"id":4272,"date":"2017-10-17T16:05:10","date_gmt":"2017-10-17T13:05:10","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=4272"},"modified":"2019-11-15T14:47:33","modified_gmt":"2019-11-15T11:47:33","slug":"krackattack","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/krackattack\/4272\/","title":{"rendered":"KRACK: Wi-Fi ba\u011flant\u0131n\u0131z art\u0131k g\u00fcvenli de\u011fil"},"content":{"rendered":"<p>G\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n \u00e7o\u011fu, milyonlarca ki\u015fiyi etkilese bile d\u00fcnya n\u00fcfusunun b\u00fcy\u00fck bir k\u0131sm\u0131 taraf\u0131ndan fark edilmez. Ancak bug\u00fcn bas\u0131na yans\u0131yan haberler yak\u0131n zamanda a\u00e7\u0131\u011fa \u00e7\u0131kan <a href=\"https:\/\/threatpost.com\/2013-yahoo-breach-affected-all-3-billion-accounts\/128259\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Yahoo g\u00fcvenlik ihl\u00e2linden<\/a> bile daha \u00f6nemli olabilir ve d\u00fcnya \u00e7ap\u0131nda milyarlarca ki\u015fiyi etkileyebilir: Ara\u015ft\u0131rmac\u0131lar t\u00fcm Wi-Fi a\u011flar\u0131n\u0131 g\u00fcvensiz hale getiren bir grup g\u00fcvenlik a\u00e7\u0131\u011f\u0131 buldu.<\/p>\n<p>D\u00fcn yay\u0131nlanan bir <a href=\"https:\/\/papers.mathyvanhoef.com\/ccs2017.pdf\" target=\"_blank\" rel=\"noopener nofollow\">makalede<\/a> WPA veya WPA2 \u015fifrelemesine sahip neredeyse t\u00fcm Wi-Fi a\u011flar\u0131n\u0131n tehlikede oldu\u011fu a\u00e7\u0131kland\u0131. WPA protokol\u00fc, modern Wi-Fi\u2019larda standart oldu\u011fu i\u00e7in bu durum, neredeyse d\u00fcnyadaki t\u00fcm Wi-Fi a\u011flar\u0131n\u0131n savunmas\u0131z oldu\u011fu anlam\u0131na gelir.<\/p>\n<p>Ara\u015ft\u0131rman\u0131n son derece karma\u015f\u0131k olmas\u0131 nedeniyle bu makalede ayr\u0131nt\u0131lara girmeden yaln\u0131zca temel bulgular\u0131 k\u0131saca a\u00e7\u0131klayaca\u011f\u0131z.<\/p>\n<h2>KRACK Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/h2>\n<p>Ara\u015ft\u0131rmac\u0131lar Android, iOS, Linux, macOS, Windows ve di\u011fer baz\u0131 i\u015fletim sistemlerini temel alan cihazlar\u0131n bu sald\u0131r\u0131n\u0131n bir t\u00fcr\u00fcne kar\u015f\u0131 savunmas\u0131z oldu\u011funu ke\u015ffetti. Bu da, neredeyse t\u00fcm cihazlar\u0131n tehlike alt\u0131nda oldu\u011fu anlam\u0131na gelir. Bu sald\u0131r\u0131 t\u00fcr\u00fcne key reinstallation attack ya da k\u0131saca <a href=\"https:\/\/www.krackattacks.com\/\" target=\"_blank\" rel=\"noopener nofollow\">KRACK<\/a> ad\u0131 verildi.<\/p>\n<p>Ara\u015ft\u0131rmac\u0131lar, \u00f6zellikle sald\u0131r\u0131n\u0131n nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 a\u00e7\u0131klamak i\u00e7in Android 6 tabanl\u0131 bir cihaz kulland\u0131. Bu sald\u0131r\u0131y\u0131 ger\u00e7ekle\u015ftirmek i\u00e7in sald\u0131rgan var olan bir a\u011f ile ayn\u0131 ada (SSID) sahip bir Wi-Fi a\u011f\u0131 kurmak ve belirli bir kullan\u0131c\u0131y\u0131 hedef almak zorundad\u0131r. Sald\u0131rgan kullan\u0131c\u0131n\u0131n orijinal a\u011fa ba\u011flanmak \u00fczere oldu\u011funu fark etti\u011fi anda, cihaz\u0131 ba\u015fka bir kanala y\u00f6nlendiren ve ayn\u0131 ada sahip sahte a\u011fa ba\u011flanmas\u0131n\u0131 sa\u011flayan \u00f6zel paketler g\u00f6nderir.<\/p>\n<p>Daha sonra \u015fifreleme protokollerinin uygulanmas\u0131ndaki bir hatadan yararlanarak kullan\u0131c\u0131n\u0131n kulland\u0131\u011f\u0131 \u015fifreleme anahtar\u0131n\u0131 s\u0131f\u0131r dizisi ile de\u011fi\u015ftirir. Bu sayede kullan\u0131c\u0131n\u0131n y\u00fckledi\u011fi ve indirdi\u011fi t\u00fcm bilgilere eri\u015fim sa\u011flayabilir.