{"id":14829,"date":"2024-05-29T21:45:22","date_gmt":"2024-05-29T18:45:22","guid":{"rendered":"https:\/\/sarzimanli.com\/?p=14829"},"modified":"2024-12-11T21:51:38","modified_gmt":"2024-12-11T18:51:38","slug":"veeam-mfa-atlat","status":"publish","type":"post","link":"https:\/\/sarzimanli.com\/index.php\/2024\/05\/29\/veeam-mfa-atlat\/","title":{"rendered":"Veeam Backup G\u00fcvenli\u011fini Art\u0131rma: MFA\u2019n\u0131n Atlat\u0131lmas\u0131 ve \u00c7\u00f6z\u00fcm Yollar\u0131"},"content":{"rendered":"\n

Yedekleme sunucusunun g\u00fcvenli\u011fi, BT altyap\u0131s\u0131n\u0131n kritik bir par\u00e7as\u0131d\u0131r ve titizlikle planlanm\u0131\u015f ve s\u0131k\u0131 \u00f6nlemler gerektirir. \u00c7ok Fakt\u00f6rl\u00fc Kimlik Do\u011frulama (MFA) ek bir g\u00fcvenlik katman\u0131 sunsa da, belirli ko\u015fullar alt\u0131nda atlat\u0131labilir. Bu makalede, Veeam Backup & Replication<\/strong> \u00fczerinde MFA\u2019n\u0131n nas\u0131l atlat\u0131labilece\u011fine dair bir senaryo ve bu t\u00fcr riskleri azaltmak i\u00e7in uygulanabilecek pratik \u00e7\u00f6z\u00fcmler ele al\u0131nm\u0131\u015ft\u0131r.<\/p>\n\n\n\n

Senaryo: MFA lockout olduysa Regedit ile Atlat\u0131lmas\u0131<\/h4>\n\n\n\n

A\u015fa\u011f\u0131daki ad\u0131mlar, MFA\u2019n\u0131n yerel y\u00f6netici eri\u015fimiyle nas\u0131l atlat\u0131labilece\u011fini g\u00f6stermektedir:<\/p>\n\n\n\n

    \n
  1. MFA Lisans Anahtar\u0131n\u0131 Silin<\/strong>:
    \u015eu kay\u0131t defteri yoluna gidin:
    HKEY_LOCAL_MACHINE\\SOFTWARE\\Veeam\\Veeam Backup and Replication\\license\\Lic*<\/code>
    MFA yap\u0131land\u0131rmas\u0131yla ilgili anahtar\u0131 silin.<\/li>\n\n\n\n
  2. Veeam Backup Servisini Yeniden Ba\u015flat\u0131n<\/strong>:
    Windows Hizmet Y\u00f6netimini a\u00e7\u0131n, Veeam Backup Service<\/strong> hizmetini bulun ve yeniden ba\u015flat\u0131n.<\/li>\n\n\n\n
  3. Yedekleme Konsoluna Giri\u015f Yap\u0131n<\/strong>:
    Hizmeti yeniden ba\u015flatt\u0131ktan sonra, Veeam Yedekleme Konsoluna giri\u015f yap\u0131n.<\/li>\n\n\n\n
  4. Lisans\u0131 Yeniden Y\u00fckleyin<\/strong>:
    Lisans dosyas\u0131n\u0131 tekrar y\u00fckleyerek yap\u0131land\u0131rmay\u0131 tamamlay\u0131n.<\/li>\n\n\n\n
  5. MFA\u2019y\u0131 S\u0131f\u0131rlay\u0131n veya Devre D\u0131\u015f\u0131 B\u0131rak\u0131n<\/strong>:
    Bu noktada MFA s\u0131f\u0131rlanabilir veya devre d\u0131\u015f\u0131 b\u0131rak\u0131labilir, bu da sunucuya s\u0131n\u0131rs\u0131z eri\u015fim sa\u011flar.<\/li>\n<\/ol>\n\n\n\n

    Zay\u0131fl\u0131k Analizi<\/h4>\n\n\n\n

    Bu y\u00f6ntem \u00f6nemli bir tasar\u0131m hususunu ortaya koymaktad\u0131r:<\/p>\n\n\n\n

      \n
    • Yerel Y\u00f6netici Eri\u015fimi<\/strong>: Yedekleme sunucusuna do\u011frudan eri\u015fimi olan herhangi bir yerel y\u00f6netici, kay\u0131t defteri anahtarlar\u0131n\u0131 veya yap\u0131land\u0131rmalar\u0131 de\u011fi\u015ftirerek MFA\u2019y\u0131 atlatabilir.<\/li>\n\n\n\n
    • Yedekleme Sunucusu Maruziyeti<\/strong>: Yedekleme sunucusuna uzaktan eri\u015fim verilmesi riski art\u0131r\u0131r, \u00e7\u00fcnk\u00fc potansiyel sald\u0131rganlar benzer zafiyetleri kullanabilir.<\/li>\n<\/ul>\n\n\n\n

