Pharming Nedir?

WEBVTT 00:00:02.045 --> 00:00:16.007 Eine der Bedrohungen, über die wir sprechen, oder eine der Anforderungen an Zuverlässigkeit ist, was passieren könnte, wenn die Website oder die Internetseite nicht echt ist? 00:00:16.047 --> 00:00:24.052 Wenn diese genannten Elemente also keine Sicherheit bieten, was könnte uns dann passieren? 00:00:24.432 --> 00:00:28.635 Ich werde versuchen, Ihnen dies anhand der Bedrohung des Farmings zu erklären. 00:00:28.695 --> 00:00:29.396 Was ist Farming? 00:00:29.816 --> 00:00:33.679 Das englische Wort "Farming" bedeutet Landwirtschaft. 00:00:35.454 --> 00:00:47.043 In der pH-Version des Internets bezieht sich Farming auf das ständige Öffnen und Schließen von Kopien einer Website oder einer Internetseite und 00:00:47.083 --> 00:00:48.904 das Ausspionieren auf diese Weise. 00:00:50.125 --> 00:00:53.468 Zusammenfassend ist Farming eine Technik des Cyber-Spionages. 00:00:54.108 --> 00:01:01.614 Farming wird verwendet, um Internetnutzer auf gefälschte Internetseiten zu leiten, die sowohl im Namen als auch visuell dem Original ähneln. 00:01:03.407 --> 00:01:11.913 Der Benutzer glaubt, dass er sich auf der Originalwebsite befindet, also dass er diese Website besucht, und gibt vertrauliche persönliche Daten preis. 00:01:13.815 --> 00:01:20.240 Diese gefälschten Websites befinden sich auf Serverfarmen, die von betrügerischen Betreibern betrieben werden. 00:01:21.294 --> 00:01:23.316 Diese Websites dienen ausschließlich dem Betrug. 00:01:23.417 --> 00:01:29.944 Zum Beispiel wollten wir zum E-Government-Portal, also zur E-Government-Website, gehen und haben ein paar Buchstaben falsch eingegeben. 00:01:30.365 --> 00:01:34.671 Am Ende wurden wir auf eine Website weitergeleitet, die genau wie das E-Government-Portal aussah. 00:01:34.731 --> 00:01:37.715 Auf dieser Website haben wir unsere Personalausweisnummer, 00:01:39.485 --> 00:01:49.588 also unsere Staatsbürgernummer und unseren Namen, unser Geburtsdatum, automatisch geteilt, was bedeutet, dass diese Website über einige Daten verfügt, mit denen sie Spionageaktivitäten gegen uns durchführen könnte. 00:01:49.628 --> 00:01:51.389 Was haben wir gerade gesagt? 00:01:53.210 --> 00:02:04.794 Um nicht auf Farming-Weise Opfer zu werden, können wir sicherstellen, dass eine Website ein HTTPS-Zertifikat hat, und unseren Weg und unsere Transaktionen fortsetzen. 00:02:04.914 --> 00:02:05.554 Bemerken wir nicht, dass große Serverfarmen dazu genutzt werden, nicht authentische Websites in Serie zu betreiben, die zu verschiedenen Zeiten geöffnet und geschlossen werden. 00:02:15.785 --> 00:02:18.526 Also werden Sie fragen, bemerkt das niemand? 00:02:18.806 --> 00:02:26.693 Indem Sie eine Webseite im gleichen Format erstellen und sie durch Ändern eines Buchstabens auf eine andere Domain registrieren, können Sie kontinuierlich auf diese Weise vorgehen, also denken Sie mal so. 00:02:27.213 --> 00:02:34.518 Sie züchten Websites wie Pflanzen und sie sind alle generisch und wachsen auf die gleiche Weise. 00:02:36.395 --> 00:02:42.798 Aber angenommen, sie sind von minderer Qualität und gleichzeitig giftig, diese angebauten Farmprodukte. 00:02:43.838 --> 00:02:47.720 Ich denke, diese Art von Analogie wird uns helfen zu verstehen. 00:02:51.061 --> 00:02:55.383 Wir müssen wissen, dass solche Websites in Serie geöffnet und geschlossen wurden.