<\/p>\n<p>Web sitelerine eri\u015fim sa\u011flamak i\u00e7in ba\u015fka bir g\u00fcvenlik katman\u0131 daha vard\u0131r. Bu katmanda SSL veya HTTPS gibi \u015fifreli ba\u011flant\u0131lar bulunur. Ancak bir web sitesinde \u015fifreleme do\u011fru \u015fekilde uygulanmad\u0131ysa sahte eri\u015fim noktas\u0131na kurulu SSLstrip adl\u0131 basit bir ara\u00e7, taray\u0131c\u0131y\u0131 sitenin \u015fifreli, HTTPS s\u00fcr\u00fcm\u00fc yerine \u015fifresiz, HTTP s\u00fcr\u00fcm\u00fc ile ileti\u015fim kurmaya zorlamak i\u00e7in yeterlidir (baz\u0131 \u00e7ok b\u00fcy\u00fck web siteleri dahil olmak \u00fczere \u00e7o\u011fu internet sitesinde \u015fifreleme do\u011fru \u015fekilde uygulanmaz).<\/p>\n<p>Dolay\u0131s\u0131yla sald\u0131rganlar, sahte a\u011fdaki bu ara\u00e7tan faydalanarak kullan\u0131c\u0131n\u0131n oturum a\u00e7ma bilgilerine ve parolalar\u0131na d\u00fcz metin olarak eri\u015fim sa\u011flayabilir, di\u011fer bir deyi\u015fle onlar\u0131 \u00e7alar.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/Oh4WURZoR98?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<h2>Verilerinizi korumak i\u00e7in ne yapabilirsiniz?<\/h2>\n<p>Wi-Fi a\u011flar\u0131n\u0131n neredeyse hepsindeki bir\u00e7ok cihaz\u0131n KRACK sald\u0131r\u0131s\u0131na kar\u015f\u0131 savunmas\u0131z olmas\u0131 kula\u011fa \u00e7ok korkun\u00e7 gelebilir. Ancak di\u011fer t\u00fcm sald\u0131r\u0131 t\u00fcrlerinde oldu\u011fu gibi bu sald\u0131r\u0131 da d\u00fcnyan\u0131n sonu de\u011fildir. A\u015fa\u011f\u0131da bu sald\u0131r\u0131ya maruz kalma ihtimalinize kar\u015f\u0131 KRACK sald\u0131r\u0131lar\u0131ndan nas\u0131l korunabilece\u011finizle ilgili birka\u00e7 ipucu bulabilirsiniz.<\/p>\n<ul>\n<li>Her zaman taray\u0131c\u0131n\u0131z\u0131n adres \u00e7ubu\u011funda ye\u015fil renkli bir kilit simgesi oldu\u011fundan emin olun. Bu kilit simgesi, girdi\u011finiz web sitesine eri\u015fim i\u00e7in HTTPS (\u015fifreli ve dolay\u0131s\u0131yla g\u00fcvenli) ba\u011flant\u0131s\u0131 kullan\u0131ld\u0131\u011f\u0131n\u0131 g\u00f6sterir. Birisi SSLstrip\u2019i size kar\u015f\u0131 kullanmaya \u00e7al\u0131\u015f\u0131rsa taray\u0131c\u0131 web sitesinin HTTP s\u00fcr\u00fcm\u00fcn\u00fc kullanmaya zorlan\u0131r ve kilit simgesi kaybolur. Kilit simgesi yerinde duruyorsa ba\u011flant\u0131n\u0131z h\u00e2l\u00e2 g\u00fcvende demektir.<\/li>\n<li>Ara\u015ft\u0131rmac\u0131lar, makalelerini yay\u0131nlamadan \u00f6nce baz\u0131 a\u011f cihaz\u0131 \u00fcreticilerini (protokolleri standart hale getiren <a href=\"https:\/\/www.wi-fi.org\" target=\"_blank\" rel=\"noopener nofollow\">Wi-Fi Alliance<\/a> dahil olmak \u00fczere) uyard\u0131. Bu y\u00fczden, muhtemelen \u00fcreticilerin bir\u00e7o\u011fu anahtar\u0131n yeniden y\u00fcklenmesiyle ilgili sorunu d\u00fczeltmek i\u00e7in \u00fcr\u00fcn yaz\u0131l\u0131m\u0131 g\u00fcncellemelerini yay\u0131nlama s\u00fcrecindedir. Cihazlar\u0131n\u0131z i\u00e7in yeni yaz\u0131l\u0131m g\u00fcncellemeleri olup olmad\u0131\u011f\u0131n\u0131 <a href=\"https:\/\/char.gd\/blog\/2017\/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it\" target=\"_blank\" rel=\"noopener nofollow\">kontrol edin<\/a> ve bu g\u00fcncellemeleri en k\u0131sa zamanda y\u00fckleyin.