      Veeam v12 Tasar\u0131m S\u00fcrecindeki Yakla\u015f\u0131mlar<\/h4>\n\n\n\n

      Veeam v12<\/strong> geli\u015ftirme s\u00fcrecinin erken a\u015famalar\u0131nda, yerel y\u00f6neticiler i\u00e7in MFA sa\u011flamama karar\u0131 al\u0131nm\u0131\u015ft\u0131. Bunun nedeni, bir yerel y\u00f6neticinin sadece MFA\u2019y\u0131 devre d\u0131\u015f\u0131 b\u0131rakabilece\u011fi de\u011fil, ayn\u0131 zamanda yap\u0131land\u0131rmalar\u0131 de\u011fi\u015ftirme veya silme gibi daha k\u00f6t\u00fc eylemler ger\u00e7ekle\u015ftirebilece\u011fi ger\u00e7e\u011fiydi.<\/p>\n\n\n\n

      \u00c7\u00f6z\u00fcm Yollar\u0131<\/h4>\n\n\n\n

      Yedekleme altyap\u0131n\u0131z\u0131 korumak i\u00e7in \u015fu \u00e7\u00f6z\u00fcmleri de\u011ferlendirebilirsiniz:<\/p>\n\n\n\n

        \n
      1. Uzaktan Eri\u015fimi K\u0131s\u0131tlay\u0131n<\/strong>:
        Yedekleme sunucusuna uzaktan giri\u015f yap\u0131lmas\u0131n\u0131 engelleyerek sald\u0131r\u0131 y\u00fczeyini en aza indirin.<\/li>\n\n\n\n
      2. Yedekleme Sunucusu G\u00fcvenli\u011fini G\u00fc\u00e7lendirin<\/strong>:\n
          \n
        • Sunucunun fiziksel g\u00fcvenli\u011fini sa\u011flay\u0131n.<\/li>\n\n\n\n
        • Y\u00f6netici eri\u015fimini yaln\u0131zca g\u00fcvenilir ve s\u0131n\u0131rl\u0131 personele tahsis edin.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
        • A\u011f Segmentasyonu Uygulay\u0131n<\/strong>:
          Yedekleme sunucusunu, genel kullan\u0131c\u0131 eri\u015fiminden izole edilmi\u015f, y\u00fcksek g\u00fcvenlikli bir a\u011f segmentine yerle\u015ftirin.<\/li>\n\n\n\n
        • Denetim \u0130zlerini Etkinle\u015ftirin<\/strong>:
          T\u00fcm y\u00f6netici faaliyetlerini izlemek ve yetkisiz eylemleri h\u0131zl\u0131 bir \u015fekilde tespit etmek i\u00e7in loglama ve izleme ara\u00e7lar\u0131n\u0131 etkinle\u015ftirin.<\/li>\n\n\n\n
        • \u00d6zel Hesaplar Kullan\u0131n<\/strong>:
          Genel y\u00f6netici hesaplar\u0131 yerine, yedekleme i\u015flemleri i\u00e7in s\u0131n\u0131rl\u0131 yetkilere sahip hizmet hesaplar\u0131 kullan\u0131n.<\/li>\n<\/ol>\n\n\n\n

          Sonu\u00e7<\/h4>\n\n\n\n

          MFA, \u00f6nemli bir g\u00fcvenlik \u00f6nlemi olsa da, yerel y\u00f6netici eri\u015fimi oldu\u011funda etkinli\u011fi s\u0131n\u0131rl\u0131d\u0131r. Organizasyonlar, yedekleme sunucular\u0131n\u0131 korumak i\u00e7in g\u00fc\u00e7l\u00fc fiziksel, idari ve teknik kontroller uygulamal\u0131d\u0131r. Uzaktan eri\u015fimi ortadan kald\u0131rarak, s\u0131k\u0131 eri\u015fim politikalar\u0131n\u0131 uygulayarak ve faaliyetleri s\u00fcrekli izleyerek, BT ekipleri zafiyetleri en aza indirebilir ve potansiyel tehditlere kar\u015f\u0131 savunmalar\u0131n\u0131 g\u00fc\u00e7lendirebilir.<\/p>\n","protected":false},"excerpt":{"rendered":"

          Yedekleme sunucusunun g\u00fcvenli\u011fi, BT altyap\u0131s\u0131n\u0131n kritik bir par\u00e7as\u0131d\u0131r ve titizlikle planlanm\u0131\u015f ve s\u0131k\u0131 \u00f6nlemler […]<\/p>\n","protected":false},"author":1,"featured_media":14766,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[382],"tags":[],"class_list":["post-14829","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-veeam"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/posts\/14829","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/comments?post=14829"}],"version-history":[{"count":1,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/posts\/14829\/revisions"}],"predecessor-version":[{"id":14830,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/posts\/14829\/revisions\/14830"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/media\/14766"}],"wp:attachment":[{"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/media?parent=14829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/categories?post=14829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sarzimanli.com\/index.php\/wp-json\/wp\/v2\/tags?post=14829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}