WEBVTT 00:00:02.045 --> 00:00:16.007 One of the threats we talk about or reliability requirements is what kind of threats can arise when the website or web page is not real? 00:00:16.047 --> 00:00:24.052 So, when we consider these issues we talked about, what could happen to us if they do not provide security validly? 00:00:24.432 --> 00:00:28.635 I will try to explain this through the farming threat to you. 00:00:28.695 --> 00:00:29.396 What is farming? 00:00:29.816 --> 00:00:33.679 The English word "farming" means agriculture. 00:00:35.454 --> 00:00:47.043 In the version written with pH, it means the method of constantly replicating similar websites or web pages by opening and closing them, and thus 00:00:47.083 --> 00:00:48.904 spying. 00:00:50.125 --> 00:00:53.468 In short, farming is a cyber espionage technique. 00:00:54.108 --> 00:01:01.614 Farming is used to redirect internet users to fake internet pages that resemble the original both in name and visually. 00:01:03.407 --> 00:01:11.913 The user believes that they are on the original website, that is, they believe they have visited this site and reveal their confidential personal data. 00:01:13.815 --> 00:01:20.240 These fake internet sites are located on and operated by scammers running large server farms. 00:01:21.294 --> 00:01:23.316 Such sites are purely fraudulent. 00:01:23.417 --> 00:01:29.944 For example, we wanted to go to the E-Government portal, that is, the E-Government site, and we entered a few letters wrong. 00:01:30.365 --> 00:01:34.671 In the end, they directed us to a site that completely resembles the E-Government portal. 00:01:34.731 --> 00:01:37.715 Within this site, our national identification number. 00:01:39.485 --> 00:01:49.588 In other words, our citizenship number and name, date of birth, sharing automatically means that this site has access to some data that could conduct espionage operations against us. 00:01:49.628 --> 00:01:51.389 What did we just say? 00:01:52.229 --> 00:01:53.170 To avoid being a victim of phishing, we can continue our path and transactions by ensuring that HTTPS, that is, the security certificate, is present on a site. 00:02:04.914 --> 00:02:05.554 we can continue our path and transactions by ensuring that HTTPS, that is, the security certificate, is present on a site. 00:02:09.181 --> 00:02:15.745 Let's not forget that large server farms are operated by opening and closing fake sites in series at different times. 00:02:15.785 --> 00:02:18.526 So you might ask, doesn't anyone notice this? 00:02:18.806 --> 00:02:26.693 By registering the same format webpage with just one letter changed to a different domain name, constantly in this way, think about it like this. 00:02:27.213 --> 00:02:34.518 You are growing internet sites like you grow crops, and they are all generic things that grow the same way. 00:02:36.395 --> 00:02:42.798 But, assuming that these grown farm products are below a certain quality and also poisonous. 00:02:43.838 --> 00:02:47.720 I think this analogy will be enough for us to understand this kind of situation. 00:02:51.061 --> 00:02:55.383 And what we need to know is that these types of websites were opened and closed in series.