<\/li>\n<li>Ayr\u0131ca cihaz\u0131n\u0131zdan aktar\u0131lan verilere bir \u015fifreleme katman\u0131 daha ekleyen VPN\u2019i kullanarak da ba\u011flant\u0131n\u0131z\u0131n g\u00fcvenli\u011fini sa\u011flayabilirsiniz. <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/vpn-what-you-need-to-know\/3073\/\" target=\"_blank\" rel=\"noopener\">Buradan<\/a> VPN\u2019in ne oldu\u011funu ve nas\u0131l se\u00e7im yapman\u0131z gerekti\u011fi konusunda daha fazla bilgi edinebilir veya hemen <a href=\"https:\/\/kas.pr\/kdvpn\" target=\"_blank\" rel=\"noopener\">Kaspersky Secure Connection<\/a> \u00fcr\u00fcn\u00fcne sahip olabilirsiniz.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"vpn\">\n","protected":false},"excerpt":{"rendered":"<p>G\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n \u00e7o\u011fu, milyonlarca ki\u015fiyi etkilese bile d\u00fcnya n\u00fcfusunun b\u00fcy\u00fck bir k\u0131sm\u0131 taraf\u0131ndan fark edilmez. Ancak bug\u00fcn bas\u0131na yans\u0131yan haberler yak\u0131n zamanda a\u00e7\u0131\u011fa \u00e7\u0131kan Yahoo g\u00fcvenlik ihl\u00e2linden bile daha \u00f6nemli olabilir ve d\u00fcnya \u00e7ap\u0131nda milyarlarca ki\u015fiyi etkileyebilir: Ara\u015ft\u0131rmac\u0131lar t\u00fcm Wi-Fi a\u011flar\u0131n\u0131 g\u00fcvensiz hale getiren bir grup g\u00fcvenlik a\u00e7\u0131\u011f\u0131 buldu.<\/p>\n","protected":false},"author":675,"featured_media":4273,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[1134,744,519,1387,1388,1389,543,794,537,174,1390,1391],"class_list":{"0":"post-4272","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-anahtar","9":"tag-guvenlik","10":"tag-ipuclari-2","11":"tag-krack","12":"tag-krack-attack","13":"tag-krack-saldirisi","14":"tag-saldiri","15":"tag-sifreleme","16":"tag-tehditler","17":"tag-wi-fi","18":"tag-wpa","19":"tag-wpa-2"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/krackattack\/4272\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/krackattack\/11579\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/krackattack\/9751\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/krackattack\/13011\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/krackattack\/11932\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/krackattack\/11578\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/krackattack\/14579\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/krackattack\/14324\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/krackattack\/19022\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/krackattack\/19798\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/krackattack\/9635\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/krackattack\/9742\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/krackattack\/8343\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/krackattack\/14970\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/krackattack\/8667\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/krackattack\/18448\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/krackattack\/18915\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/krackattack\/18905\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/wi-fi\/","name":"wi-fi"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4272","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=4272"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4272\/revisions"}],"predecessor-version":[{"id":7017,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4272\/revisions\/7017"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/4273"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=4272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=4272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=4272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}