Method for guarding phishing website based on gateway, bridge

A phishing and network bridge technology, applied in network interconnection, network connection, user identity/authority verification, etc., can solve problems such as security flaws, personal confidential data fraud, and inability to filter phishing websites, so as to prevent economic damage Effect
CN101026599AActive Publication Date: 2007-08-29SANGFOR TECH INC
0 Cites 33 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SANGFOR TECH INC
Publication Date
2007-08-29

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
Patent Text Reader

Abstract

The method includes steps: (1) being added between terminal for logging network and network station to be accessed, secure gateway (SG) captures data encrypted by SSL; (2) interface for settings provided on SG lets user induct credible X.509 certificate list; (3) capturing handshaking procedure (HP) in SSL protocol, SG picks up X.509 certificate link transferred by HP; (4) filtering out and stopping illegal SSL connection in certificate link. Or the method uses following steps: (a) connecting SG to device able to monitor user's online data; SG captures a copy of data from normal network station or fishing network station accessed through SSL encrypted tunnel by internal user; (b) interface for settings provided on SG inducts credible X.509 certificate list; (c) capturing HP in SSL protocol, SG picks up X.509 certificate link transferred by HP; (d) validating validity of certificate link; SG sends out command to cut off illegal SSL connection in certificate link.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a method for helping users to filter credible websites (such as online banking and securities websites) pretending to be encrypted with the SSL protocol, that is, a method for identifying phishing websites. Background technique

[0002] In order to prevent user data from being stolen when passing through an untrusted network area, the communication data between users and websites that use SSL protocol encryption (such as online banking, securities websites, etc.) are encrypted by SSL protocol. But encryption only prevents data from being stolen during transmission, and the identity of the other end of communication with the user (the visited website) has not been verified. For example, the other end of communication with the user may be a malicious website masquerading as an online banking website. Such entities that disguise themselves as trusted websites and obtain user confidential data (including user names, passwords, etc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More