WEBVTT 00:00:02.045 --> 00:00:16.007 Bu tehditlerden bahsettiğimiz veya güvenilirlik gerekliliklerinden Bir tanesi de web sitesinin, internet sayfasının gerçek olmadığında ne gibi tehditler doğurabilecek? 00:00:16.047 --> 00:00:24.052 Yani hani bu bahsettiğimiz öyeleri ele aldığımızda eğer bunlar geçerli olarak bir güvenlik sağlamıyorsa başımıza neler gelebilir? 00:00:24.432 --> 00:00:28.635 Bunu farming tehdidi üzerinden anlatmaya çalışacağımı size. 00:00:28.695 --> 00:00:29.396 Farming nedir? 00:00:29.816 --> 00:00:33.679 İngilizce farming kelimesi çiftçilik tarım anlamına gelir. 00:00:35.454 --> 00:00:47.043 pH ile yazılan versiyonda interneti bir web sitesinin, bir internet sayfasının benzerlerinin sürekli açılıp kapanmak yöntemiyle çoğaltılması ve bu şekilde 00:00:47.083 --> 00:00:48.904 de casusluk yapılması anlamına gelir. 00:00:50.125 --> 00:00:53.468 Özetle farming bir siber casusluk tekniğidir. 00:00:54.108 --> 00:01:01.614 Farming internet kullanıcılarını hem isim hem de görsel bir şekilde orijinaline benzeyen sahte internet sefelerine yönlendirme amacıyla kullanılır. 00:01:03.407 --> 00:01:11.913 Kullanıcı orijinal web sitesine, internet sitesinde olduğuna inanır, yani bu siteyi ziyaret ettiğine inanır ve gizli kişisel verilerini açık eder. 00:01:13.815 --> 00:01:20.240 Bu sahte internet sitesleri büyük sunucu çiftlikleri işleten dolandırıcıların sunucularına bulunur ve işletilir. 00:01:21.294 --> 00:01:23.316 Bu tür sitelerin tek an önce dolandırıcılıktır. 00:01:23.417 --> 00:01:29.944 Mesela E-Devlet kapısına, yani E-Devlet sitesine gitmek istedik ve birkaç tane harfi yanlış girdik. 00:01:30.365 --> 00:01:34.671 Sonucunda bizi tamamen E-Devlet kapısına benzeyen bir siteye yönlendirdiler. 00:01:34.731 --> 00:01:37.715 Bu sitenin içerisinde nüfus kimliği numaramızı. 00:01:39.485 --> 00:01:49.588 Yani vatandaşlık numaramızı ve ismimizi, doğum tarihimizi, paylaşmamız otomatik olarak bu sitenin bizim tarafımıza, aleyhimize casusluk işlemleri gerçekleştirebileceği 00:01:49.628 --> 00:01:51.389 bazı verilere sahip olduğu anlamına gelir. 00:01:52.229 --> 00:01:53.170 Az önce ne demiştik? 00:01:53.210 --> 00:02:04.794 Farmingden bir şekilde mağdur olmamak için HTTPS yani güvenlik sertifikasının bir sitenin içerisinde bulunduğundan emin olarak yolumuza ve işlemlerimize 00:02:04.914 --> 00:02:05.554 devam edebiliriz. 00:02:09.181 --> 00:02:15.745 Büyük sunucu çiftlikleri unutmayalım ki gerçek olmayan sitelerin seri olarak farklı anlarda açılıp kapatılması yoluyla işletilmektedir. 00:02:15.785 --> 00:02:18.526 Yani diyeceksiniz ki ya kimse bunun farkına varmıyor mu? 00:02:18.806 --> 00:02:26.693 Aynı formattaki web sayfasını işte bir tane harf değiştirerek farklı bir alan adına kaydettirerek sürekli olarak bu şekilde yani şöyle düşünün. 00:02:27.213 --> 00:02:34.518 Mahsul yetiştirir gibi internet sitesi yetiştiriyorsunuz ve bunların hepsi jenerik aynı şekilde yetişen şeyler. 00:02:36.395 --> 00:02:42.798 Fakat yani hani belirli bir kalitenin altında ve aynı zamanda da zehirli olduğunu varsayalım bu yetiştirilen çiftlik mahsullerinin. 00:02:43.838 --> 00:02:47.720 Bu tür bir anoloji anlamamız için yeterli olacaktır diye düşünüyorum. 00:02:51.061 --> 00:02:55.383 Ve bilmemiz gereken bu tür sitelerin seri olarak açıldı ve kapatıldı.